General
-
Target
Document_BT24PDF.vbs
-
Size
3KB
-
Sample
201213-7mt6wadbds
-
MD5
025b41f87e14cb954c4a059fbad4878e
-
SHA1
a67752f5f90d3e7f08176d818390d479fe4061c1
-
SHA256
4c02a2fad0d163c4e3ab8540c7d2bf8c9266424a4cbec17108f0105fc96cd26a
-
SHA512
023119ed955108931f2f23c6bc8d703afb9e269cbd00e43d5581929259e9bc69cde7008efa60e97c59d6021a11bade092ce0661183c0e5386360f83e28733bdd
Static task
static1
Behavioral task
behavioral1
Sample
Document_BT24PDF.vbs
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Document_BT24PDF.vbs
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Document_BT24PDF.vbs
-
Size
3KB
-
MD5
025b41f87e14cb954c4a059fbad4878e
-
SHA1
a67752f5f90d3e7f08176d818390d479fe4061c1
-
SHA256
4c02a2fad0d163c4e3ab8540c7d2bf8c9266424a4cbec17108f0105fc96cd26a
-
SHA512
023119ed955108931f2f23c6bc8d703afb9e269cbd00e43d5581929259e9bc69cde7008efa60e97c59d6021a11bade092ce0661183c0e5386360f83e28733bdd
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Blocklisted process makes network request
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-