Extracted

• • Target

    OOCS DI 20002876.exe

  • Size

    1.3MB

  • MD5

    d82419cc06e18b5cdf23f72a4b58c483

  • SHA1

    149b6f3866d88292183f8d5af23c877e1d8fd60f

  • SHA256

    70048d51529f09683d5180eb0e410297fa0332f155e213ebefc8fb750389177f

  • SHA512

    b708bb5fc22bf5a93e830f99672ffa58783f0152d6bba2af94e960d68d2ba2b02813e20493b9711c23e860204d81152c2dec12ce53f6644e9f188e56454dcc9c

  Score

  10^/10

  ransomwarestealerspywaremasslogger

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2