General
-
Target
0bf69f7afc73a7c64935846dc013f057b99281f67a2fdb14be9a0a9f7805d8ab
-
Size
3.0MB
-
Sample
220521-mh8t2afaaq
-
MD5
17c94115aa1d36c009e7168a547cbb8b
-
SHA1
49c37766bbf6abb46a8e2699bc628b5621e2a290
-
SHA256
0bf69f7afc73a7c64935846dc013f057b99281f67a2fdb14be9a0a9f7805d8ab
-
SHA512
8da3875074f6e8bfbada075fc8c3af513f34f11dd5e533b2678fa8096fdd7ef0f2bcc0855cde18e0bf8bbace44d15a3772c4f381a41a23401a7df79262ce0f6a
Malware Config
Targets
-
-
Target
Company Profile.exe
-
Size
3.4MB
-
MD5
b09ce7efdb241a6dc395ea44cf0e86ac
-
SHA1
ee40b55737d3bbb010514ae32c0d9da5cdc2c529
-
SHA256
0e39910988f4e5f6a89354c7f83321db4ea548d20d5e217480559b308a85ea11
-
SHA512
54805f70714d6d9a8e1640434de9d4f3a0394911b62b1e1d99f481907237897adb6a15408469adf7d2bc29ac940fd181ea0f023547b5b5cfb8ddc4f3b0cec46b
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-