Extracted

Extracted

• • Target

    Invoice.exe

  • Size

    1.7MB

  • MD5

    27244ec2d586c58bd0736d193bb03eec

  • SHA1

    14a9307801788e9e88f37fb5f605964dcb27841b

  • SHA256

    72bc51445d960d638c96f46057b76b5200ed88009ef44d767e870e56d7c562aa

  • SHA512

    4613189752782b46903da10aa76657b52c249514b59459447be65b17ab3147d26a370663e3f829fc6b4e06bb46a01262adac4283ce6f41f99e531820628908e1

  Score

  10^/10

  massloggercollectionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger Main Payload

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2