onlylogger | 5f465c9a74f35fef4a66cbf336dc90bed8bc8caf7b51a98cb52406942c05a0e8 | Triage

Submit
Reports

Overview

overview

Static

static

5f465c9a74...e8.exe

windows7-x64

5f465c9a74...e8.exe

windows10-2004-x64

Resubmissions

15-09-2022 10:15

220915-maqy9acfh2 10

31-07-2022 17:39

220731-v8mcqaahcr 10

Sharing

General

Target

5f465c9a74f35fef4a66cbf336dc90bed8bc8caf7b51a98cb52406942c05a0e8
Size

362KB
Sample

220915-maqy9acfh2
MD5

8b6f3a6e8d9797093a78f0b85da4a1fc
SHA1

2f8346a3ec3427c5a7681d166501f8f42f620b3b
SHA256

5f465c9a74f35fef4a66cbf336dc90bed8bc8caf7b51a98cb52406942c05a0e8
SHA512

c0ad94faa01f5f3fd67a90df327bd0862243c1f335ccf2582f92867f3c751dfdaf73b7e2d86bd494ca1cc8ba199db7964d61493cd37855a35acbfe0256d2f7ef
SSDEEP

6144:jMBqR7GNXx/qukHSTS4pkUSRE8UgYULy/1q5sU5AtatTFqX7tNfVXVHQLIiu8c:j4gGNBOyfpnmaDd2shQfwZGEX8c

Score

10^/10

onlylogger loader

Static task

static1

Behavioral task

behavioral1

Sample

5f465c9a74f35fef4a66cbf336dc90bed8bc8caf7b51a98cb52406942c05a0e8.exe

Resource

win7-20220812-en

onlylogger loader

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

5f465c9a74f35fef4a66cbf336dc90bed8bc8caf7b51a98cb52406942c05a0e8.exe

Resource

win10v2004-20220901-en

onlylogger loader

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  5f465c9a74f35fef4a66cbf336dc90bed8bc8caf7b51a98cb52406942c05a0e8
- Size
  
  362KB
- MD5
  
  8b6f3a6e8d9797093a78f0b85da4a1fc
- SHA1
  
  2f8346a3ec3427c5a7681d166501f8f42f620b3b
- SHA256
  
  5f465c9a74f35fef4a66cbf336dc90bed8bc8caf7b51a98cb52406942c05a0e8
- SHA512
  
  c0ad94faa01f5f3fd67a90df327bd0862243c1f335ccf2582f92867f3c751dfdaf73b7e2d86bd494ca1cc8ba199db7964d61493cd37855a35acbfe0256d2f7ef
- SSDEEP
  
  6144:jMBqR7GNXx/qukHSTS4pkUSRE8UgYULy/1q5sU5AtatTFqX7tNfVXVHQLIiu8c:j4gGNBOyfpnmaDd2shQfwZGEX8c
Score

10^/10

onlylogger loader
- OnlyLogger
  A tiny loader that uses IPLogger to get its payload.
  loader onlylogger
- OnlyLogger payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

onlyloggerloader

behavioral2

onlyloggerloader

© 2018-2024

Terms | Privacy