General
-
Target
90727a7eb845362cee15e9ba91eb41597f122a94c97648db57e648298deb98a6
-
Size
1.1MB
-
Sample
220324-3e4c5scffr
-
MD5
3e55b3d9f4801b7e06e5c93b39c0dfb6
-
SHA1
0ce465155d2a6f219fa3c9c5e4b4f8c5bc7a9bda
-
SHA256
90727a7eb845362cee15e9ba91eb41597f122a94c97648db57e648298deb98a6
-
SHA512
397dd541e8df6b3b1d3c6dcf2ee5563bd4497f78a781055bcd0b563e23b43eafef96cb8191854ef501b27dc6c44ee6d676052dfa3aa035878c86b0c9ac6523af
Static task
static1
Behavioral task
behavioral1
Sample
90727a7eb845362cee15e9ba91eb41597f122a94c97648db57e648298deb98a6.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
90727a7eb845362cee15e9ba91eb41597f122a94c97648db57e648298deb98a6.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
90727a7eb845362cee15e9ba91eb41597f122a94c97648db57e648298deb98a6
-
Size
1.1MB
-
MD5
3e55b3d9f4801b7e06e5c93b39c0dfb6
-
SHA1
0ce465155d2a6f219fa3c9c5e4b4f8c5bc7a9bda
-
SHA256
90727a7eb845362cee15e9ba91eb41597f122a94c97648db57e648298deb98a6
-
SHA512
397dd541e8df6b3b1d3c6dcf2ee5563bd4497f78a781055bcd0b563e23b43eafef96cb8191854ef501b27dc6c44ee6d676052dfa3aa035878c86b0c9ac6523af
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-