General
-
Target
15185d2fc8f7baf088775337282f05afacd8976142a0a9b7205452521697c977
-
Size
813KB
-
Sample
220503-zml72sfabn
-
MD5
6963f0ed76bf70c527be02d0ac6b6cae
-
SHA1
7ec56d5930858e9896a92b8aaeb76fb0bdd78ca2
-
SHA256
15185d2fc8f7baf088775337282f05afacd8976142a0a9b7205452521697c977
-
SHA512
33648f476359c75e2ba367dcf5d56f2da8a9b6190b4af1c7a57fe24f1f01255fdd72166412edef489bcc894978fcd3dadfc941237913db4a13a81b06514babc1
Static task
static1
Behavioral task
behavioral1
Sample
PURCHASE -ORDER.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
PURCHASE -ORDER.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
PURCHASE -ORDER.exe
-
Size
1.4MB
-
MD5
951ee81181e3409f6a76859b6b9e7ba1
-
SHA1
84af12a9a02fb549a54243bef77baee696e83571
-
SHA256
d18f27370f8ee9d89c588980241ef2757a4a5d6cc70a357c7a45fae186c7e84b
-
SHA512
bf0bc795bb3127e1d97284093324c45b228424b61df996382deca63be469bd5848bf348e70acb1ede40251668a98bef50067d74ea99cca70ae06d7f1946231a9
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-