General
-
Target
41b90e096ee11fd8a4afc9dde7f95311.exe
-
Size
525KB
-
Sample
201125-de65k41vzs
-
MD5
41b90e096ee11fd8a4afc9dde7f95311
-
SHA1
53a53f95afeaaaa1af65b74a7caf394e246308b3
-
SHA256
31b06ca8f90f735bd3b209e576db1da2a5ab7f661b58f85eaabcde2181978003
-
SHA512
1b675a1fbed48ba951e69e7e2f8f6c38a303a5389ed5742f020321faaeb0bc8dbdeec2ca7dd946727898468a46e47468e784145889a34941b9642790c260305b
Static task
static1
Behavioral task
behavioral1
Sample
41b90e096ee11fd8a4afc9dde7f95311.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
41b90e096ee11fd8a4afc9dde7f95311.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
41b90e096ee11fd8a4afc9dde7f95311.exe
-
Size
525KB
-
MD5
41b90e096ee11fd8a4afc9dde7f95311
-
SHA1
53a53f95afeaaaa1af65b74a7caf394e246308b3
-
SHA256
31b06ca8f90f735bd3b209e576db1da2a5ab7f661b58f85eaabcde2181978003
-
SHA512
1b675a1fbed48ba951e69e7e2f8f6c38a303a5389ed5742f020321faaeb0bc8dbdeec2ca7dd946727898468a46e47468e784145889a34941b9642790c260305b
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
ServiceHost packer
Detects ServiceHost packer used for .NET malware
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-