General
-
Target
5a852a3803deadf723a41e97327b014f438772c83af28b6df27f2414c822602c
-
Size
688KB
-
Sample
220521-b2xekafhhr
-
MD5
77da8b6b0d5ebd7cba421db772bc5405
-
SHA1
fdd4b28688cffa4423e2f576b5ed240615db578a
-
SHA256
5a852a3803deadf723a41e97327b014f438772c83af28b6df27f2414c822602c
-
SHA512
39af5a7822c31a7e97e8639770d9f737d45822d857e9c2b145f4cfb3e5d24c9892259eef3ba10570aad7273d1f0d50587bbda9e6e7ae03230eea866d0b0b1f65
Static task
static1
Behavioral task
behavioral1
Sample
Order Specifications.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Order Specifications.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
Order Specifications.exe
-
Size
737KB
-
MD5
1ea58404a64b36f8e367510d6c4d7062
-
SHA1
9590069d7efa8767f8362c7d74a39ffd117c054d
-
SHA256
f17e96a6ff93adedce32a09ce613d3e9bc33bf1a0555a56f3ec5882dee032b15
-
SHA512
57065dc6de25ae00a7d9d3fc0990d5c8f9a2a072363575ef2a334613baefc0703a4bcf618eb8137cf17e90a4e01a847fe62b598a28c1a6958b02548cf95a6c7a
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-