Analysis
-
max time kernel
103s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220718-en -
resource tags
-
submitted
25-07-2022 16:54
General
-
Target
LIST OF PRODUCTS NEEDED.exe
-
Size
1.1MB
-
MD5
af517807c4b6160d07314ba228f333de
-
SHA1
9020081ebc00595e57d5d40a742682f4de0b7671
-
SHA256
e97151ce51e9463bd45ad41571141614fc0ffc8a8cbf2c74f36c20028a769f41
-
SHA512
8647a9336ff7e33b60c7f9903d9214de5842bc195f4460870f9dda8205397ef9aaddf0a371ceb90b280e9b26017e53e0c10422844ce0f30fda14b7dccc310b00
Score
10/10
Malware Config
Signatures
-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main payload 6 IoCs
-
Suspicious use of SetThreadContext 1 IoCs
-
Suspicious use of WriteProcessMemory 16 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\LIST OF PRODUCTS NEEDED.exe"C:\Users\Admin\AppData\Local\Temp\LIST OF PRODUCTS NEEDED.exe"1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"{path}"2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exedw20.exe -x -s 3723⤵
-
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
5.7MB
-
Filesize
5.7MB
-
Filesize
5.7MB
-
Filesize
560KB
-
Filesize
560KB
-
Filesize
560KB
-
Filesize
560KB
-
-
Filesize
560KB
-
Filesize
560KB
-
Filesize
560KB
-
Filesize
5.7MB
-
Filesize
5.7MB
-