masslogger | 65319ec78c3c672d29c9795c4f1c91285c59879c88701905d214e39f886a488a | Triage

Submit
Reports

Overview

overview

Static

static

Ziraat Ban...ft.exe

windows7_x64

Ziraat Ban...ft.exe

windows10-2004_x64

1

Sharing

General

Target

65319ec78c3c672d29c9795c4f1c91285c59879c88701905d214e39f886a488a
Size

649KB
Sample

220520-29sdpabdgl
MD5

804d2147d392273b8730eb60bb0fa73a
SHA1

6900d334186f03ee53f003686e765c5ff5ac8515
SHA256

65319ec78c3c672d29c9795c4f1c91285c59879c88701905d214e39f886a488a
SHA512

c04cab2d139ba3399b5f004291f5eecaa9ebfb24464c170a685dfc7e8fab023323abb233c14e4a56bd36323ee45dc8b6e155d25f85f05232e13aedaaf4a99d86

Score

10^/10

masslogger spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Ziraat Bankasi Swift.exe

Resource

win7-20220414-en

masslogger spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Ziraat Bankasi Swift.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Ziraat Bankasi Swift.exe
- Size
  
  676KB
- MD5
  
  dc0c0581231219dbd8c51210499ed5f4
- SHA1
  
  0f185c40acced956c10fbad1ee52950b72618db8
- SHA256
  
  1807db4729b2057e9e43ceefc3502ebd7a988e248ede3c56d85f7f5befdafd06
- SHA512
  
  5bcc5849043c7d4b316a621018705cc20f920e0e92ebe3a96f4b997aa2b3fd2f1f2e4796b69737ca5696060f6adbb0ab492be3e66fc0e7a4d5b15cac2e2e8aea
Score

10^/10

masslogger spyware stealer
- MassLogger
  Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
  stealer spyware masslogger
- MassLogger Main Payload
- MassLogger log file
  Detects a log file produced by MassLogger.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

massloggerspywarestealer

behavioral2

© 2018-2024

Terms | Privacy