General
-
Target
SOA - 13-07-2020.exe
-
Size
702KB
-
Sample
200713-3g7d5a7rn2
-
MD5
7afce2776cafbc31ae2ea92059d9a78c
-
SHA1
1afcaa6c26a2e8ea5349c92717c9b92131eef371
-
SHA256
452413e4c1ae53679f676ea7e97a7f98697ee833896c6119bc6d8bf15cf06fba
-
SHA512
343ab30e8486eef5ab53390ee44f67260ef3b0a87baba7ee30d7b5671514a020b0d9e58f7d96835e297e4ed5cbc4ee25b7d9c0b5704f241ddbbc6e5c4de456ef
Static task
static1
Behavioral task
behavioral1
Sample
SOA - 13-07-2020.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
SOA - 13-07-2020.exe
Resource
win10
Malware Config
Targets
-
-
Target
SOA - 13-07-2020.exe
-
Size
702KB
-
MD5
7afce2776cafbc31ae2ea92059d9a78c
-
SHA1
1afcaa6c26a2e8ea5349c92717c9b92131eef371
-
SHA256
452413e4c1ae53679f676ea7e97a7f98697ee833896c6119bc6d8bf15cf06fba
-
SHA512
343ab30e8486eef5ab53390ee44f67260ef3b0a87baba7ee30d7b5671514a020b0d9e58f7d96835e297e4ed5cbc4ee25b7d9c0b5704f241ddbbc6e5c4de456ef
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-