General
-
Target
m1pZYGiBFonndjG.exe
-
Size
1.0MB
-
Sample
200709-9588lf1xvx
-
MD5
5da5e488f088c67f1bc677baab5b75b8
-
SHA1
169b9253cfd6bfbf8a67e3e784b94e46dca4e58f
-
SHA256
e06e5ba87ec0ed09101fcd62c238777c90c6a59be6bba4ced6890250948e6a4b
-
SHA512
038e377d4651f539e81d7cf05d68612b8c82661926695441cb3987eb4a8f8e812ef428d9a89fdd8928682a2369bd0b273286a29ed8f1ffa3b8890dcd848d51a6
Static task
static1
Behavioral task
behavioral1
Sample
m1pZYGiBFonndjG.exe
Resource
win7
Behavioral task
behavioral2
Sample
m1pZYGiBFonndjG.exe
Resource
win10
Malware Config
Targets
-
-
Target
m1pZYGiBFonndjG.exe
-
Size
1.0MB
-
MD5
5da5e488f088c67f1bc677baab5b75b8
-
SHA1
169b9253cfd6bfbf8a67e3e784b94e46dca4e58f
-
SHA256
e06e5ba87ec0ed09101fcd62c238777c90c6a59be6bba4ced6890250948e6a4b
-
SHA512
038e377d4651f539e81d7cf05d68612b8c82661926695441cb3987eb4a8f8e812ef428d9a89fdd8928682a2369bd0b273286a29ed8f1ffa3b8890dcd848d51a6
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-