Extracted

• • Target

    81982f45f90c69f5fbdf0bb34273a99c1a9d1d8b1b51a307cb4b3dfa829bae62

  • Size

    495KB

  • MD5

    23060ccfc90d21321420bda396ce8f8e

  • SHA1

    69239688b9089a3ba073bf88e0fc60c9bbe0efcc

  • SHA256

    81982f45f90c69f5fbdf0bb34273a99c1a9d1d8b1b51a307cb4b3dfa829bae62

  • SHA512

    a45c413e5cba8e09c7f418af7c74070178c94acea4433ce240c0f8f1d961eab65dd52288a9b7dfbb479080486ba847b661cbcfe39bc9b7a209c91599f6b9424d

  Score

  10^/10

  massloggercollectionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2