General
-
Target
fd6057305a1a096c3f51272fb2e9a82b5de02272bf529a68a15e49cba7b1ce3c
-
Size
932KB
-
Sample
220329-zvjf5afdcn
-
MD5
c86f8521b25bc90981ba532e4857eb74
-
SHA1
ef5d5d2c80e6af6e7ffb3f65ed9fe62832386b75
-
SHA256
fd6057305a1a096c3f51272fb2e9a82b5de02272bf529a68a15e49cba7b1ce3c
-
SHA512
e372b2d06c929060bc157569727e9e3420d92dead880d0c46f08cf28a3a458b8572e1423a12476f89b5a4f9cfa4bae7058d32341f18fb916527979279c79fc52
Static task
static1
Behavioral task
behavioral1
Sample
fd6057305a1a096c3f51272fb2e9a82b5de02272bf529a68a15e49cba7b1ce3c.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
fd6057305a1a096c3f51272fb2e9a82b5de02272bf529a68a15e49cba7b1ce3c.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
fd6057305a1a096c3f51272fb2e9a82b5de02272bf529a68a15e49cba7b1ce3c
-
Size
932KB
-
MD5
c86f8521b25bc90981ba532e4857eb74
-
SHA1
ef5d5d2c80e6af6e7ffb3f65ed9fe62832386b75
-
SHA256
fd6057305a1a096c3f51272fb2e9a82b5de02272bf529a68a15e49cba7b1ce3c
-
SHA512
e372b2d06c929060bc157569727e9e3420d92dead880d0c46f08cf28a3a458b8572e1423a12476f89b5a4f9cfa4bae7058d32341f18fb916527979279c79fc52
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-