General
-
Target
fa776a4e5e0653f7856a19c3a9fbdad306eb9365cb553bc223d8075be5f5cd3b.exe
-
Size
63KB
-
Sample
240216-g96k4ace56
-
MD5
cbfbeaf0a6e70056f43406053cd61f1e
-
SHA1
b7088a9f29b8ab84aedaffec81441580775d5393
-
SHA256
fa776a4e5e0653f7856a19c3a9fbdad306eb9365cb553bc223d8075be5f5cd3b
-
SHA512
2930b11123191108d66e1bba5cb43f34ca963c424f6dd9c61751db62cef3039773dd100c179909d30099953513ca6eb07e29732af7928d2602c35a8020271c5c
-
SSDEEP
1536:7PlU35kjwNUMhTsjJOCq29suranxH2ufS/TGfb1eis:7P2jU+Tsjs22gaxH2zTGAb
Static task
static1
Behavioral task
behavioral1
Sample
fa776a4e5e0653f7856a19c3a9fbdad306eb9365cb553bc223d8075be5f5cd3b.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
fa776a4e5e0653f7856a19c3a9fbdad306eb9365cb553bc223d8075be5f5cd3b.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
fa776a4e5e0653f7856a19c3a9fbdad306eb9365cb553bc223d8075be5f5cd3b.exe
-
Size
63KB
-
MD5
cbfbeaf0a6e70056f43406053cd61f1e
-
SHA1
b7088a9f29b8ab84aedaffec81441580775d5393
-
SHA256
fa776a4e5e0653f7856a19c3a9fbdad306eb9365cb553bc223d8075be5f5cd3b
-
SHA512
2930b11123191108d66e1bba5cb43f34ca963c424f6dd9c61751db62cef3039773dd100c179909d30099953513ca6eb07e29732af7928d2602c35a8020271c5c
-
SSDEEP
1536:7PlU35kjwNUMhTsjJOCq29suranxH2ufS/TGfb1eis:7P2jU+Tsjs22gaxH2zTGAb
Score10/10-
Detects LgoogLoader payload
-
LgoogLoader
A downloader capable of dropping and executing other malware families.
-
Detects Windows exceutables bypassing UAC using CMSTP utility, command line and INF
-
Detects Windows executables referencing non-Windows User-Agents
-
Detects executables containing artifacts associated with disabling Widnows Defender
-
Detects executables embedding command execution via IExecuteCommand COM object
-
Detects executables potentially checking for WinJail sandbox window
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-