lgoogloader | dcffc23486ddb6873a0b9149092ddf77c737a018e06ff7638b60e06c06e57b59 | Triage

Sharing

General

Target

file.exe
Size

30KB
Sample

230605-zqex5sag76
MD5

2cec8b52f960c604e0d2abe39e984de3
SHA1

296052155e7adab51195943bded45fce3a49a5e5
SHA256

dcffc23486ddb6873a0b9149092ddf77c737a018e06ff7638b60e06c06e57b59
SHA512

e27a82f73042a175245f00544dfc7dd358999b3bf66db42de67bdbf8ed8dbda09cd123a90e9b503e87667f9efed11d2109bd478370a37b19b1431f18992aa819
SSDEEP

384:tP8qP946MVd4/ezNZUG9bxcz6MQ6B7LMQD6X4Fi1EU96B2Jq29N6a2QG3KUzVGlh:mq2VmA6BnOX4O968vXMGlBCjfUN3eYeU

Score

10^/10

lgoogloader downloader persistence

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  30KB
- MD5
  
  2cec8b52f960c604e0d2abe39e984de3
- SHA1
  
  296052155e7adab51195943bded45fce3a49a5e5
- SHA256
  
  dcffc23486ddb6873a0b9149092ddf77c737a018e06ff7638b60e06c06e57b59
- SHA512
  
  e27a82f73042a175245f00544dfc7dd358999b3bf66db42de67bdbf8ed8dbda09cd123a90e9b503e87667f9efed11d2109bd478370a37b19b1431f18992aa819
- SSDEEP
  
  384:tP8qP946MVd4/ezNZUG9bxcz6MQ6B7LMQD6X4Fi1EU96B2Jq29N6a2QG3KUzVGlh:mq2VmA6BnOX4O968vXMGlBCjfUN3eYeU
Score

10^/10

persistence lgoogloader downloader
- Detects LgoogLoader payload
- LgoogLoader
  A downloader capable of dropping and executing other malware families.
  downloader lgoogloader
- Sets service image path in registry
  persistence
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lgoogloaderdownloaderpersistence