General
-
Target
ffa42817c278cdaf83d0bbd470fe876bdbb54c0fa60f3623ef40539b46128217
-
Size
558KB
-
Sample
220521-b5jymsgahp
-
MD5
24fdfa72c81c090c67fd43cdafe122f0
-
SHA1
e44bd57ae5ff53f8b67d3685ab5ee5b2182baac7
-
SHA256
ffa42817c278cdaf83d0bbd470fe876bdbb54c0fa60f3623ef40539b46128217
-
SHA512
f3f28cfa3482982431f1472faf58ccc09af483ca9d1ea54c96770171ac7b7f483f88dfe10196be0d975b46b0398cdacdac5250d3cfca9db681ec86ad0cf1eea9
Static task
static1
Behavioral task
behavioral1
Sample
PO0058-02702020.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
PO0058-02702020.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
C:\Users\Admin\AppData\Local\AEF946DCB4\Log.txt
masslogger
Targets
-
-
Target
PO0058-02702020.exe
-
Size
568KB
-
MD5
98701aace2269de8ef0c0f54bb6bd4ed
-
SHA1
b994670a217992d1989b0fc8166a60e726c0d14e
-
SHA256
ae02063e5b0d9b107879b58b227adfe48eae5be7836975405403a6aa03598dcc
-
SHA512
d71fdf62e3b4532936bb0a3665a0101214b4afee7c2be09e28dc8f6c403c626b507bb770ffc0814cc22878e4f49ed51baf730bf9b35e55a21d9020686f4f73b2
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-