Overview

overview

10

Static

static

lHpEHbHmqh8v2mG.exe

windows7_x64

10

lHpEHbHmqh8v2mG.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    lHpEHbHmqh8v2mG.exe

  • Size

    1003KB

  • Sample

    200714-xmn2rps9qa

  • MD5

    06e797b860892742cc3ad150d7196eb0

  • SHA1

    a34fa9ed710631a57938f609e3150b53e3de6dc2

  • SHA256

    bfd922757fc0667e42b7d5de0b6cf78f7a08a335b3beef49782be73b8433619e

  • SHA512

    4b00f8b7c8d63669a3fb1a00cd00660fa564f65d52eb4c1d78c475f2b3d02d88b2bdf536fcfcb1aefdafc914cb45baed618d9410195398b3a60515f5a2a3e007

Score
10/10
massloggerspywarestealer

Malware Config

Targets

    • Target

      lHpEHbHmqh8v2mG.exe

    • Size

      1003KB

    • MD5

      06e797b860892742cc3ad150d7196eb0

    • SHA1

      a34fa9ed710631a57938f609e3150b53e3de6dc2

    • SHA256

      bfd922757fc0667e42b7d5de0b6cf78f7a08a335b3beef49782be73b8433619e

    • SHA512

      4b00f8b7c8d63669a3fb1a00cd00660fa564f65d52eb4c1d78c475f2b3d02d88b2bdf536fcfcb1aefdafc914cb45baed618d9410195398b3a60515f5a2a3e007

    Score
    10/10
    spywarestealermasslogger

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger log file

      Detects a log file produced by MassLogger.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks