General
-
Target
Request for new order.exe
-
Size
875KB
-
Sample
200630-zz6wvgsten
-
MD5
f6e60d4e007049b18de4fb87c38927c3
-
SHA1
bba2fcd204840b1235dea163bbfeae3a59e3b763
-
SHA256
495fdf3a95e1f56f9ec94bfdcdafe87a41be371947f24853c18cc98b24a6a281
-
SHA512
a46e7a014a3dd577a5e9d7976845185c1f45c6c321bf8cd3c364576afbdccbe0fca7b0057f63e13416c81a60a0e63bce9c2e4ce5b26801cb179a4e6a6c62b5c3
Static task
static1
Behavioral task
behavioral1
Sample
Request for new order.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
Request for new order.exe
Resource
win10
Malware Config
Extracted
C:\Users\Admin\AppData\Local\Temp\C8A579F880\Log.txt
masslogger
Targets
-
-
Target
Request for new order.exe
-
Size
875KB
-
MD5
f6e60d4e007049b18de4fb87c38927c3
-
SHA1
bba2fcd204840b1235dea163bbfeae3a59e3b763
-
SHA256
495fdf3a95e1f56f9ec94bfdcdafe87a41be371947f24853c18cc98b24a6a281
-
SHA512
a46e7a014a3dd577a5e9d7976845185c1f45c6c321bf8cd3c364576afbdccbe0fca7b0057f63e13416c81a60a0e63bce9c2e4ce5b26801cb179a4e6a6c62b5c3
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Modifies the visibility of hidden or system files
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-