lgoogloader | fed161ae617fd483308f66110a4b43594e39602c7ba11dbb7fb6e79fd6f4fbbf | Triage

Sharing

General

Target

file.exe
Size

42KB
Sample

230609-ksqebscd8t
MD5

fea015b6e2f3c5dfed94fbd3935fb365
SHA1

0ab3ccbef0de345f6fc3edb3e0320f77ddfa4255
SHA256

fed161ae617fd483308f66110a4b43594e39602c7ba11dbb7fb6e79fd6f4fbbf
SHA512

f237b3fcf5292271fd0801db18a5d94215d405265999d68e7f071d243b02876f49e8b94150e70ef5a17e5fe14d9c3d9faee8f28efd58bcd918e1e8d9e6dbdcf1
SSDEEP

768:JOIW7du3neRXZHxjim11Nvw4/bTTay0CE5qb4rafFf9:JOdu3nIPR11R/bTTarefFf9

Score

10^/10

lgoogloader downloader persistence

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  42KB
- MD5
  
  fea015b6e2f3c5dfed94fbd3935fb365
- SHA1
  
  0ab3ccbef0de345f6fc3edb3e0320f77ddfa4255
- SHA256
  
  fed161ae617fd483308f66110a4b43594e39602c7ba11dbb7fb6e79fd6f4fbbf
- SHA512
  
  f237b3fcf5292271fd0801db18a5d94215d405265999d68e7f071d243b02876f49e8b94150e70ef5a17e5fe14d9c3d9faee8f28efd58bcd918e1e8d9e6dbdcf1
- SSDEEP
  
  768:JOIW7du3neRXZHxjim11Nvw4/bTTay0CE5qb4rafFf9:JOdu3nIPR11R/bTTarefFf9
Score

10^/10

persistence lgoogloader downloader
- Detects LgoogLoader payload
- LgoogLoader
  A downloader capable of dropping and executing other malware families.
  downloader lgoogloader
- Sets service image path in registry
  persistence
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lgoogloaderdownloaderpersistence