Overview

overview

10

Static

static

3dfefad046...b6.exe

windows7_x64

10

3dfefad046...b6.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3dfefad046578caa39178500f200621e0b303e1079998f058ecc29e3cf8fd6b6

  • Size

    1.1MB

  • Sample

    220417-rh4brsfefn

  • MD5

    8f24b253707ee062028f4f37bf60d6dd

  • SHA1

    60fa74141d87f491286b2a38b75b3bde0b8ef965

  • SHA256

    3dfefad046578caa39178500f200621e0b303e1079998f058ecc29e3cf8fd6b6

  • SHA512

    7e30fcc74d17f0855befa0f505ef7c1ad87cca390ad26bb3230db817bdf114dbce3bb4a559846756ba5f5bd96e90defa43c56b490bd6d233f9bcd131657eb506

Score
10/10
massloggercollectionspywarestealer

Malware Config

Targets

    • Target

      3dfefad046578caa39178500f200621e0b303e1079998f058ecc29e3cf8fd6b6

    • Size

      1.1MB

    • MD5

      8f24b253707ee062028f4f37bf60d6dd

    • SHA1

      60fa74141d87f491286b2a38b75b3bde0b8ef965

    • SHA256

      3dfefad046578caa39178500f200621e0b303e1079998f058ecc29e3cf8fd6b6

    • SHA512

      7e30fcc74d17f0855befa0f505ef7c1ad87cca390ad26bb3230db817bdf114dbce3bb4a559846756ba5f5bd96e90defa43c56b490bd6d233f9bcd131657eb506

    Score
    10/10
    massloggercollectionspywarestealer

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger Main Payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks