DHL_January 2020 at 13M_9B7290_PDF.exe

General
Target

DHL_January 2020 at 13M_9B7290_PDF.exe

Size

736KB

Sample

210113-vep4mf82p6

Score
10 /10
MD5

b9ca60bd296e8b80185f531b8fd82a8b

SHA1

39b868b11fe71cc7d0bbb88f3ebb8198648808cc

SHA256

a39304a39ad9b9427b000045f7f5c60ed7790fe1a79d604ba9379bb94c0da593

SHA512

1ab95c7f9c8b5db41d4161b0694545b25a758b3222b6fbfd47123f0c622c2ddfe7574f31026d646d0d026bff77a4c30b7e1e9a03c90925fcdba5f268af0c734e

Malware Config
Targets
Target

DHL_January 2020 at 13M_9B7290_PDF.exe

MD5

b9ca60bd296e8b80185f531b8fd82a8b

Filesize

736KB

Score
10 /10
SHA1

39b868b11fe71cc7d0bbb88f3ebb8198648808cc

SHA256

a39304a39ad9b9427b000045f7f5c60ed7790fe1a79d604ba9379bb94c0da593

SHA512

1ab95c7f9c8b5db41d4161b0694545b25a758b3222b6fbfd47123f0c622c2ddfe7574f31026d646d0d026bff77a4c30b7e1e9a03c90925fcdba5f268af0c734e

Tags

Signatures

  • MassLogger

    Description

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    Tags

  • MassLogger Main Payload

  • Checks computer location settings

    Description

    Looks up country code configured in the registry, likely geofence.

    TTPs

    Query Registry System Information Discovery
  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Looks up external IP address via web service

    Description

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    10/10

                    behavioral2

                    10/10