General
-
Target
9f2b4b2331d9d2dfa77ec994e4a53de1feb7474b6925cea7fb3228bb38aa3f9d
-
Size
989KB
-
Sample
220329-11wjbabhe4
-
MD5
9cd6fdd143485cf45183f18df7d6fecf
-
SHA1
6dff2477d44d9622ccde16b86daf53456b694d56
-
SHA256
9f2b4b2331d9d2dfa77ec994e4a53de1feb7474b6925cea7fb3228bb38aa3f9d
-
SHA512
239e32ab9682980c4d998e7ba4acbd278826f6c077ffdf8ae5cc54553786887b59ebb4a06da2ac7bf034cabc503f1f4ebdf9ab08df1686fbdaea5d226e1e336c
Static task
static1
Behavioral task
behavioral1
Sample
9f2b4b2331d9d2dfa77ec994e4a53de1feb7474b6925cea7fb3228bb38aa3f9d.exe
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
9f2b4b2331d9d2dfa77ec994e4a53de1feb7474b6925cea7fb3228bb38aa3f9d.exe
Resource
win10v2004-20220331-en
Malware Config
Targets
-
-
Target
9f2b4b2331d9d2dfa77ec994e4a53de1feb7474b6925cea7fb3228bb38aa3f9d
-
Size
989KB
-
MD5
9cd6fdd143485cf45183f18df7d6fecf
-
SHA1
6dff2477d44d9622ccde16b86daf53456b694d56
-
SHA256
9f2b4b2331d9d2dfa77ec994e4a53de1feb7474b6925cea7fb3228bb38aa3f9d
-
SHA512
239e32ab9682980c4d998e7ba4acbd278826f6c077ffdf8ae5cc54553786887b59ebb4a06da2ac7bf034cabc503f1f4ebdf9ab08df1686fbdaea5d226e1e336c
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-