General
-
Target
91c271a46e134739ff01742e9a788f69d4446cf049b4988ae162c44e412e4b0e
-
Size
1.0MB
-
Sample
220324-sww1aafegl
-
MD5
c00d5af6a990f463462289f5570fc137
-
SHA1
9712e15444dec4b77750f75f04955587b718e083
-
SHA256
91c271a46e134739ff01742e9a788f69d4446cf049b4988ae162c44e412e4b0e
-
SHA512
77933e87eda8a9edd21430743c62aca684d9cc0cc2dacdb50dc003902de9273b6b63e2211594267717bc01f597407416cec9e0963f303a6194e19320793d3442
Static task
static1
Behavioral task
behavioral1
Sample
91c271a46e134739ff01742e9a788f69d4446cf049b4988ae162c44e412e4b0e.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
91c271a46e134739ff01742e9a788f69d4446cf049b4988ae162c44e412e4b0e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
91c271a46e134739ff01742e9a788f69d4446cf049b4988ae162c44e412e4b0e
-
Size
1.0MB
-
MD5
c00d5af6a990f463462289f5570fc137
-
SHA1
9712e15444dec4b77750f75f04955587b718e083
-
SHA256
91c271a46e134739ff01742e9a788f69d4446cf049b4988ae162c44e412e4b0e
-
SHA512
77933e87eda8a9edd21430743c62aca684d9cc0cc2dacdb50dc003902de9273b6b63e2211594267717bc01f597407416cec9e0963f303a6194e19320793d3442
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-