General
-
Target
PO-7645785.scr
-
Size
454KB
-
Sample
201125-gbzq92fhfj
-
MD5
ae1c8c22758c84c580e75ce6f1e19287
-
SHA1
c879a01b916cc64b9f37f6458432ff8b337e4f91
-
SHA256
9cab0d87fcf8728503b48e8a9a69552cbd46b32dc3ee1e29984d846cb3aa6818
-
SHA512
c6874b1f8a11e955c69be79bea1f1149b12940255659df1d81a4edb690fe6aeee6e2c94c86fd6b4e25c42d056abe35bcf30c6b38c88e0841b950360b5d5cb363
Static task
static1
Behavioral task
behavioral1
Sample
PO-7645785.scr
Resource
win7v20201028
Behavioral task
behavioral2
Sample
PO-7645785.scr
Resource
win10v20201028
Malware Config
Targets
-
-
Target
PO-7645785.scr
-
Size
454KB
-
MD5
ae1c8c22758c84c580e75ce6f1e19287
-
SHA1
c879a01b916cc64b9f37f6458432ff8b337e4f91
-
SHA256
9cab0d87fcf8728503b48e8a9a69552cbd46b32dc3ee1e29984d846cb3aa6818
-
SHA512
c6874b1f8a11e955c69be79bea1f1149b12940255659df1d81a4edb690fe6aeee6e2c94c86fd6b4e25c42d056abe35bcf30c6b38c88e0841b950360b5d5cb363
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-