Overview

overview

10

Static

static

3

file.exe

windows7-x64

8

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    44KB

  • Sample

    230608-vlthhsha66

  • MD5

    76aba677b9ce27bb4f85679c7cf8cbf8

  • SHA1

    4df3295e5bb241fbc6557375f524892e1f5ec71e

  • SHA256

    1f615d78b355710026465136efbc424c3ce9d3726acb7f0a6be2fcfdf755d13e

  • SHA512

    53d08069f375b8cd9286118acd0a28bad7d9666bb6c7f6f2659d4735ea0aa9632c89e323c378d13d68d2565fb6d128493b85d671e277340832b8de15aeb2669f

  • SSDEEP

    768:/b72nSvdubXpdtpnii/ZXA1IaxoGceVt3+Y4X7hd8ay0CE5qb4raflIOa:NFuLpViiBw1IurTC7hqareflIOa

Score
10/10
lgoogloaderdownloaderpersistence

Malware Config

Targets

    • Target

      file.exe

    • Size

      44KB

    • MD5

      76aba677b9ce27bb4f85679c7cf8cbf8

    • SHA1

      4df3295e5bb241fbc6557375f524892e1f5ec71e

    • SHA256

      1f615d78b355710026465136efbc424c3ce9d3726acb7f0a6be2fcfdf755d13e

    • SHA512

      53d08069f375b8cd9286118acd0a28bad7d9666bb6c7f6f2659d4735ea0aa9632c89e323c378d13d68d2565fb6d128493b85d671e277340832b8de15aeb2669f

    • SSDEEP

      768:/b72nSvdubXpdtpnii/ZXA1IaxoGceVt3+Y4X7hd8ay0CE5qb4raflIOa:NFuLpViiBw1IurTC7hqareflIOa

    Score
    10/10
    persistencelgoogloaderdownloader

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

      downloaderlgoogloader

    • Sets service image path in registry

      persistence

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks