Overview

overview

10

Static

static

1

2b52ff31f1...4e.exe

windows7-x64

3

2b52ff31f1...4e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a4e55b134fe1f35e2c86ddefc420c840.bin

  • Size

    16KB

  • Sample

    240206-dhlvtsdhh5

  • MD5

    fde608d959ccf73630d45b1a0b914ccd

  • SHA1

    b63bbce72848d00561199525491317e878d93a48

  • SHA256

    33f65eee54a21ad25b149b095575ffa9479d204405b6a40f52990603b8107085

  • SHA512

    51829a91d2b3e7cc49529af4a8a06027fc833b47775ea4513600539f61f5c0977659ba28ab889bf5c73aff5620fe0c3db5d4e034172619de72269a22ffcf9dde

  • SSDEEP

    384:VaRQ3nu/LUrV3gV/RjnRJelH7bOC/9TFWp85uNOUYs1Z:VaRQ3uzUri9ZRubqK4j

Score
10/10
lgoogloaderdownloaderevasiontrojan

Malware Config

Targets

    • Target

      2b52ff31f1e3eeb17b8cc6fe5aa354fe787b97818f31fec5c60489636d62a54e.exe

    • Size

      29KB

    • MD5

      a4e55b134fe1f35e2c86ddefc420c840

    • SHA1

      24f1c3f2bd6b6dc50eba24d1dec9465c135e6a63

    • SHA256

      2b52ff31f1e3eeb17b8cc6fe5aa354fe787b97818f31fec5c60489636d62a54e

    • SHA512

      eae7e548ebb816af1f319489b8cc6b2aefc7129c2c9eb214da65dc950d57af32d7496d3ccbe98ef9575ee55199b9b6fd000c071fa61d551dbe39a42b49597681

    • SSDEEP

      768:plOpnqjUI/I7ss4TufgvF9YiOIz4dEFiRm:nO0s4Tufgvvlxz8ei

    Score
    10/10
    lgoogloaderdownloaderevasiontrojan

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

      downloaderlgoogloader

    • UAC bypass

      evasiontrojan

    • Windows security bypass

      evasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Windows security modification

      evasiontrojan

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks