lgoogloader | a020ef28937a1415b7f901865288f6c080a7dca39bc0428e2145cd99e8ad8168 | Triage

Sharing

General

Target

a020ef28937a1415b7f901865288f6c080a7dca39bc0428e2145cd99e8ad8168
Size

43KB
Sample

240217-hfdhwscb7y
MD5

96b7855c21a38be40a91071a3e6a836b
SHA1

95eed0ab1da21e614e40eb22a54572f874fee757
SHA256

a020ef28937a1415b7f901865288f6c080a7dca39bc0428e2145cd99e8ad8168
SHA512

bf9e2daf2d126adc41c1760a9930afeae7dd4dd3b712d28aa349f7bb797be929ae4ddc91cf86cdf634761ca40ef819c7f77849a752cf19967c89e0752c6b67f5
SSDEEP

768:PhaPZMnK+75bDKRGfCaZAuCmYVbEbNXz8mVnwASFv/DgZlSu7bEFiRY:PhaynKu5bDKRGfCICXZEbFz8mVnwFDXL

Score

10^/10

lgoogloader downloader evasion trojan

Malware Config

Targets

- Target
  
  a020ef28937a1415b7f901865288f6c080a7dca39bc0428e2145cd99e8ad8168
- Size
  
  43KB
- MD5
  
  96b7855c21a38be40a91071a3e6a836b
- SHA1
  
  95eed0ab1da21e614e40eb22a54572f874fee757
- SHA256
  
  a020ef28937a1415b7f901865288f6c080a7dca39bc0428e2145cd99e8ad8168
- SHA512
  
  bf9e2daf2d126adc41c1760a9930afeae7dd4dd3b712d28aa349f7bb797be929ae4ddc91cf86cdf634761ca40ef819c7f77849a752cf19967c89e0752c6b67f5
- SSDEEP
  
  768:PhaPZMnK+75bDKRGfCaZAuCmYVbEbNXz8mVnwASFv/DgZlSu7bEFiRY:PhaynKu5bDKRGfCICXZEbFz8mVnwFDXL
Score

10^/10

lgoogloader downloader evasion trojan
- Detects LgoogLoader payload
- LgoogLoader
  A downloader capable of dropping and executing other malware families.
  downloader lgoogloader
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

lgoogloaderdownloaderevasiontrojan