Overview

overview

10

Static

static

3

file.exe

windows7-x64

8

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    396KB

  • Sample

    230610-3cjkysgg6y

  • MD5

    4d72075fa2a204a8ce0426bced106606

  • SHA1

    63789a49e7537473b06564bba325f9990a392ab9

  • SHA256

    1bb8f0bff992068eaf0d4c18735408f3bbdeb60cc9085e0a7d44cbf290b13dae

  • SHA512

    7c6cdbf1a06d01580960900525c20b5b56457fcbf0e6591416f5679f9130441f403ab943dd857faf43b5a1060563cf125b135362a7bb434219420c93d6100214

  • SSDEEP

    3072:b2/dgePzQimSelrXx0ooARRMkAHFIxobrvZkJv6SjaFvVmuLyRpPS68urGh3LzsR:ATPzHEVmooARiXCFT2Fp6SQaofZAm

Score
10/10
lgoogloaderdownloaderpersistence

Malware Config

Targets

    • Target

      file.exe

    • Size

      396KB

    • MD5

      4d72075fa2a204a8ce0426bced106606

    • SHA1

      63789a49e7537473b06564bba325f9990a392ab9

    • SHA256

      1bb8f0bff992068eaf0d4c18735408f3bbdeb60cc9085e0a7d44cbf290b13dae

    • SHA512

      7c6cdbf1a06d01580960900525c20b5b56457fcbf0e6591416f5679f9130441f403ab943dd857faf43b5a1060563cf125b135362a7bb434219420c93d6100214

    • SSDEEP

      3072:b2/dgePzQimSelrXx0ooARRMkAHFIxobrvZkJv6SjaFvVmuLyRpPS68urGh3LzsR:ATPzHEVmooARiXCFT2Fp6SQaofZAm

    Score
    10/10
    persistencelgoogloaderdownloader

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

      downloaderlgoogloader

    • Sets service image path in registry

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks