Overview

overview

10

Static

static

1

f122b9d1de...93.exe

windows7-x64

1

f122b9d1de...93.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    09b4e748b895299fc1a91a0403bd7a7c.bin

  • Size

    26KB

  • Sample

    240212-bde6daea6v

  • MD5

    501a605fb389aaade9ec7285d0302740

  • SHA1

    41805af369cdc381075dcef5726fda44046d2013

  • SHA256

    2489717bd3f0aed67295b2c484e722536a7525b56fd07b6e2ff0a2e0253c3238

  • SHA512

    bd81eddc8ce4efc30fce7a004b3d3fb26f485f33e8e5885018bcfd75ca793ea87d4c1d37ef785ff69822ef51e9fc24c24445eb73d10df153bcdc44455bd55f7a

  • SSDEEP

    768:T1/EjJbT0OucOaZ9Ed+zZpQx0ThJWjCWgiVzMPl35WcQ:pElT0zIe4zZpQOmgAzMB5W/

Score
10/10
lgoogloaderdownloaderevasiontrojan

Malware Config

Targets

    • Target

      f122b9d1ded8b58f9bfa3cffc77a5536cd112678aeab2065841478a70a712193.exe

    • Size

      40KB

    • MD5

      09b4e748b895299fc1a91a0403bd7a7c

    • SHA1

      92a216ab7b1c49fceb30fdeefdb3d6f2b33a87f5

    • SHA256

      f122b9d1ded8b58f9bfa3cffc77a5536cd112678aeab2065841478a70a712193

    • SHA512

      0f0b9843494ed082fcb7de5e0635ce829034ae0e7f0452bc0791abe79035c9c6b0ad1a11478e76d2b016cc5e4a327003ae873669e719c900787757be201b1886

    • SSDEEP

      768:CM81CbpqwmemPP3jYG8hEzo3opqTrwEckEFiRW:cwaPPJqoQTrwEFeiI

    Score
    10/10
    lgoogloaderdownloaderevasiontrojan

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

      downloaderlgoogloader

    • UAC bypass

      evasiontrojan

    • Windows security bypass

      evasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Windows security modification

      evasiontrojan

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks