Extracted

Extracted

• • Target

    BGT74 NEW89.exe

  • Size

    947KB

  • MD5

    a2aa936eae36cd8eeb3615d8b822d4f8

  • SHA1

    fa03548c6a865c400f1765c5eb7867c1b4e89ba3

  • SHA256

    e9ca08e9192adcb0c65eae06bbc2ba1439b2615aeefee53a7cb26f15d691c071

  • SHA512

    66a57365ff1a83d6c19103f9b0f758cad5af0f0920eae10947feaeca4a67f9be4ab940f994f8b37e840efcfeccd16c282413bd3aa7f117706869b079720418ff

  Score

  10^/10

  massloggercollectionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2