Overview

overview

10

Static

static

plcfeVYdiIOV5jX.exe

windows7_x64

10

plcfeVYdiIOV5jX.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    plcfeVYdiIOV5jX.exe

  • Size

    992KB

  • Sample

    200714-xr465vykgj

  • MD5

    d1a32e0c76d6987491bb615870cff8e8

  • SHA1

    4b1d30b1216c65f3bdf893127c8e293f4e33bcec

  • SHA256

    8435871f09b1ba4c78f547c3bda0c509e426601221f60b455f6b6cb9d8a2f1ce

  • SHA512

    659525820f88d841dd5f0a32ccf30d3bb6f5964e92f16ccdb2e87fe1a1126af21f8ce78abd87bb2110854b98cd9d6beedf0df3e78da8b506fe9068a86d2fdd5f

Score
10/10
massloggerspywarestealer

Malware Config

Targets

    • Target

      plcfeVYdiIOV5jX.exe

    • Size

      992KB

    • MD5

      d1a32e0c76d6987491bb615870cff8e8

    • SHA1

      4b1d30b1216c65f3bdf893127c8e293f4e33bcec

    • SHA256

      8435871f09b1ba4c78f547c3bda0c509e426601221f60b455f6b6cb9d8a2f1ce

    • SHA512

      659525820f88d841dd5f0a32ccf30d3bb6f5964e92f16ccdb2e87fe1a1126af21f8ce78abd87bb2110854b98cd9d6beedf0df3e78da8b506fe9068a86d2fdd5f

    Score
    10/10
    stealerspywaremasslogger

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger log file

      Detects a log file produced by MassLogger.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks