masslogger | ff49433d67b8d8ffb6c3757b20b3baf4f45399ec3560876ef4f819b0aae6c194 | Triage

Sharing

General

Target

ff49433d67b8d8ffb6c3757b20b3baf4f45399ec3560876ef4f819b0aae6c194
Size

554KB
MD5

5ce17b50e448c0949b5d9fd4f511ee34
SHA1

1654097ab0aed9c4adccbb9bce8bd16b596c59ad
SHA256

ff49433d67b8d8ffb6c3757b20b3baf4f45399ec3560876ef4f819b0aae6c194
SHA512

c2eae8a677e15b2021b327a4f9c53b3556f087b412c8f764b75ff1cdcf3ece76396af9b36a54c1556ad2179f572028b1a3bb4526682d0fb45a2d405f5bdfe54a
SSDEEP

12288:b1JJNpoEQMmLuWdxHGglirIg9/fFJO2BBIgtWK+lmCGN4ZTkmuzClcwVyh1H:bNoEQ3lHFgZfFjBgnlm8ZTkKl7yh1H

Score

10^/10

masslogger

Malware Config

Signatures

MassLogger Main Payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/PO 7405591, 7756947 ,7756740.exe	family_masslogger

Masslogger family
masslogger

Files

ff49433d67b8d8ffb6c3757b20b3baf4f45399ec3560876ef4f819b0aae6c194
.rar
PO 7405591, 7756947 ,7756740.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ