General
-
Target
ea2ad7a1899fa2e07ef0068352a66cf60433cf4fd898eb52152d1264b0cb61d6
-
Size
893KB
-
Sample
220329-1zv66agaep
-
MD5
83beb8de9babc5f638699db150da07e0
-
SHA1
7f4374a1d364202a70779d17d8242464a2a9ea70
-
SHA256
ea2ad7a1899fa2e07ef0068352a66cf60433cf4fd898eb52152d1264b0cb61d6
-
SHA512
711fcc6dbd4053061b473936a2de4b38a7917fe20cccfb31ce0ed7ec19e25f3d1533f5d56de82a3ba1b33ce961e28130c254111b40cdce256ecc4f11a070efe0
Static task
static1
Behavioral task
behavioral1
Sample
ea2ad7a1899fa2e07ef0068352a66cf60433cf4fd898eb52152d1264b0cb61d6.exe
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
ea2ad7a1899fa2e07ef0068352a66cf60433cf4fd898eb52152d1264b0cb61d6.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
ea2ad7a1899fa2e07ef0068352a66cf60433cf4fd898eb52152d1264b0cb61d6
-
Size
893KB
-
MD5
83beb8de9babc5f638699db150da07e0
-
SHA1
7f4374a1d364202a70779d17d8242464a2a9ea70
-
SHA256
ea2ad7a1899fa2e07ef0068352a66cf60433cf4fd898eb52152d1264b0cb61d6
-
SHA512
711fcc6dbd4053061b473936a2de4b38a7917fe20cccfb31ce0ed7ec19e25f3d1533f5d56de82a3ba1b33ce961e28130c254111b40cdce256ecc4f11a070efe0
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-