Extracted

Extracted

• • Target

    New Order - AM2 PO 90664 (Panda Construction)-2020.pif.exe

  • Size

    964KB

  • MD5

    8f07c62a1e74f64f012b59554a1f321e

  • SHA1

    3a3969e3c350d138beb8f0461369884a03e29ca2

  • SHA256

    1babda8db79c5d785a60d3d2bd721a9cbcab037420c47bcb2bfbfdaad5797124

  • SHA512

    97d646ade99c874ac055c958096827e612f94733a31b76cfd9182ddc96836df803efcf045dc8a8576a5a2ee190d315698c73cfc616dcdad96ced73beb1af4450

  Score

  10^/10

  massloggercollectionransomwarespywarestealer

  • MassLogger

    Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    stealerspywaremasslogger

  • MassLogger log file

    Detects a log file produced by MassLogger.

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2