masslogger | 7555d64904a5d2c9cd8489c031afe9b095b1db27d2ac3664e23f25824018407e | Triage

Submit
Reports

Overview

overview

Static

static

3

2c2e13aa2a...00.exe

windows7-x64

2c2e13aa2a...00.exe

windows10-2004-x64

Sharing

General

Target

2c2e13aa2a4cd620cbdc6c7aff908100
Size

1.1MB
Sample

231231-hkk4jahfbl
MD5

2c2e13aa2a4cd620cbdc6c7aff908100
SHA1

4e837ccf0c4ba614989b96b95b002d516ddf4517
SHA256

7555d64904a5d2c9cd8489c031afe9b095b1db27d2ac3664e23f25824018407e
SHA512

36c26058ed94a7d737d1e53581355ddc67d9f698e88f315922e1d543593f7e7d6bf0ce126363cb8800d64c97e2fd72be33a38f0e8c3f32758635e9f60fada26a
SSDEEP

24576:RDvlsb133PqjTWnxdAHPcp1YprUlMegz:lvuBnPqjTWkHUpk46e

Score

10^/10

masslogger zgrat rat spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2c2e13aa2a4cd620cbdc6c7aff908100.exe

Resource

win7-20231215-en

masslogger zgrat rat spyware stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2c2e13aa2a4cd620cbdc6c7aff908100.exe

Resource

win10v2004-20231215-en

masslogger zgrat rat spyware stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  2c2e13aa2a4cd620cbdc6c7aff908100
- Size
  
  1.1MB
- MD5
  
  2c2e13aa2a4cd620cbdc6c7aff908100
- SHA1
  
  4e837ccf0c4ba614989b96b95b002d516ddf4517
- SHA256
  
  7555d64904a5d2c9cd8489c031afe9b095b1db27d2ac3664e23f25824018407e
- SHA512
  
  36c26058ed94a7d737d1e53581355ddc67d9f698e88f315922e1d543593f7e7d6bf0ce126363cb8800d64c97e2fd72be33a38f0e8c3f32758635e9f60fada26a
- SSDEEP
  
  24576:RDvlsb133PqjTWnxdAHPcp1YprUlMegz:lvuBnPqjTWkHUpk46e
Score

10^/10

masslogger zgrat rat spyware stealer
- Detect ZGRat V1
- MassLogger
  Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
  stealer spyware masslogger
- MassLogger Main payload
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

massloggerzgratratspywarestealer

behavioral2

massloggerzgratratspywarestealer

© 2018-2024

Terms | Privacy