Extracted

Extracted

• • Target

    Repeat Order June InvoiceNew Inquiry.exe

  • Size

    1008KB

  • MD5

    5924b147e462b108f46b4860ac014de1

  • SHA1

    93576ab42760dacb58405a040bb99bf038cb7c58

  • SHA256

    f4bf32943d6b14bf9e025c20f0fb7342982c025ba64b151687a99202091bf2eb

  • SHA512

    38b672d2f8f5dc2accfdb0724d31181c3d33230090c55f2f483a48f14ecc5e815ae8962ef5064a24ee0aa98adf9d485f5a247520a43d99944468c23a8b98ecf4

  Score

  10^/10

  massloggercollectionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2