General
-
Target
ae8490c6c9427bfaef29dd7bab221339241856e0004131afae7c177062b7ae46
-
Size
932KB
-
Sample
220329-zws2ysfdel
-
MD5
ab7c077600e9949890c29b246cbeb836
-
SHA1
1ecdbf92f3922bd0c31bc6765eee83b564fe50a5
-
SHA256
ae8490c6c9427bfaef29dd7bab221339241856e0004131afae7c177062b7ae46
-
SHA512
3706f5d95598e9c85f4578dba298491b0ee3a70d8f63165a892baf9d3a0336996b1fee1ea82efbe27c3dc0027c5e2bde58e9019230383e1e92136eb56738a099
Static task
static1
Behavioral task
behavioral1
Sample
ae8490c6c9427bfaef29dd7bab221339241856e0004131afae7c177062b7ae46.exe
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
ae8490c6c9427bfaef29dd7bab221339241856e0004131afae7c177062b7ae46.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
ae8490c6c9427bfaef29dd7bab221339241856e0004131afae7c177062b7ae46
-
Size
932KB
-
MD5
ab7c077600e9949890c29b246cbeb836
-
SHA1
1ecdbf92f3922bd0c31bc6765eee83b564fe50a5
-
SHA256
ae8490c6c9427bfaef29dd7bab221339241856e0004131afae7c177062b7ae46
-
SHA512
3706f5d95598e9c85f4578dba298491b0ee3a70d8f63165a892baf9d3a0336996b1fee1ea82efbe27c3dc0027c5e2bde58e9019230383e1e92136eb56738a099
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-