masslogger | bd99f6b970cc52ee725dd1b734a440243655a3fbc1e2304a665b29d41477c25b | Triage

Submit
Reports

Overview

overview

Static

static

Mehmet_inq...df.exe

windows7_x64

Mehmet_inq...df.exe

windows10_x64

Sharing

General

Target

Mehmet_inquiry_00382392_176372.pdf.exe
Size

1.3MB
Sample

200828-apnflbth4s
MD5

d13df375594402f6b205f37d23a4fddc
SHA1

fdec6711f508bb2277f84cb60e8e2bee2353f141
SHA256

bd99f6b970cc52ee725dd1b734a440243655a3fbc1e2304a665b29d41477c25b
SHA512

e3dad4302fe2161e4dd9a0111565228fab5aff6abc9e7603085520a2604dec9044dce1c283b78d5b9d5536e8812b6ecfe5b0b4c5c013ecd7b6f17430a186ceea

Score

10^/10

masslogger spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Mehmet_inquiry_00382392_176372.pdf.exe

Resource

win7

stealer spyware masslogger

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Mehmet_inquiry_00382392_176372.pdf.exe

Resource

win10v200722

spyware stealer masslogger

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Mehmet_inquiry_00382392_176372.pdf.exe
- Size
  
  1.3MB
- MD5
  
  d13df375594402f6b205f37d23a4fddc
- SHA1
  
  fdec6711f508bb2277f84cb60e8e2bee2353f141
- SHA256
  
  bd99f6b970cc52ee725dd1b734a440243655a3fbc1e2304a665b29d41477c25b
- SHA512
  
  e3dad4302fe2161e4dd9a0111565228fab5aff6abc9e7603085520a2604dec9044dce1c283b78d5b9d5536e8812b6ecfe5b0b4c5c013ecd7b6f17430a186ceea
Score

10^/10

stealer spyware masslogger
- MassLogger
  Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
  stealer spyware masslogger
- MassLogger Main Payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

stealerspywaremasslogger

behavioral2

spywarestealermasslogger

© 2018-2024

Terms | Privacy