Overview

overview

10

Static

static

3mg2ZaPd1aKUUrZ.exe

windows7_x64

10

3mg2ZaPd1aKUUrZ.exe

windows10_x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3mg2ZaPd1aKUUrZ.exe

  • Size

    1.1MB

  • Sample

    200714-gwj1edp1zs

  • MD5

    b2772719d63317c9c1ce101c26df5d6e

  • SHA1

    0c8a6d3e283e966bb099ae742969f0e163d8ee57

  • SHA256

    3d4f85aa3d78db4a67194188821fa0f6993d66b308a70c67e2bb052fe59d1f2c

  • SHA512

    1d64f5bf1c672ba2c4f6f604b3ce1d34a729cc058a19e57b1ff92e6a611df66dd80a708ae16e541e874b7428fd9a2b61a8c14f785bdb705067c7d02c2947daf9

Score
10/10
massloggerspywarestealer

Malware Config

Targets

    • Target

      3mg2ZaPd1aKUUrZ.exe

    • Size

      1.1MB

    • MD5

      b2772719d63317c9c1ce101c26df5d6e

    • SHA1

      0c8a6d3e283e966bb099ae742969f0e163d8ee57

    • SHA256

      3d4f85aa3d78db4a67194188821fa0f6993d66b308a70c67e2bb052fe59d1f2c

    • SHA512

      1d64f5bf1c672ba2c4f6f604b3ce1d34a729cc058a19e57b1ff92e6a611df66dd80a708ae16e541e874b7428fd9a2b61a8c14f785bdb705067c7d02c2947daf9

    Score
    10/10
    stealerspywaremasslogger

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger log file

      Detects a log file produced by MassLogger.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks