Extracted

Extracted

• • Target

    Product Inquiry.exe

  • Size

    1.1MB

  • MD5

    2e0754487143853f2791b729f2222146

  • SHA1

    acbdf5ae0b8b73d8203f52b1e104205ac39432d6

  • SHA256

    52e864374ebb34727b88f278970946520a53383c0b7e85dbbc664b45329616e3

  • SHA512

    efd821da5ad0170ca4a8efa5c63975cf64c5479524af26849af0d2b77a1aac45c5764d32b34c7c0563e374b90c5e56445cfcb6957c9ff1200e898a6c06d34d8b

  Score

  10^/10

  massloggercollectionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2