General

  • Target

    Order Inquiry List.exe

  • Size

    1MB

  • Sample

    200830-eztbbk6efn

  • MD5

    5a82e2c1d04b28f1d1c7861b231ccfce

  • SHA1

    39adba5bb7a9585d50993a6264f05aecafcd0a92

  • SHA256

    77edc9558f41f26d6b1586ca2fea51861a67de17a50f9494090070285e1f0c43

  • SHA512

    b32280588cbb9e128ba84c800252edca5736c714ff90d9f710ab684537621c99e63c2e4fe41f36c3313098f20d710661b483bdfbd5e35dbc4410d4bcc339f1ba

Malware Config

Targets

    • Target

      Order Inquiry List.exe

    • Size

      1MB

    • MD5

      5a82e2c1d04b28f1d1c7861b231ccfce

    • SHA1

      39adba5bb7a9585d50993a6264f05aecafcd0a92

    • SHA256

      77edc9558f41f26d6b1586ca2fea51861a67de17a50f9494090070285e1f0c43

    • SHA512

      b32280588cbb9e128ba84c800252edca5736c714ff90d9f710ab684537621c99e63c2e4fe41f36c3313098f20d710661b483bdfbd5e35dbc4410d4bcc339f1ba

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    • MassLogger Main Payload

    • Deletes itself

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks