General
-
Target
SecuriteInfo.com.Mal.Generic-S.23822.19981
-
Size
5.5MB
-
Sample
201217-wwkrlpxvee
-
MD5
acf9859073668352c595f1bf2e8acbf2
-
SHA1
08287325bb14df236fe5aa9a9dfc68da8088a7e0
-
SHA256
2e302bee38d2c734914bd99beb38bfbf483a8e90ac57306ede31c13bd6ad45d3
-
SHA512
f08a5e452c09eb3fe8fcded68eb7b4a43563938a42dbeb84468ffa0f0cb016397b6543788f9ada0186f47936cae5d61b21cb9e38c44903600971814c3dcb51e6
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Mal.Generic-S.23822.19981.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Mal.Generic-S.23822.19981.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Mal.Generic-S.23822.19981
-
Size
5.5MB
-
MD5
acf9859073668352c595f1bf2e8acbf2
-
SHA1
08287325bb14df236fe5aa9a9dfc68da8088a7e0
-
SHA256
2e302bee38d2c734914bd99beb38bfbf483a8e90ac57306ede31c13bd6ad45d3
-
SHA512
f08a5e452c09eb3fe8fcded68eb7b4a43563938a42dbeb84468ffa0f0cb016397b6543788f9ada0186f47936cae5d61b21cb9e38c44903600971814c3dcb51e6
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-