a310logger

General

Target

2fa857766a51190a35c523d1e668c419
Size

597KB
Sample

231231-kqzvzseeh8
MD5

2fa857766a51190a35c523d1e668c419
SHA1

a03a3e40fea2601e2b745b6d111d8b50384f1bd5
SHA256

32635c5f985aa62687009145f91b4523b781bea2faa94f7864d2ff16ab0a14ef
SHA512

3c54fd2dcfce7e412b8fe2bf328b7feb22dc2eabc24b14040255b7844280c0b4e5d9860c3e244fd90e5702b51454a406039bfd4edd245ee0f530eac4ed191556
SSDEEP

12288:pjxXyjFxBYSk/XE+DF7ruopsW+grfBecYSDE5JVKV6m9E1/E:pjlyZxBAXdZ75CgEcfDE5kKdE

Score

10^/10

Malware Config

Targets

- Target
  
  2fa857766a51190a35c523d1e668c419
- Size
  
  597KB
- MD5
  
  2fa857766a51190a35c523d1e668c419
- SHA1
  
  a03a3e40fea2601e2b745b6d111d8b50384f1bd5
- SHA256
  
  32635c5f985aa62687009145f91b4523b781bea2faa94f7864d2ff16ab0a14ef
- SHA512
  
  3c54fd2dcfce7e412b8fe2bf328b7feb22dc2eabc24b14040255b7844280c0b4e5d9860c3e244fd90e5702b51454a406039bfd4edd245ee0f530eac4ed191556
- SSDEEP
  
  12288:pjxXyjFxBYSk/XE+DF7ruopsW+grfBecYSDE5JVKV6m9E1/E:pjlyZxBAXdZ75CgEcfDE5kKdE
Score

10^/10

a310logger stormkitty zgrat collection rat spyware stealer
- A310logger
  A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
  stealer spyware a310logger
- Detect ZGRat V1
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- A310logger Executable
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Looks up geolocation information via web service
  Uses a legitimate geolocation service to find the infected system's geolocation info.
- Suspicious use of SetThreadContext
behavioral1 behavioral2