Extracted

• • Target

    B3gkHhPlWv3DOsB.exe

  • Size

    845KB

  • MD5

    35a5963bfb1fa8b5e3851378959ac522

  • SHA1

    b1c035b8221c06e14311eda738df7e28a6559514

  • SHA256

    77b7fa89c446b127b0c1d8ad0c5dc5fb57c8121dd3c40a67b77e5c0a35d75114

  • SHA512

    851bd78e047d34a27f532e808bbe6e27cc9b7e09a39bd26ed69b121f9b377a85a381e50f73d8b1775987d7582300b963cf7be119e9cb7334d490d21dacdddd80

  Score

  10^/10

  ransomwarespywarestealermasslogger

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2