General
-
Target
1f63d3a280da9afc6349fb118e2d5a58510a3a64252353c080c552691b8bf8bd
-
Size
949KB
-
Sample
220329-13blxsbhg2
-
MD5
88f2baa69f2b4ec126e84e5ba5b1dc9d
-
SHA1
d712aac5fe35e60d48e935932b172beefff611db
-
SHA256
1f63d3a280da9afc6349fb118e2d5a58510a3a64252353c080c552691b8bf8bd
-
SHA512
1ee9e179de0f8181dcef9294c8f88b35ac8a6cc18edd7ab009cca91ef46f144f5a9fcf74f77b88e0b10308cb9aaef0a32343102f770b17f8b0e97678f666feeb
Static task
static1
Behavioral task
behavioral1
Sample
1f63d3a280da9afc6349fb118e2d5a58510a3a64252353c080c552691b8bf8bd.exe
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
1f63d3a280da9afc6349fb118e2d5a58510a3a64252353c080c552691b8bf8bd.exe
Resource
win10v2004-20220331-en
Malware Config
Targets
-
-
Target
1f63d3a280da9afc6349fb118e2d5a58510a3a64252353c080c552691b8bf8bd
-
Size
949KB
-
MD5
88f2baa69f2b4ec126e84e5ba5b1dc9d
-
SHA1
d712aac5fe35e60d48e935932b172beefff611db
-
SHA256
1f63d3a280da9afc6349fb118e2d5a58510a3a64252353c080c552691b8bf8bd
-
SHA512
1ee9e179de0f8181dcef9294c8f88b35ac8a6cc18edd7ab009cca91ef46f144f5a9fcf74f77b88e0b10308cb9aaef0a32343102f770b17f8b0e97678f666feeb
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-