Overview

overview

10

Static

static

282205512c...00.exe

windows7_x64

10

282205512c...00.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    282205512cc88189b523d3a7dd187ebf548e5771f110acb55ebf507b01f3e600

  • Size

    987KB

  • Sample

    220510-xylpjsgbf5

  • MD5

    0ced1954e108922776299f72f9f753a9

  • SHA1

    7b7a7ad5cdfbdabc75dae2da28f291fef7d85740

  • SHA256

    282205512cc88189b523d3a7dd187ebf548e5771f110acb55ebf507b01f3e600

  • SHA512

    eeca6bbca568c94fd935c1ad6e26fc8f6728737f6443bdfd4f51a9fde72a594595bb7c39ad20eb91881968e9d6de4dc49bebe8bfeaa0796701a5682ce22a70e4

Score
10/10
massloggercollectionspywarestealer

Malware Config

Targets

    • Target

      282205512cc88189b523d3a7dd187ebf548e5771f110acb55ebf507b01f3e600

    • Size

      987KB

    • MD5

      0ced1954e108922776299f72f9f753a9

    • SHA1

      7b7a7ad5cdfbdabc75dae2da28f291fef7d85740

    • SHA256

      282205512cc88189b523d3a7dd187ebf548e5771f110acb55ebf507b01f3e600

    • SHA512

      eeca6bbca568c94fd935c1ad6e26fc8f6728737f6443bdfd4f51a9fde72a594595bb7c39ad20eb91881968e9d6de4dc49bebe8bfeaa0796701a5682ce22a70e4

    Score
    10/10
    massloggercollectionspywarestealer

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger Main Payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks