Overview

overview

10

Static

static

GSYJrJhEUVbUoZN.exe

windows7_x64

10

GSYJrJhEUVbUoZN.exe

windows10_x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    GSYJrJhEUVbUoZN.exe

  • Size

    1003KB

  • Sample

    200714-zd3jklkmr2

  • MD5

    a25c4a2a838811521034e121d502ed72

  • SHA1

    5d81483df22eb8ad3b6b8198b63853f70f6d798b

  • SHA256

    7fb6e9a788b18806469167cf64458dd590122593a04489cf70bb70434905a246

  • SHA512

    889fbd8be7dda4d1dc69a498a96178b9992fb637460aaa54417b20a56cd9ab39c37f041e2c1997b873049fd157a6cd6edbf77be7a444076a5c803fd77b8d26b4

Score
10/10
massloggerspywarestealer

Malware Config

Targets

    • Target

      GSYJrJhEUVbUoZN.exe

    • Size

      1003KB

    • MD5

      a25c4a2a838811521034e121d502ed72

    • SHA1

      5d81483df22eb8ad3b6b8198b63853f70f6d798b

    • SHA256

      7fb6e9a788b18806469167cf64458dd590122593a04489cf70bb70434905a246

    • SHA512

      889fbd8be7dda4d1dc69a498a96178b9992fb637460aaa54417b20a56cd9ab39c37f041e2c1997b873049fd157a6cd6edbf77be7a444076a5c803fd77b8d26b4

    Score
    10/10
    spywarestealermasslogger

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger log file

      Detects a log file produced by MassLogger.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks