Overview

overview

10

Static

static

m1pZYGiBFonndjG.exe

windows7_x64

10

m1pZYGiBFonndjG.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    m1pZYGiBFonndjG.exe

  • Size

    1.0MB

  • Sample

    200709-9588lf1xvx

  • MD5

    5da5e488f088c67f1bc677baab5b75b8

  • SHA1

    169b9253cfd6bfbf8a67e3e784b94e46dca4e58f

  • SHA256

    e06e5ba87ec0ed09101fcd62c238777c90c6a59be6bba4ced6890250948e6a4b

  • SHA512

    038e377d4651f539e81d7cf05d68612b8c82661926695441cb3987eb4a8f8e812ef428d9a89fdd8928682a2369bd0b273286a29ed8f1ffa3b8890dcd848d51a6

Score
10/10
massloggerspywarestealer

Malware Config

Targets

    • Target

      m1pZYGiBFonndjG.exe

    • Size

      1.0MB

    • MD5

      5da5e488f088c67f1bc677baab5b75b8

    • SHA1

      169b9253cfd6bfbf8a67e3e784b94e46dca4e58f

    • SHA256

      e06e5ba87ec0ed09101fcd62c238777c90c6a59be6bba4ced6890250948e6a4b

    • SHA512

      038e377d4651f539e81d7cf05d68612b8c82661926695441cb3987eb4a8f8e812ef428d9a89fdd8928682a2369bd0b273286a29ed8f1ffa3b8890dcd848d51a6

    Score
    10/10
    spywarestealermasslogger

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger log file

      Detects a log file produced by MassLogger.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks