Extracted

• • Target

    BANK SLIP.exe

  • Size

    809KB

  • MD5

    20bbb3601fca04cd5c8b094a111805eb

  • SHA1

    be8af1891ecdb1d472499374f2c03e9d8f097a43

  • SHA256

    bc13ffa3b767641ff58d98c8df48167b55c45fb97335b4819c4af8a57af47ff1

  • SHA512

    568968ce44c141e9b4db9b20fff428f62fbedf21bf80d2853347d8a20330f934d23defcc679281221a5660c90849659ae409d1f57f4ef6341cf292e59d794469

  Score

  10^/10

  massloggercollectionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2