General
-
Target
e2ca9576_extracted
-
Size
1.3MB
-
Sample
210304-nfyfqyy76e
-
MD5
d91b5ccd5c19ab072de237b4df7485e0
-
SHA1
0063c7986415721066dc079e23d0a9e90f46cac2
-
SHA256
1c71da106df01c2d995653c5639de3b328757a7dabd5770851c161e8c26c1056
-
SHA512
328f15c5977e5a33dcfeb84ab0e8191ef1a953c53099f25e69108c407005731c1feea04a9c173bb67ed0bfd4cd526347e4a5b2c28dbd6c8446f07ea8fa90a237
Static task
static1
Behavioral task
behavioral1
Sample
e2ca9576_extracted.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
e2ca9576_extracted.exe
Resource
win10v20201028
Malware Config
Extracted
Protocol: smtp- Host:
mail.gcco.dz - Port:
587 - Username:
contact@gcco.dz - Password:
CKnt@CtGcc0
Targets
-
-
Target
e2ca9576_extracted
-
Size
1.3MB
-
MD5
d91b5ccd5c19ab072de237b4df7485e0
-
SHA1
0063c7986415721066dc079e23d0a9e90f46cac2
-
SHA256
1c71da106df01c2d995653c5639de3b328757a7dabd5770851c161e8c26c1056
-
SHA512
328f15c5977e5a33dcfeb84ab0e8191ef1a953c53099f25e69108c407005731c1feea04a9c173bb67ed0bfd4cd526347e4a5b2c28dbd6c8446f07ea8fa90a237
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-