Extracted

Extracted

Extracted

• • Target

    URGENT ORDER SO 22-2020 WSO-20-03121.exe

  • Size

    1.6MB

  • MD5

    4ce1f0792e5ba318f161fa37ec60d5e3

  • SHA1

    37a5e03a365c50e759a1173386b0090199315527

  • SHA256

    ebcea3b90af00f67983ebb15abec7e46a480818904a74764aab402da08d7b16b

  • SHA512

    4828c14865fc9cc46da9ca83981376286a3fa109dd4ef32c86bc258267c65fac5b37cceecbf434912037af12f0aedb9cf24b6183fcd382e1a755e0e1632a7573

  Score

  10^/10

  massloggercollectionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2