masslogger | bcb30c2233345ccc3769c21dbfdecb20ec43339517204720f310ccfec29fe49a | Triage

Submit
Reports

Overview

overview

Static

static

AUG10TH_.exe

windows7_x64

AUG10TH_.exe

windows10-2004_x64

Sharing

General

Target

bcb30c2233345ccc3769c21dbfdecb20ec43339517204720f310ccfec29fe49a
Size

1.6MB
Sample

220520-3w5brscecp
MD5

3a9069909a170e2a6f90296392facbc0
SHA1

a495b38e28479bebfafe029384aebf62e9e5f04a
SHA256

bcb30c2233345ccc3769c21dbfdecb20ec43339517204720f310ccfec29fe49a
SHA512

cd9d1ae2f40c5383cb2c2c25a23c39aa2984ea77f64fcdce43ea022d89e095393ab917925448f46bbf6548c220dd65ea99795ea738d980e5a578fffde4b67e5c

Score

10^/10

masslogger spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

AUG10TH_.exe

Resource

win7-20220414-en

masslogger spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

AUG10TH_.exe

Resource

win10v2004-20220414-en

masslogger spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  AUG10TH_.EXE
- Size
  
  1.1MB
- MD5
  
  9d1676055eebd75eb7abd7a09528776f
- SHA1
  
  da284df615ccefcf583175ec88ea887fc1d769b2
- SHA256
  
  b045f558a43c37201a204a240bd09b7da12735958ad5c8d317feff0044d132c4
- SHA512
  
  74197863ee985f7e974d794f3038dfe8bb4e1973107e424a06ed801c63b32a4e1fd2dd9be172343b8040bb663eaf5cb04a1b6659fa36b734d07a2e30547fb8fc
Score

10^/10

masslogger spyware stealer
- MassLogger
  Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
  stealer spyware masslogger
- MassLogger Main Payload
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

massloggerspywarestealer

behavioral2

massloggerspywarestealer

© 2018-2024

Terms | Privacy