masslogger | 20dd4b0c600a054cd77d5a393ac9f48e708436de439c0a4a8bac17794ad62b59 | Triage

Submit
Reports

Overview

overview

Static

static

20dd4b0c60...59.exe

windows7_x64

6

20dd4b0c60...59.exe

windows10-2004_x64

Sharing

General

Target

20dd4b0c600a054cd77d5a393ac9f48e708436de439c0a4a8bac17794ad62b59
Size

1.3MB
Sample

220502-sy1fgsagak
MD5

1878ea8aa9def576b7b226155ca0927a
SHA1

57555bd15be5591701dff0bd66602b7973e6d151
SHA256

20dd4b0c600a054cd77d5a393ac9f48e708436de439c0a4a8bac17794ad62b59
SHA512

60748bc6d8b36530953f29afb92a9755d03a1ad5b611ccc23cf5d6466f9e5a292a841b81ca8fac278c3a5cad79f19e4bdb6b813cc9178c803bcbd2ba4339a9ac

Score

10^/10

masslogger persistence spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

20dd4b0c600a054cd77d5a393ac9f48e708436de439c0a4a8bac17794ad62b59.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

20dd4b0c600a054cd77d5a393ac9f48e708436de439c0a4a8bac17794ad62b59.exe

Resource

win10v2004-20220414-en

masslogger persistence spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  20dd4b0c600a054cd77d5a393ac9f48e708436de439c0a4a8bac17794ad62b59
- Size
  
  1.3MB
- MD5
  
  1878ea8aa9def576b7b226155ca0927a
- SHA1
  
  57555bd15be5591701dff0bd66602b7973e6d151
- SHA256
  
  20dd4b0c600a054cd77d5a393ac9f48e708436de439c0a4a8bac17794ad62b59
- SHA512
  
  60748bc6d8b36530953f29afb92a9755d03a1ad5b611ccc23cf5d6466f9e5a292a841b81ca8fac278c3a5cad79f19e4bdb6b813cc9178c803bcbd2ba4339a9ac
Score

10^/10

persistence masslogger spyware stealer
- MassLogger
  Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
  stealer spyware masslogger
- MassLogger Main Payload
- Adds Run key to start application
  persistence
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

massloggerpersistencespywarestealer

© 2018-2024

Terms | Privacy