General
-
Target
ZWiW2Y27HUjCG5Y.exe
-
Size
1.1MB
-
Sample
200709-6jhapqbd3n
-
MD5
a1c4c357d66c06dab0cabe3803e4ba48
-
SHA1
b665fe8a7806111221819df058202508bbfaea12
-
SHA256
b7e415a16cfc8d84c09f105709910d808f0ad13e64c7feb4169b135fe57c7f99
-
SHA512
b39066bc46e18c469ccae10ea33077d999ea1f48c97af662a15e4ab905033ab12ce02c000f6635c55fb854ff27baf6f62c9b373927f3e16b4f9e3d1a5f4a84b0
Static task
static1
Behavioral task
behavioral1
Sample
ZWiW2Y27HUjCG5Y.exe
Resource
win7
Behavioral task
behavioral2
Sample
ZWiW2Y27HUjCG5Y.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
ZWiW2Y27HUjCG5Y.exe
-
Size
1.1MB
-
MD5
a1c4c357d66c06dab0cabe3803e4ba48
-
SHA1
b665fe8a7806111221819df058202508bbfaea12
-
SHA256
b7e415a16cfc8d84c09f105709910d808f0ad13e64c7feb4169b135fe57c7f99
-
SHA512
b39066bc46e18c469ccae10ea33077d999ea1f48c97af662a15e4ab905033ab12ce02c000f6635c55fb854ff27baf6f62c9b373927f3e16b4f9e3d1a5f4a84b0
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-