General
-
Target
6e9e3820339794ba98309ccfddbd4f251cc935445d6640b5c9b13a0b12129213
-
Size
697KB
-
Sample
220521-pkkw4aaffr
-
MD5
3f955aafb6ff200f76882102f16c59c8
-
SHA1
1503482ebbbe63005feb5becfabca75fa741f3bf
-
SHA256
6e9e3820339794ba98309ccfddbd4f251cc935445d6640b5c9b13a0b12129213
-
SHA512
7c12dc813815104d04c18cf2f5934141bd26b270f92b5496093de2967919781780f76c425ae39a5e8df59418db843cefbc6ee6bffb53e37cb511f070d4ff1133
Static task
static1
Behavioral task
behavioral1
Sample
Payment Copy.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Payment Copy.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
Payment Copy.exe
-
Size
764KB
-
MD5
c42d141d2a0104b7b725a26fa811da2f
-
SHA1
e0f42094eaabffd36242cc74bf6da042d7d89dc8
-
SHA256
77105623676f77a5ecc6c88d65d0c23793969b03b45d4d24dc11ac706552e504
-
SHA512
ce4226c66103ebce5025616c45ad02e4037f9e00636663dc5c3eccc14bc2128d8de063ea5d8e8cd94d5d359fab364eeade003895a2012f121916524519766e05
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main Payload
-
MassLogger log file
Detects a log file produced by MassLogger.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-