Overview

overview

10

Static

static

DHL_20201230,pdf.exe

windows7_x64

10

DHL_20201230,pdf.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ebf5135c3dd58063a9ce4d1b02ac86c459c17c5bdad52dac431e96287e6d2cc5

  • Size

    1.2MB

  • Sample

    220502-3a7j1aeecr

  • MD5

    7571ea1c5c8a43bac69ab0823193e30e

  • SHA1

    bd5728c1c2c8fffb3432d79dab30fdd0d817cdc9

  • SHA256

    ebf5135c3dd58063a9ce4d1b02ac86c459c17c5bdad52dac431e96287e6d2cc5

  • SHA512

    316d6223351c2d8e9a5728c9cbdc88c2041b9fd7c391ece42aed850dbe742de401a0a82ef12fc5c626223cdc883b8ee214422d14fd838a60ac509ef50c166dfc

Score
10/10
massloggerspywarestealer

Malware Config

Targets

    • Target

      DHL_20201230,pdf.exe

    • Size

      1.1MB

    • MD5

      14fe2d5d95ec2fe9d8610f5e16c88428

    • SHA1

      97d20decb09787cbf557207a49b309b31429244c

    • SHA256

      a9a4bd2de434ba7cb210b0e8bc7374db4c6df7e0e94dac78c67f3dc97ddadc4f

    • SHA512

      50096d3b5c84cade3b070e649557313692bd4f89af08aba07582c2ecfb54d0f2da35b98f4ad3ca2c8c072a0cffde8c2ac991bad42e73422327946f617e2ee07b

    Score
    10/10
    massloggerspywarestealer

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger Main Payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks