General
-
Target
7f4a8817194c0e03846857fb54f2cf04b111543f05f73640cf45c8c56434dcd8
-
Size
932KB
-
Sample
220329-zxqcfsfdfm
-
MD5
59cc035bd968177e257f3a0047799adb
-
SHA1
905dda03a92afe482f00285cc391d3a637b8e40e
-
SHA256
7f4a8817194c0e03846857fb54f2cf04b111543f05f73640cf45c8c56434dcd8
-
SHA512
84c0d67eb27f660563e4e01701349605bfc5de2380fa2ecad9c65a53e6f4125d91070970d94b48a56ed54da1548c4f251c3957a0979a5b60890943db992c33e1
Static task
static1
Behavioral task
behavioral1
Sample
7f4a8817194c0e03846857fb54f2cf04b111543f05f73640cf45c8c56434dcd8.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
7f4a8817194c0e03846857fb54f2cf04b111543f05f73640cf45c8c56434dcd8.exe
Resource
win10v2004-20220310-en
Malware Config
Targets
-
-
Target
7f4a8817194c0e03846857fb54f2cf04b111543f05f73640cf45c8c56434dcd8
-
Size
932KB
-
MD5
59cc035bd968177e257f3a0047799adb
-
SHA1
905dda03a92afe482f00285cc391d3a637b8e40e
-
SHA256
7f4a8817194c0e03846857fb54f2cf04b111543f05f73640cf45c8c56434dcd8
-
SHA512
84c0d67eb27f660563e4e01701349605bfc5de2380fa2ecad9c65a53e6f4125d91070970d94b48a56ed54da1548c4f251c3957a0979a5b60890943db992c33e1
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-