Overview

overview

10

Static

static

Order 3278526429.exe

windows7_x64

10

Order 3278526429.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    563c39350c4156354c98d94606e264583ab03712afa53f579859a6b5c45c7230

  • Size

    798KB

  • Sample

    220521-nc2n7sdea8

  • MD5

    1329ebbbc1af1cf0fff1a27b0c4e7e44

  • SHA1

    e390644fbc5855062cbceab1b4a1e530f162caa8

  • SHA256

    563c39350c4156354c98d94606e264583ab03712afa53f579859a6b5c45c7230

  • SHA512

    104262aaf30686c7f5e15a9cede703143e85f4d73e02580e7132b995b3d197657ae8dffe1d2d8ec3f2e445053d3787264dd484133102cd2ae22076c441c1852e

Score
10/10
massloggerspywarestealer

Malware Config

Targets

    • Target

      Order 3278526429.exe

    • Size

      838KB

    • MD5

      01ff671b42bdd3445280155368508a36

    • SHA1

      3ea0d6fed3ca6b576561c451bc412e9b7a7edeef

    • SHA256

      e0cb934757cefba44fd4713fc5b5526eb461c0a55c27cb9fd31fca7690e62bc6

    • SHA512

      d9806017b2020e2edda538a7165c2ca330201810dc06e4a432fbf6320355f5ff01693d7ceb620cced3ca8e8e723532b6b9f140f46288017d50e653b16ab5aa78

    Score
    10/10
    massloggerspywarestealer

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger Main Payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks