masslogger | f2be44e262dc6ebde4e66e916b3f67ade1e7845cdb10d1316e93aad3f9aca3b8 | Triage

Sharing

General

Target

f2be44e262dc6ebde4e66e916b3f67ade1e7845cdb10d1316e93aad3f9aca3b8
Size

706KB
MD5

58c63ceccb03aadca95c7bc0c4935e65
SHA1

6e7409e27860e229cc022e49202ca819fe0ebe61
SHA256

f2be44e262dc6ebde4e66e916b3f67ade1e7845cdb10d1316e93aad3f9aca3b8
SHA512

25f02e5235aafdf38144bba06ace6fa39082edc67bbf27ef2ea9d059d823cdcf1a4cf0adb9e4a64a80f94d43b5a55a30e8d6cf69a032d3f397249ab91b1427d2
SSDEEP

12288:FYtIj+8Kc91ET9YBsmORgRBy7eWWolI+KAXQ7ukC9Y3PKtabudHEr9UE:FY2jDbMlfR+BySWWolIeCqkKta8fE

Score

10^/10

masslogger

Malware Config

Signatures

MassLogger Main Payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/Invoice.exe	family_masslogger

Masslogger family
masslogger

Files

f2be44e262dc6ebde4e66e916b3f67ade1e7845cdb10d1316e93aad3f9aca3b8
.zip
Invoice.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ