masslogger | 716a97ae5f726df99ad56fb45f647d6d8032fb4c6d705c835dd1f85098c09be6 | Triage

Sharing

General

Target

716a97ae5f726df99ad56fb45f647d6d8032fb4c6d705c835dd1f85098c09be6
Size

503KB
MD5

68904125e91e8ac92ea17df65e5ce3ae
SHA1

d3679b4093b1f11eea7853280bd33f632227255a
SHA256

716a97ae5f726df99ad56fb45f647d6d8032fb4c6d705c835dd1f85098c09be6
SHA512

fceb3c787a8e72136d6343085d65e076b1ad526aac4867a67c9b69bdc16f3dafefdbc6c2aa380e0413e2745df92e2f84a095482d52ce86ed7eb75a99e69ec33b
SSDEEP

12288:3dSjIqnFRi//hOotuYxHi+C51b8WV0+byVjwjvDkY/30QAEQ19jvrP4cT:3dS20otT+51b90+buYkY/EQz+

Score

10^/10

masslogger

Malware Config

Signatures

MassLogger Main Payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/Cargo Group México - Solicitud del cliente 00235271-SKBMT-07-17-2020-115-DD3343.exe	family_masslogger

Masslogger family
masslogger

Files

716a97ae5f726df99ad56fb45f647d6d8032fb4c6d705c835dd1f85098c09be6
.rar
Cargo Group México - Solicitud del cliente 00235271-SKBMT-07-17-2020-115-DD3343.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ