General
-
Target
scan-2020-999101991.exe
-
Size
886KB
-
Sample
200710-9rh1legvna
-
MD5
251f35784cea0bd19916ca312984ec3e
-
SHA1
3c295311612e4497b12502a370d79666c2d037a9
-
SHA256
e9c9ae01876b58d0899264f53d7fff1daf70743db47aaf7dfeca86f7217bfcd8
-
SHA512
4bf524e441a376f42e079a5a977e83804420e865e26d4c2d80fc8dbfa1a63a396f8559448fd43cc6a362563e696e2de9c7b82174e792d019e0148c83fcd36d18
Static task
static1
Behavioral task
behavioral1
Sample
scan-2020-999101991.exe
Resource
win7
Behavioral task
behavioral2
Sample
scan-2020-999101991.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
scan-2020-999101991.exe
-
Size
886KB
-
MD5
251f35784cea0bd19916ca312984ec3e
-
SHA1
3c295311612e4497b12502a370d79666c2d037a9
-
SHA256
e9c9ae01876b58d0899264f53d7fff1daf70743db47aaf7dfeca86f7217bfcd8
-
SHA512
4bf524e441a376f42e079a5a977e83804420e865e26d4c2d80fc8dbfa1a63a396f8559448fd43cc6a362563e696e2de9c7b82174e792d019e0148c83fcd36d18
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-