General
-
Target
F2EzKUpFLjTmAQl.exe
-
Size
1.1MB
-
Sample
200709-rby91apkes
-
MD5
96a9c353590be3958e382b08ba97a56b
-
SHA1
f1e86a114513e89ee754cd1775432c12540e7481
-
SHA256
8459e6fc893b7dd880895eb1be14cf8a3bec6003bbb8493f819e48ba84491b87
-
SHA512
2cb8ef090ff0928e05875851f8491d416c25e795c49e10fbe1195a0801f8460d1738ab643a88225ecdb7486e7f6156ff80201251a52b2a57d7c142f50d4c850f
Malware Config
Targets
-
-
Target
F2EzKUpFLjTmAQl.exe
-
Size
1.1MB
-
MD5
96a9c353590be3958e382b08ba97a56b
-
SHA1
f1e86a114513e89ee754cd1775432c12540e7481
-
SHA256
8459e6fc893b7dd880895eb1be14cf8a3bec6003bbb8493f819e48ba84491b87
-
SHA512
2cb8ef090ff0928e05875851f8491d416c25e795c49e10fbe1195a0801f8460d1738ab643a88225ecdb7486e7f6156ff80201251a52b2a57d7c142f50d4c850f
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-