Document#0193832.exe

General
Target

Document#0193832.exe

Completed

31-07-2020 12:11

Sample

200731-cna2xdrnke

SHA256

bcd7372fd84fe78e97a72a842df6cab2a5d7a47909a3fd05b13f6f4990de8a7f

Score
10 /10
Malware Config

Extracted

Path C:\Users\Admin\AppData\Local\42EF15E83D\Log.txt
Family masslogger
Ransom Note
<|| v2.4.0.0 ||> User Name: Admin IP: 154.61.71.13 Location: United States Windows OS: Microsoft Windows 7 Professional 64bit Windows Serial Key: HYF8J-CVRMY-CM74G-RPHKF-PW487 CPU: Persocon Processor 2.5+ GPU: Standard VGA Graphics Adapter AV: NA Screen Resolution: 1280x720 Current Time: 7/31/2020 2:10:54 PM MassLogger Started: 7/31/2020 2:10:47 PM Interval: 2 hour MassLogger Process: C:\Users\Admin\AppData\Local\Temp\Document#0193832.exe MassLogger Melt: false MassLogger Exit after delivery: false As Administrator: True Processes: <|| WD Exclusion ||> Disabled <|| Binder ||> Disabled <|| Downloader ||> Disabled <|| Window Searcher ||> Disabled <|| Bot Killer ||> Disabled <|| Search And Upload ||> Disabled <|| Telegram Desktop ||> Not Installed <|| Pidgin ||> Not Installed <|| FileZilla ||> Not Installed <|| Discord Tokken ||> Not Installed <|| NordVPN ||> Not Installed <|| Outlook ||> Not Installed <|| FoxMail ||> Not Installed <|| Thunderbird ||> Not Installed <|| FireFox ||> Not Found <|| QQ Browser ||> Not Installed <|| Chromium Recovery ||> Not Installed or Not Found <|| Keylogger And Clipboard ||> NA

Related Tasks

behavioral1

Extracted

Protocol smtp
Host mail.privateemail.com
Port 587
Username celal@lidyatriko-com.me
Password Tomorrow@1234#

Related Tasks

behavioral1
Targets
Target

Document#0193832.exe

MD5

97edaeff8f726e10d554f8f8f5aad7ae

Filesize

1MB

Score
3 /10
SHA1

01da166b48252cfb52ad7b42730ec994f07c7db2

SHA256

bcd7372fd84fe78e97a72a842df6cab2a5d7a47909a3fd05b13f6f4990de8a7f

SHA512

99ca75b3989909eb66f2c7cd282db81c2c952fbf637287c6157df923335f5f9bd63b9d5b91b0ec7de06d68391903f716f5ab6ce67f2f3230a3e8c25b44aa5f16

Tags

ransomware stealer spyware masslogger

Related Tasks