masslogger | b633d14b6eb77ceeae4348f54df5f0dd430df22e5455862edd2d13bd2d53ef6b | Triage

Submit
Reports

Overview

overview

Static

static

DcBAMuENpLqiAz9.exe

windows7_x64

DcBAMuENpLqiAz9.exe

windows10_x64

3

Sharing

General

Target

DcBAMuENpLqiAz9.exe
Size

1.1MB
Sample

200709-ekhdg8kb46
MD5

194227e1b6f66533df5c3e6273eb5dc5
SHA1

b6761021e7c40d59c1df641618bba748fa674d36
SHA256

b633d14b6eb77ceeae4348f54df5f0dd430df22e5455862edd2d13bd2d53ef6b
SHA512

3258a441980935a29e19798a2a3e19a141d807255ecd2ad9993d555316a32c91171674bcba2156f229abdeec415dee57d3e6af31950d5433b341b3c21074621d

Score

10^/10

masslogger spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

DcBAMuENpLqiAz9.exe

Resource

win7v200430

spyware stealer masslogger

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

DcBAMuENpLqiAz9.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  DcBAMuENpLqiAz9.exe
- Size
  
  1.1MB
- MD5
  
  194227e1b6f66533df5c3e6273eb5dc5
- SHA1
  
  b6761021e7c40d59c1df641618bba748fa674d36
- SHA256
  
  b633d14b6eb77ceeae4348f54df5f0dd430df22e5455862edd2d13bd2d53ef6b
- SHA512
  
  3258a441980935a29e19798a2a3e19a141d807255ecd2ad9993d555316a32c91171674bcba2156f229abdeec415dee57d3e6af31950d5433b341b3c21074621d
Score

10^/10

spyware stealer masslogger
- MassLogger
  Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
  stealer spyware masslogger
- MassLogger log file
  Detects a log file produced by MassLogger.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

spywarestealermasslogger

behavioral2

© 2018-2024

Terms | Privacy