General
-
Target
7d83c6ac6e7997ac11249aadd8316ce23a684c40a92f17779eeae6de4ba6b27c
-
Size
643KB
-
Sample
220521-c5z6asfae5
-
MD5
9dd80a03e0d25e730278064cf06fbba8
-
SHA1
a56cf5411781a4428b5ab2e95627f466c83d0655
-
SHA256
7d83c6ac6e7997ac11249aadd8316ce23a684c40a92f17779eeae6de4ba6b27c
-
SHA512
3638c7a82220e6f18c64a958686a9a555c4afe274c1dd0d3802786a2a47c51d3bb2fcdabe3f4610bebdfd795c3a0b89d5ce499ea0908b2089c094637734248e9
Static task
static1
Behavioral task
behavioral1
Sample
ಪಾವತಿ ದೃ mation ೀಕರಣ ಸ್ಲಿಪ್ 07-24-20.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ಪಾವತಿ ದೃ mation ೀಕರಣ ಸ್ಲಿಪ್ 07-24-20.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
C:\Users\Admin\AppData\Local\3B8E3C2477\Log.txt
masslogger
Extracted
C:\Users\Admin\AppData\Local\0F48153F20\Log.txt
masslogger
Targets
-
-
Target
ಪಾವತಿ ದೃ mation ೀಕರಣ ಸ್ಲಿಪ್ 07-24-20.exe
-
Size
750KB
-
MD5
0cb1ad8b32445eda194bf68aefd5f552
-
SHA1
4769df1335acbd13772622e503b7d751e029d659
-
SHA256
498155d460f7ffca4cd623b8de192d06298e3886700652db36e447739176104f
-
SHA512
1b5145938bbcdd27fe88bc30c066d0766fbe07fc4d241acb9d1d45890ce40bae877b1c083660e792f0699aa3855b91093105b77b4c6dcd2c303a440753e272e7
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-