General
-
Target
976a2bda95a3dcd8242ff06a2d4368d3ad26156e077abcc5a3e71b6a0832942c
-
Size
1.2MB
-
Sample
220329-y3janaehdl
-
MD5
72c63bcd20411f6cf9d6da2894727a94
-
SHA1
b576850ab8ba689d8329a4cb99646a48db3be869
-
SHA256
976a2bda95a3dcd8242ff06a2d4368d3ad26156e077abcc5a3e71b6a0832942c
-
SHA512
ccc5c36f7e2167410be82c6c6847e5bf8805dcba95edaa17ad021dc83ad383c0af8e45fcf363dcc6a1a578623ed013d6bd95ad9629cca33459c5a7f892317c09
Static task
static1
Behavioral task
behavioral1
Sample
976a2bda95a3dcd8242ff06a2d4368d3ad26156e077abcc5a3e71b6a0832942c.exe
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
976a2bda95a3dcd8242ff06a2d4368d3ad26156e077abcc5a3e71b6a0832942c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
976a2bda95a3dcd8242ff06a2d4368d3ad26156e077abcc5a3e71b6a0832942c
-
Size
1.2MB
-
MD5
72c63bcd20411f6cf9d6da2894727a94
-
SHA1
b576850ab8ba689d8329a4cb99646a48db3be869
-
SHA256
976a2bda95a3dcd8242ff06a2d4368d3ad26156e077abcc5a3e71b6a0832942c
-
SHA512
ccc5c36f7e2167410be82c6c6847e5bf8805dcba95edaa17ad021dc83ad383c0af8e45fcf363dcc6a1a578623ed013d6bd95ad9629cca33459c5a7f892317c09
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-