General
-
Target
7f3d79e67f7ffcb7576162e579b64c28124230907e49d0adbd5d7c072f3e818f
-
Size
5.6MB
-
Sample
220320-aepwjacgf9
-
MD5
7bedf14ca5899a134b977c1ff888a44d
-
SHA1
be5ded5084d40291f748323fd615afdee7893a24
-
SHA256
7f3d79e67f7ffcb7576162e579b64c28124230907e49d0adbd5d7c072f3e818f
-
SHA512
3790b2cfe16c426f0c11db923621f3ef9b033d9477c29d99afdb7ec04d64fa7be335717bc5098a5a485c07722c259025ce07319096e940eee9fdc2e29b8929b9
Static task
static1
Behavioral task
behavioral1
Sample
7f3d79e67f7ffcb7576162e579b64c28124230907e49d0adbd5d7c072f3e818f.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
7f3d79e67f7ffcb7576162e579b64c28124230907e49d0adbd5d7c072f3e818f.exe
Resource
win10v2004-20220310-en
Malware Config
Targets
-
-
Target
7f3d79e67f7ffcb7576162e579b64c28124230907e49d0adbd5d7c072f3e818f
-
Size
5.6MB
-
MD5
7bedf14ca5899a134b977c1ff888a44d
-
SHA1
be5ded5084d40291f748323fd615afdee7893a24
-
SHA256
7f3d79e67f7ffcb7576162e579b64c28124230907e49d0adbd5d7c072f3e818f
-
SHA512
3790b2cfe16c426f0c11db923621f3ef9b033d9477c29d99afdb7ec04d64fa7be335717bc5098a5a485c07722c259025ce07319096e940eee9fdc2e29b8929b9
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-