LMIGuardianSvc.exe (LogMeIn) Abused to Sideload Malicious DLL | OSArmor Blog
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID 2bdbd69a-90f1-4e10-abb8-247865c127f4
Fingerprint 14960039936cd5c3
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 7, 2023, 12:10 a.m.
Added to db Aug. 13, 2023, 4:11 p.m.
Last updated Nov. 17, 2024, 10:40 p.m.
Headline LMIGuardianSvc.exe (LogMeIn) Abused to Sideload Malicious DLL
Title LMIGuardianSvc.exe (LogMeIn) Abused to Sideload Malicious DLL | OSArmor Blog
Detected Hints/Tags/Attributes 15/2/15
Source URLs
Redirection Url
Details Source https://blog.osarmor.com/311/lmiguardiansvc-exe-logmein-abused-to-sideload-malicious-dll/
URL Provider
Details Provider Source level domain
Details osarmor.com blog.osarmor.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 44 https://blog.osarmor.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 14 
lmiguardiansvc.exe
Details File 2126 
cmd.exe
Details File 409 
c:\windows\system32\cmd.exe
Details File 4 
lmiguardiandat.dat
Details File 6 
lmiguardiandll.dll
Details File 81 
werfault.exe
Details md5 1 
64796C7C87D04821ADBED23B10DF1561
Details md5 1 
1338724BAEC048F600ED982AD811ECF0
Details md5 1 
93A4E2B886E2815B6B732A2380B0F068
Details sha1 1 
a6dc882f68068e1a5eb82cb1a721341f835ef93c
Details sha1 1 
7cbf6cb53214f11904e63bb7493999a3b2e88b62
Details sha1 1 
5cbfa13b74917aabbfb4d714c53afb1ac20b10e6
Details sha256 2 
8c4926dd32204b6a666b274a78ccfb16fe84bbd7d6bc218a5310970c4c5d9450
Details sha256 2 
ee2c8909089f53aafc421d9853c01856b0a9015eba12aa0382e98417d28aef3f
Details sha256 3 
26c855264896db95ed46e502f2d318e5f2ad25b59bdc47bd7ffe92646102ae0d