Overview

overview

10

Static

static

3

file.exe

windows7-x64

5

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    563KB

  • Sample

    230724-avmfcahg4z

  • MD5

    0555a32409b8fd438e4eb003c44647d7

  • SHA1

    f6c8a8b801cf9043177cbc954ec67777b0d27408

  • SHA256

    2471e14de265a1cc39ea6030cec91bc81960aebcb02d50e0e59cb31fc55552e6

  • SHA512

    49517c311334cb814aa8dfa7f95d91ffc2d680950412674b0c73eaae6027e3e8f22a4eabd5973701d15717634710d136592ca34a8e85f242909689e2f3c64768

  • SSDEEP

    12288:kpUr8iKsDZHHgePx2WWlYLtqnxk5pdR4JoFbQPhLpkgfhRm7PHa:ya8iDBgox/WaLtekj74SF8PhOgffg/a

Score
10/10
lgoogloaderdownloader

Malware Config

Targets

    • Target

      file.exe

    • Size

      563KB

    • MD5

      0555a32409b8fd438e4eb003c44647d7

    • SHA1

      f6c8a8b801cf9043177cbc954ec67777b0d27408

    • SHA256

      2471e14de265a1cc39ea6030cec91bc81960aebcb02d50e0e59cb31fc55552e6

    • SHA512

      49517c311334cb814aa8dfa7f95d91ffc2d680950412674b0c73eaae6027e3e8f22a4eabd5973701d15717634710d136592ca34a8e85f242909689e2f3c64768

    • SSDEEP

      12288:kpUr8iKsDZHHgePx2WWlYLtqnxk5pdR4JoFbQPhLpkgfhRm7PHa:ya8iDBgox/WaLtekj74SF8PhOgffg/a

    Score
    10/10
    lgoogloaderdownloader

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

      downloaderlgoogloader

    • Uses the VBS compiler for execution

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks