General
-
Target
8fe4004f6f7d561acd5cc39434aa1fabe02550618b149555ae338a76c7612168
-
Size
852KB
-
Sample
220329-zxk3qsfdfk
-
MD5
7e1e802d3717ead79b81e6a704ba375d
-
SHA1
76d577b8628197a50ea624c9ffda6afaf42bef56
-
SHA256
8fe4004f6f7d561acd5cc39434aa1fabe02550618b149555ae338a76c7612168
-
SHA512
7a23e6682e33d200abd9136b9e89001ce220dd330ac63fe5d6fc4f1d12ada53f68ad385b37d2752509449684948dc611471c570c5ca3a379de8659c8755574d4
Static task
static1
Behavioral task
behavioral1
Sample
8fe4004f6f7d561acd5cc39434aa1fabe02550618b149555ae338a76c7612168.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
8fe4004f6f7d561acd5cc39434aa1fabe02550618b149555ae338a76c7612168.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
Protocol: smtp- Host:
mail.turkaykalibrasyon.com - Port:
587 - Username:
[email protected] - Password:
Cc_8A46
Targets
-
-
Target
8fe4004f6f7d561acd5cc39434aa1fabe02550618b149555ae338a76c7612168
-
Size
852KB
-
MD5
7e1e802d3717ead79b81e6a704ba375d
-
SHA1
76d577b8628197a50ea624c9ffda6afaf42bef56
-
SHA256
8fe4004f6f7d561acd5cc39434aa1fabe02550618b149555ae338a76c7612168
-
SHA512
7a23e6682e33d200abd9136b9e89001ce220dd330ac63fe5d6fc4f1d12ada53f68ad385b37d2752509449684948dc611471c570c5ca3a379de8659c8755574d4
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-