masslogger | 420541ff7ab7f97d2110f9c2f2488087c0d2f9e577fa5e55c73eebf4f5416bbc | Triage

Submit
Reports

Overview

overview

Static

static

purchase order.exe

windows7_x64

purchase order.exe

windows10_x64

3

Sharing

General

Target

purchase order.exe
Size

790KB
Sample

200713-cc8bxfapps
MD5

3c55253fc699ca4f3aa7b5f39796e82c
SHA1

85be2e70b90bbefdb191cd5440c9519772755402
SHA256

420541ff7ab7f97d2110f9c2f2488087c0d2f9e577fa5e55c73eebf4f5416bbc
SHA512

bedb39cfab073dfce9e12488818d20381e48ec33cbfe30c53f5e1679b439b261c65cbf448f1a6d616c74f337f0dbcfd70194b141abc2399eed703210e0b1e297

Score

10^/10

masslogger spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

purchase order.exe

Resource

win7v200430

stealer spyware masslogger

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

purchase order.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  purchase order.exe
- Size
  
  790KB
- MD5
  
  3c55253fc699ca4f3aa7b5f39796e82c
- SHA1
  
  85be2e70b90bbefdb191cd5440c9519772755402
- SHA256
  
  420541ff7ab7f97d2110f9c2f2488087c0d2f9e577fa5e55c73eebf4f5416bbc
- SHA512
  
  bedb39cfab073dfce9e12488818d20381e48ec33cbfe30c53f5e1679b439b261c65cbf448f1a6d616c74f337f0dbcfd70194b141abc2399eed703210e0b1e297
Score

10^/10

stealer spyware masslogger
- MassLogger
  Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
  stealer spyware masslogger
- MassLogger log file
  Detects a log file produced by MassLogger.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

stealerspywaremasslogger

behavioral2

© 2018-2024

Terms | Privacy