masslogger | 422f3b1774d6e486dcf3243ab8bd4b5a898e74d166c6a085174d4691177a4810 | Triage

Sharing

General

Target

422f3b1774d6e486dcf3243ab8bd4b5a898e74d166c6a085174d4691177a4810
Size

1.5MB
MD5

cf27e337a9d16df3db80e87ad9eb32c9
SHA1

9dad4990845987bb59d6de330239aa1d74705765
SHA256

422f3b1774d6e486dcf3243ab8bd4b5a898e74d166c6a085174d4691177a4810
SHA512

b4c688053bb41b147f5efd40f0a369263c46aba511c2cb33ab3b590216bba77e5263a7abd9956438eb9f9869713a11bcf3fdca54b6c27f776237d41c3c1ab223
SSDEEP

12288:oOGS86VEt6RWOvZqUraAGBCyLF1JZ+VJTPA1m/An2SDLKz35DEIIo9v1:6S86NnRaAGBCyUVJjUKy2SDWz35

Score

10^/10

masslogger

Malware Config

Signatures

MassLogger Main Payload 1 IoCs

resource	yara_rule
sample	family_masslogger

Masslogger family
masslogger

Files

422f3b1774d6e486dcf3243ab8bd4b5a898e74d166c6a085174d4691177a4810
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ