General
-
Target
5de9eb96e1e47a35585e0eb77d4b2567c87d57812fdde90ecb62d3d9f9a81e8e
-
Size
5.9MB
-
Sample
220319-v6e6maeghm
-
MD5
502651f64975fefea89045df9c37af20
-
SHA1
3211c3ca578bf5c258608627662c851eb008b248
-
SHA256
5de9eb96e1e47a35585e0eb77d4b2567c87d57812fdde90ecb62d3d9f9a81e8e
-
SHA512
1b22d2aff226a9bab3d75d841ae949be0614faaea9ad0a3bfd3a50710d4a0b87b9564119a88da9beda24cc15ceed75e7cd5cfea48a261e11a74e167224790efb
Static task
static1
Behavioral task
behavioral1
Sample
5de9eb96e1e47a35585e0eb77d4b2567c87d57812fdde90ecb62d3d9f9a81e8e.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
5de9eb96e1e47a35585e0eb77d4b2567c87d57812fdde90ecb62d3d9f9a81e8e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
5de9eb96e1e47a35585e0eb77d4b2567c87d57812fdde90ecb62d3d9f9a81e8e
-
Size
5.9MB
-
MD5
502651f64975fefea89045df9c37af20
-
SHA1
3211c3ca578bf5c258608627662c851eb008b248
-
SHA256
5de9eb96e1e47a35585e0eb77d4b2567c87d57812fdde90ecb62d3d9f9a81e8e
-
SHA512
1b22d2aff226a9bab3d75d841ae949be0614faaea9ad0a3bfd3a50710d4a0b87b9564119a88da9beda24cc15ceed75e7cd5cfea48a261e11a74e167224790efb
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-