Extracted

Extracted

• • Target

    PO7883.pdf.exe

  • Size

    1.1MB

  • MD5

    ada5beecde7f9234cfea4e0654758f9e

  • SHA1

    6d9679f46a29b18d3caadb9217b0fa1790c42578

  • SHA256

    391bd050efa8e5d02a1d1a5bb174374efce434f2457fdb0ca4c26f92341e4fa5

  • SHA512

    eca76675eb7411c129891ad2dcc87e9b65a67a15fe0d75856737e7bd4d5ebb5b56ffb4836d31764e2663b34e06600a04642c84fec1e6ea2207443d1704eeeee9

  Score

  10^/10

  massloggercollectionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2