General
-
Target
c4290abc9b05d22cb4112768759acf854f881d08e697528fa2549740f89b9d75.exe
-
Size
40KB
-
Sample
240212-e4gnnsbf23
-
MD5
fcb6adcf738982cca1afdf3710ba489b
-
SHA1
5b62a4044f9598085ea48d1984d901c85ec88723
-
SHA256
c4290abc9b05d22cb4112768759acf854f881d08e697528fa2549740f89b9d75
-
SHA512
40d64e13d0d34efeb1c1c3dc4f3755a393aab85baa2e29f3f9587300d3142d68cc4eb00fe274b2337b4cd1d3a2fa89bdf484fd0c484d36abe2cdd89d26142b4e
-
SSDEEP
768:Gro0B38UZCob4fgl4zmzU6+8NaL7oRoEOqBEFiRmmY:GJsI0gl4zYQ7aoEOUeiZY
Static task
static1
Behavioral task
behavioral1
Sample
c4290abc9b05d22cb4112768759acf854f881d08e697528fa2549740f89b9d75.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
c4290abc9b05d22cb4112768759acf854f881d08e697528fa2549740f89b9d75.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
c4290abc9b05d22cb4112768759acf854f881d08e697528fa2549740f89b9d75.exe
-
Size
40KB
-
MD5
fcb6adcf738982cca1afdf3710ba489b
-
SHA1
5b62a4044f9598085ea48d1984d901c85ec88723
-
SHA256
c4290abc9b05d22cb4112768759acf854f881d08e697528fa2549740f89b9d75
-
SHA512
40d64e13d0d34efeb1c1c3dc4f3755a393aab85baa2e29f3f9587300d3142d68cc4eb00fe274b2337b4cd1d3a2fa89bdf484fd0c484d36abe2cdd89d26142b4e
-
SSDEEP
768:Gro0B38UZCob4fgl4zmzU6+8NaL7oRoEOqBEFiRmmY:GJsI0gl4zYQ7aoEOUeiZY
Score10/10-
Detects LgoogLoader payload
-
LgoogLoader
A downloader capable of dropping and executing other malware families.
-
Detects Windows exceutables bypassing UAC using CMSTP utility, command line and INF
-
Detects Windows executables referencing non-Windows User-Agents
-
Detects executables containing artifacts associated with disabling Widnows Defender
-
Detects executables embedding command execution via IExecuteCommand COM object
-
Detects executables potentially checking for WinJail sandbox window
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-