General
-
Target
DHL_20201230,pdf.exe
-
Size
1.1MB
-
Sample
201230-1e6jpllqye
-
MD5
14fe2d5d95ec2fe9d8610f5e16c88428
-
SHA1
97d20decb09787cbf557207a49b309b31429244c
-
SHA256
a9a4bd2de434ba7cb210b0e8bc7374db4c6df7e0e94dac78c67f3dc97ddadc4f
-
SHA512
50096d3b5c84cade3b070e649557313692bd4f89af08aba07582c2ecfb54d0f2da35b98f4ad3ca2c8c072a0cffde8c2ac991bad42e73422327946f617e2ee07b
Static task
static1
Behavioral task
behavioral1
Sample
DHL_20201230,pdf.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
DHL_20201230,pdf.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
DHL_20201230,pdf.exe
-
Size
1.1MB
-
MD5
14fe2d5d95ec2fe9d8610f5e16c88428
-
SHA1
97d20decb09787cbf557207a49b309b31429244c
-
SHA256
a9a4bd2de434ba7cb210b0e8bc7374db4c6df7e0e94dac78c67f3dc97ddadc4f
-
SHA512
50096d3b5c84cade3b070e649557313692bd4f89af08aba07582c2ecfb54d0f2da35b98f4ad3ca2c8c072a0cffde8c2ac991bad42e73422327946f617e2ee07b
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Suspicious use of SetThreadContext
-