Overview

overview

10

Static

static

1

cbfbeaf0a6...1e.exe

windows7-x64

1

cbfbeaf0a6...1e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cbfbeaf0a6e70056f43406053cd61f1e

  • Size

    63KB

  • Sample

    240215-ep9qxagc3s

  • MD5

    cbfbeaf0a6e70056f43406053cd61f1e

  • SHA1

    b7088a9f29b8ab84aedaffec81441580775d5393

  • SHA256

    fa776a4e5e0653f7856a19c3a9fbdad306eb9365cb553bc223d8075be5f5cd3b

  • SHA512

    2930b11123191108d66e1bba5cb43f34ca963c424f6dd9c61751db62cef3039773dd100c179909d30099953513ca6eb07e29732af7928d2602c35a8020271c5c

  • SSDEEP

    1536:7PlU35kjwNUMhTsjJOCq29suranxH2ufS/TGfb1eis:7P2jU+Tsjs22gaxH2zTGAb

Score
10/10
lgoogloaderdownloaderevasiontrojan

Malware Config

Targets

    • Target

      cbfbeaf0a6e70056f43406053cd61f1e

    • Size

      63KB

    • MD5

      cbfbeaf0a6e70056f43406053cd61f1e

    • SHA1

      b7088a9f29b8ab84aedaffec81441580775d5393

    • SHA256

      fa776a4e5e0653f7856a19c3a9fbdad306eb9365cb553bc223d8075be5f5cd3b

    • SHA512

      2930b11123191108d66e1bba5cb43f34ca963c424f6dd9c61751db62cef3039773dd100c179909d30099953513ca6eb07e29732af7928d2602c35a8020271c5c

    • SSDEEP

      1536:7PlU35kjwNUMhTsjJOCq29suranxH2ufS/TGfb1eis:7P2jU+Tsjs22gaxH2zTGAb

    Score
    10/10
    lgoogloaderdownloaderevasiontrojan

    • Detects LgoogLoader payload

    • LgoogLoader

      A downloader capable of dropping and executing other malware families.

      downloaderlgoogloader

    • UAC bypass

      evasiontrojan

    • Windows security bypass

      evasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Windows security modification

      evasiontrojan

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks