General

  • Target

    7ebcd0224097ffd553f7d5ad3e8c5886efa500d3667d837badac97be53d27d69

  • Size

    533KB

  • Sample

    220324-syj4haffak

  • MD5

    fc78f16d17231565b4542f51a05639c8

  • SHA1

    2efb895cd2e97e45bcac923f2bc78fede76ea3ac

  • SHA256

    7ebcd0224097ffd553f7d5ad3e8c5886efa500d3667d837badac97be53d27d69

  • SHA512

    f76bedc0ae1689c16a692dae71c775fdb316886dfd0d57c1dedcda53aa9db2edc3031745e0c223ca15ad7c7cc798f78c0cdb8941ab0599b29ed81300512d8f23

Malware Config

Targets

    • Target

      7ebcd0224097ffd553f7d5ad3e8c5886efa500d3667d837badac97be53d27d69

    • Size

      533KB

    • MD5

      fc78f16d17231565b4542f51a05639c8

    • SHA1

      2efb895cd2e97e45bcac923f2bc78fede76ea3ac

    • SHA256

      7ebcd0224097ffd553f7d5ad3e8c5886efa500d3667d837badac97be53d27d69

    • SHA512

      f76bedc0ae1689c16a692dae71c775fdb316886dfd0d57c1dedcda53aa9db2edc3031745e0c223ca15ad7c7cc798f78c0cdb8941ab0599b29ed81300512d8f23

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    • MassLogger Main Payload

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks