General
-
Target
0cc24b8e311a128fec1325c66d975a8df6d35c7dd8777a6cc4eeb3e0f470b720
-
Size
5.5MB
-
Sample
220320-c5lmxafdbq
-
MD5
a2e1aed4ea11e7c7c830ffbc23359efa
-
SHA1
9d74eaadaaf0483ceed4ecdb098d155ce66ce53f
-
SHA256
0cc24b8e311a128fec1325c66d975a8df6d35c7dd8777a6cc4eeb3e0f470b720
-
SHA512
32c6e101d3559890184261a2a0c95adeac6b3e9822a86beb65aefa9c81a86da9e1814113d733b99e6f36b7083e2665d5d1594b63dc9ac611b43fad9c769ce831
Static task
static1
Behavioral task
behavioral1
Sample
0cc24b8e311a128fec1325c66d975a8df6d35c7dd8777a6cc4eeb3e0f470b720.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
0cc24b8e311a128fec1325c66d975a8df6d35c7dd8777a6cc4eeb3e0f470b720.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
0cc24b8e311a128fec1325c66d975a8df6d35c7dd8777a6cc4eeb3e0f470b720
-
Size
5.5MB
-
MD5
a2e1aed4ea11e7c7c830ffbc23359efa
-
SHA1
9d74eaadaaf0483ceed4ecdb098d155ce66ce53f
-
SHA256
0cc24b8e311a128fec1325c66d975a8df6d35c7dd8777a6cc4eeb3e0f470b720
-
SHA512
32c6e101d3559890184261a2a0c95adeac6b3e9822a86beb65aefa9c81a86da9e1814113d733b99e6f36b7083e2665d5d1594b63dc9ac611b43fad9c769ce831
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-