Extracted

Extracted

• • Target

    file.exe

  • Size

    765KB

  • MD5

    2254eea10e2cb5e29c09bf28170c2e69

  • SHA1

    566257811fb1b9b99304933b10b49c74e7038bbf

  • SHA256

    de083ffcc44c047fbf9a4938aca158f47045b9ee3ce98ce7b24202422fca3396

  • SHA512

    136237a1f634f32bde0048ef5be59b88a3f356b7ede4493f03e0a67ba1324e9e9223a02fec52695e7db8cfe5e02211d87d8bf0550a51d1b1837b2bba67f39562

  Score

  10^/10

  massloggercollectionevasionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger Main Payload

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Modifies visibility of file extensions in Explorer

    evasion

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2