Extracted

• • Target

    New_Inquiry_080820.exe

  • Size

    1.0MB

  • MD5

    a35f10913241fbf50334b4e1bda3337b

  • SHA1

    4968389dff39ec793557189977772490a652264d

  • SHA256

    3e4bbaedb75ecb1dba42d262fbb6c051d30dddbf7d10ceac4086836b67f1dd3a

  • SHA512

    f04e12a46dbe884575d20c053d39e15594a5dfde89c3a1fb22c0520f21e3ffac7fe81706e62867fbff2b49905ecaba03494267dc26f8925fde177036a419fc0f

  Score

  10^/10

  massloggercollectionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2