Overview

overview

10

Static

static

PO NOAB108...df.exe

windows7_x64

10

PO NOAB108...df.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO NOAB1088-2020.pdf.exe

  • Size

    972KB

  • Sample

    200714-2z149z7mqs

  • MD5

    e5b79d5699c82c22ac989a739754340d

  • SHA1

    9bd3a38876deb614620f8a9b71e7264d9fd00380

  • SHA256

    a2d04087127197f6a4ae49039fbc2c2dc750ee0fe2d71965a7c675d556d362d3

  • SHA512

    b5216d9b15fc32f937da9438f4fc621327a5ee1eb0481e798b2ae328f090c1c3f9cf1e066f00342c010c0f39d2e75a137bcda2cd6912664fcb7973495bca0f39

Score
10/10
massloggerspywarestealer

Malware Config

Targets

    • Target

      PO NOAB1088-2020.pdf.exe

    • Size

      972KB

    • MD5

      e5b79d5699c82c22ac989a739754340d

    • SHA1

      9bd3a38876deb614620f8a9b71e7264d9fd00380

    • SHA256

      a2d04087127197f6a4ae49039fbc2c2dc750ee0fe2d71965a7c675d556d362d3

    • SHA512

      b5216d9b15fc32f937da9438f4fc621327a5ee1eb0481e798b2ae328f090c1c3f9cf1e066f00342c010c0f39d2e75a137bcda2cd6912664fcb7973495bca0f39

    Score
    10/10
    stealerspywaremasslogger

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger log file

      Detects a log file produced by MassLogger.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks