General
-
Target
2e64b7c47771b17fe9d0c8b1619f1c4e53bc65401c041e1ee61e5c5467f0a1dd
-
Size
1.7MB
-
Sample
220417-sfe2tsbee8
-
MD5
1d71397705e96c58b6536d6d5e737dae
-
SHA1
5196351ef03dbc0597e8f01662e1ad9627e57832
-
SHA256
2e64b7c47771b17fe9d0c8b1619f1c4e53bc65401c041e1ee61e5c5467f0a1dd
-
SHA512
10427f445bcbd03ae4f132dd4760058b56d64ca7ed1edd5f1277b587bb01e3c22aa6d74d3aa0be60c737a3c69770b0cb2972d933a4c550b80b40ec72929cf193
Malware Config
Targets
-
-
Target
2e64b7c47771b17fe9d0c8b1619f1c4e53bc65401c041e1ee61e5c5467f0a1dd
-
Size
1.7MB
-
MD5
1d71397705e96c58b6536d6d5e737dae
-
SHA1
5196351ef03dbc0597e8f01662e1ad9627e57832
-
SHA256
2e64b7c47771b17fe9d0c8b1619f1c4e53bc65401c041e1ee61e5c5467f0a1dd
-
SHA512
10427f445bcbd03ae4f132dd4760058b56d64ca7ed1edd5f1277b587bb01e3c22aa6d74d3aa0be60c737a3c69770b0cb2972d933a4c550b80b40ec72929cf193
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-