Overview

overview

10

Static

static

5

Company Profile.exe

windows7_x64

10

Company Profile.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e5c902fd23ea9114dd540979a02cd2d9f9165b45759bb7977b2428b6c3101ece

  • Size

    1.7MB

  • Sample

    220520-qnhrksdfg4

  • MD5

    3a984945cfed7bb5775de2353a1299cb

  • SHA1

    6d01e87f910f4eaf4d30f5c6f80821eff9238e5b

  • SHA256

    e5c902fd23ea9114dd540979a02cd2d9f9165b45759bb7977b2428b6c3101ece

  • SHA512

    30efd4096e18f36f0f964dcdc9632155907f3a6e5eb11b2dda36656651d4e5d6efdf8bccb290a825934f7fdc2db56df9e0e14b415eff4e0ee47ccf04a748ff8d

Score
10/10
massloggercollectionspywarestealer

Malware Config

Targets

    • Target

      Company Profile.exe

    • Size

      2.1MB

    • MD5

      c29a529830426b09db4a2e8fabea26d7

    • SHA1

      e533dad57fd624eacc2627afa7d55ca728142e11

    • SHA256

      796be4e7eb4f284e2d1747b4bd8b7b5479a15b00b14c857ac27e40411d6415c8

    • SHA512

      308fd89df7ff1b61b0ec72eb2f108ec5ade4b3886e6258634f9a6237deffaec0e521deac8390fad1438933a42c03d5d4a3819ff817f5d30d12c029d16881c07a

    Score
    10/10
    massloggercollectionspywarestealer

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger Main Payload

    • MassLogger log file

      Detects a log file produced by MassLogger.

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks