masslogger | e081698c980448c0ce820942a645b89fb0f2b390e404b05c061a1eed37c99ee7 | Triage

Sharing

General

Target

e081698c980448c0ce820942a645b89fb0f2b390e404b05c061a1eed37c99ee7
Size

3.1MB
MD5

c69bef29e31e00acfd9775ce2c1950aa
SHA1

933bc4926e641e9e9329c608f9dec53801cd2eab
SHA256

e081698c980448c0ce820942a645b89fb0f2b390e404b05c061a1eed37c99ee7
SHA512

c9281c5f5d5abb38038205c8c5a57feda742a1ae1806e8d4d9b32de5d33b692408d3610cfc004bf4c1c1aa35d2a7d546d3f13d9ecd9b778be964f88aad188c79
SSDEEP

24576:LTcEYYg1OgELXuY849DW/JRoxNWC/QKSVXLaC/QKSVXL:4wsoVYGoVY

Score

10^/10

masslogger

Malware Config

Signatures

MassLogger Main Payload 1 IoCs

resource	yara_rule
sample	family_masslogger

Masslogger family
masslogger

Files

e081698c980448c0ce820942a645b89fb0f2b390e404b05c061a1eed37c99ee7
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 511KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ