masslogger | 2909694b162fb67f8b7d6f01bdb086d23216280a1f84565a13a4406ac46147c3 | Triage

Sharing

General

Target

2909694b162fb67f8b7d6f01bdb086d23216280a1f84565a13a4406ac46147c3
Size

673KB
MD5

2fb78b099edc88207a4dbcfa8b6a44e0
SHA1

4c7a556c5d7373bee762c51c716a548d6f6a4974
SHA256

2909694b162fb67f8b7d6f01bdb086d23216280a1f84565a13a4406ac46147c3
SHA512

01569acb98ebf4aa45b8a79362501d1d6fcb4b7baf29b4b9e9eed1166228b73cc68ffadc83730f2921d836153141eddc9ff8c04d9152512c0943eeca5d68488c
SSDEEP

12288:+6m8uc4Db+8G5nDM+QolDUseygbyCCIC2vwqV6Zm/t+Sg8MJkCSFvlr7:+dcuNoXLgbyCCU/V60gSg8MJXmR

Score

10^/10

masslogger

Malware Config

Signatures

MassLogger Main Payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/doc000643665764.exe	family_masslogger

Masslogger family
masslogger

Files

2909694b162fb67f8b7d6f01bdb086d23216280a1f84565a13a4406ac46147c3
.rar
doc000643665764.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ