General
-
Target
b51aa46feaf11911b980427b7dcb749d154bac7ccdf88b9091dc28a70e428ccc
-
Size
1.2MB
-
Sample
220521-pgekxafcc8
-
MD5
9230815c52d4de6a43e628dceea8f7a8
-
SHA1
35584c720533d632f683ee00960d9b2246b71767
-
SHA256
b51aa46feaf11911b980427b7dcb749d154bac7ccdf88b9091dc28a70e428ccc
-
SHA512
3c7e5e449aa4203c1b11796d9d484663ae51a359dd5342bfca3d697df61dd437e1568b31973f24ddf6f7fb82ce4f5963d69526584d4bf29f56f544f7ff7e2e50
Static task
static1
Behavioral task
behavioral1
Sample
IMG_6190.scr
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
IMG_6190.scr
Resource
win10v2004-20220414-en
Malware Config
Extracted
C:\Users\Admin\AppData\Local\Temp\8236ADF044\Log.txt
masslogger
Targets
-
-
Target
IMG_6190.SCR
-
Size
732KB
-
MD5
471c9316ed12a0bd184ac4b4f58a6c46
-
SHA1
5e94a2f8fdfef1c75298e9b110419c7dc4075bbd
-
SHA256
b1bbfa891537ee3acffe84ec8a7ebd4537170218372be4727d74c6c31ee4a546
-
SHA512
32a3d4b514142f5204dfcb4dba5bfed6b2e177bd950024965a4f51bf9bcb1c617e73a61a28e3665f2e06e23dfe99a0f06e9d22e913db669f77e18934b0c6fe60
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-