General
-
Target
6e95aadb90487e5aeb5082adef9daa2befdf49dfb0eb021422c66501d8018182
-
Size
802KB
-
Sample
220521-dadjgsfcd8
-
MD5
9b18c0bb167da3f915b1487450605852
-
SHA1
925c8cc95f5b6854adc799df14a6f6859873a7ad
-
SHA256
6e95aadb90487e5aeb5082adef9daa2befdf49dfb0eb021422c66501d8018182
-
SHA512
3f368d374255a21cd525a0d03f90406f74c6f2de4d9f3de7d561176be1103acb6f1bb3447263b1138b6912c7003a190aad9f6c1b356602acdc84b2c2ff4c1a02
Static task
static1
Behavioral task
behavioral1
Sample
RE QUATATION 3456765.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
RE QUATATION 3456765.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
RE QUATATION 3456765.exe
-
Size
844KB
-
MD5
94b5d1e0347081440bf95c6e1a5a26e8
-
SHA1
5e945849f712f7a565a1c75d1d2e58eeff39775d
-
SHA256
846f306ccd5e9d610aa3bb92817e08e123cc6be01c4771cdcad518130770c9dd
-
SHA512
04d85dd2a93b3c9894d2c7e861910e507fdab0147556854eaa74f329d40e448d525e2eec9d106204a8dec8d951457a469a38a2a4b61c9cc7a133d46639bafdef
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-