Overview

overview

10

Static

static

1

a4e55b134f...40.exe

windows7-x64

3

a4e55b134f...40.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a4e55b134fe1f35e2c86ddefc420c840.exe

  • Size

    29KB

  • Sample

    240204-x9xaesbbhq

  • MD5

    a4e55b134fe1f35e2c86ddefc420c840

  • SHA1

    24f1c3f2bd6b6dc50eba24d1dec9465c135e6a63

  • SHA256

    2b52ff31f1e3eeb17b8cc6fe5aa354fe787b97818f31fec5c60489636d62a54e

  • SHA512

    eae7e548ebb816af1f319489b8cc6b2aefc7129c2c9eb214da65dc950d57af32d7496d3ccbe98ef9575ee55199b9b6fd000c071fa61d551dbe39a42b49597681

  • SSDEEP

    768:plOpnqjUI/I7ss4TufgvF9YiOIz4dEFiRm:nO0s4Tufgvvlxz8ei

Score
10/10
lgoogloaderdownloaderevasiontrojan

Malware Config

Targets

    • Target

      a4e55b134fe1f35e2c86ddefc420c840.exe

    • Size

      29KB

    • MD5

      a4e55b134fe1f35e2c86ddefc420c840

    • SHA1

      24f1c3f2bd6b6dc50eba24d1dec9465c135e6a63

    • SHA256

      2b52ff31f1e3eeb17b8cc6fe5aa354fe787b97818f31fec5c60489636d62a54e

    • SHA512

      eae7e548ebb816af1f319489b8cc6b2aefc7129c2c9eb214da65dc950d57af32d7496d3ccbe98ef9575ee55199b9b6fd000c071fa61d551dbe39a42b49597681

    • SSDEEP

      768:plOpnqjUI/I7ss4TufgvF9YiOIz4dEFiRm:nO0s4Tufgvvlxz8ei

    Score
    10/10
    lgoogloaderdownloaderevasiontrojan

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

      downloaderlgoogloader

    • UAC bypass

      evasiontrojan

    • Windows security bypass

      evasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Windows security modification

      evasiontrojan

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks