General
-
Target
83d00e235085eda89e4358f3700260657391df716ad8f77c0bcf37f5a7b81d96
-
Size
980KB
-
Sample
220521-pjenpaafaq
-
MD5
fa4e6fad6886ffa5059b6314c5ee4d85
-
SHA1
c3d6e0748c07c28537be7b2702a6423adcfe669e
-
SHA256
83d00e235085eda89e4358f3700260657391df716ad8f77c0bcf37f5a7b81d96
-
SHA512
1ccefadc2ec2d6fd6dd6f883756ed20dd9c080d9235f82a1f4efd0f1be5479a8f689a1a978829ec66987843f5f42099447afe4fa821a5d1ac506597c43e47137
Static task
static1
Behavioral task
behavioral1
Sample
Bank Account.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Bank Account.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
C:\Users\Admin\AppData\Local\79FE0CC911\Log.txt
masslogger
Targets
-
-
Target
Bank Account.exe
-
Size
1.2MB
-
MD5
6776c53886645d953e106936ec046da1
-
SHA1
c2a70eb23ef2e029f400f680a6676a2a638c8e27
-
SHA256
49624f5c771ea1f722d434fe9ddb5985529f67ebb0398ed54f5565ba5e470251
-
SHA512
92eb24e52087c8a2802b25d39840faa02134ac96de85cb910eb1bc25d0ade3007bf6ce11d1f642e8073d7ba042c971d3f9445e6d9018e1bec9a86642ef82f328
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-