Overview

overview

10

Static

static

________.exe

windows7-x64

10

________.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20b5902759ebddf562e1b9b04e1019275af3978526fb249243b9da3d075e2f05.zip

  • Size

    995KB

  • Sample

    220905-rs9ljadbb6

  • MD5

    701548815ee1e14ba9b1a216d8759802

  • SHA1

    283d778e23876a244f28bd4b4876f1d4bc40b8d6

  • SHA256

    74481a89a60d1d7d276ee947d68cb4e5cead85fe915ff8a1f1b5bcc56133e79f

  • SHA512

    970b9ed0b63909d08533b19917ccf351d76d4db3441af224999cf5a4e2348b7d27f1e06e7c7658e537572b470df8b030aecddda930ad84479c69d15e2913428a

  • SSDEEP

    24576:1AtBG6Seg05sDpbjgSx+i3yoBxWJh1BISka6mRm:Wt0i5Iloy1B0B5kZmRm

Score
10/10
massloggercollectionspywarestealer

Malware Config

Targets

    • Target

      ________.EXE

    • Size

      1.1MB

    • MD5

      7d0c983da7b462a05e5df149e8a5b167

    • SHA1

      27e97566577614b3d41c9f402e2b6ff4b2cc1c37

    • SHA256

      2de7b732ee9b742f2be5a2ba8bf0cc3a6aadb4513948863a927efecd9324f94c

    • SHA512

      330ca7a3d654c4c76598234cc4cbc156f1a69d124a8e44eec1b92cc98a318814cb488ec7213562a608382933adc56eedb29f0a13e7f24b89eb1346fa6b71b69a

    • SSDEEP

      24576:AvSBaXsjdVZ52Zf/xzqFYCASYzP/hvIizJ2ISt/R9L/Y3K3+MYmhmvk4e5Sn:Av58xX52ZHMFWP/hvIizoIo/7L/Y39M4

    Score
    10/10
    massloggercollectionspywarestealer

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

      stealerspywaremasslogger

    • MassLogger Main payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks