Overview

overview

10

Static

static

1

fe85b4ea94...6e.exe

windows7-x64

3

fe85b4ea94...6e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe85b4ea945caea2549ad04ffb788dd1064583d464ca423d74e529022482bc6e

  • Size

    53KB

  • Sample

    240213-z3w27ahc9y

  • MD5

    0799381c31c822ba44e4149efc11bd3b

  • SHA1

    90aaf5739e8153ae9a24d3f8c6a17d0aa06e531b

  • SHA256

    fe85b4ea945caea2549ad04ffb788dd1064583d464ca423d74e529022482bc6e

  • SHA512

    dcb0d6836d9f7c2b3f4489bad440601c09ffd90fc9ac3f6b532541559de7a6fc312ff4ede45b481ea5077478f9271bde768e705ca9e9a7745031d0df4dee4990

  • SSDEEP

    768:ByXcG6uIVBBl/gya+2908szeYTPmALOP2ZsLbVXkidhcWEFiR4:ByXcsIn/gj90ypqOP2AVX7cWeiS

Score
10/10
lgoogloaderdownloaderevasiontrojan

Malware Config

Targets

    • Target

      fe85b4ea945caea2549ad04ffb788dd1064583d464ca423d74e529022482bc6e

    • Size

      53KB

    • MD5

      0799381c31c822ba44e4149efc11bd3b

    • SHA1

      90aaf5739e8153ae9a24d3f8c6a17d0aa06e531b

    • SHA256

      fe85b4ea945caea2549ad04ffb788dd1064583d464ca423d74e529022482bc6e

    • SHA512

      dcb0d6836d9f7c2b3f4489bad440601c09ffd90fc9ac3f6b532541559de7a6fc312ff4ede45b481ea5077478f9271bde768e705ca9e9a7745031d0df4dee4990

    • SSDEEP

      768:ByXcG6uIVBBl/gya+2908szeYTPmALOP2ZsLbVXkidhcWEFiR4:ByXcsIn/gj90ypqOP2AVX7cWeiS

    Score
    10/10
    lgoogloaderdownloaderevasiontrojan

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

      downloaderlgoogloader

    • UAC bypass

      evasiontrojan

    • Windows security bypass

      evasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Windows security modification

      evasiontrojan

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks