General
-
Target
6d67841f172d8de051796807bf2e6033_JaffaCakes118
-
Size
935KB
-
Sample
240524-fme9ysec71
-
MD5
6d67841f172d8de051796807bf2e6033
-
SHA1
7589396ddab49161d519fdbc018e0d333a5cb8aa
-
SHA256
f9e01c12da5e8c667b0059cf68860cb8c2de48a327eab5ed7665fdc005c09084
-
SHA512
2d0f05c3ba5f34f3dcaf3dba17c0371bebffc8f0b7edc2adf99c4c3b482ca22ab3fe80a884afad5c861c7074d0ac6895171e6884637f923eaefbd721e5f766e1
-
SSDEEP
24576:OQ42JhAN8yFjYN4MRrMrExEAPQP8suSpa:lJcE4MR+ExEfXG
Static task
static1
Behavioral task
behavioral1
Sample
6d67841f172d8de051796807bf2e6033_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
6d67841f172d8de051796807bf2e6033_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
6d67841f172d8de051796807bf2e6033_JaffaCakes118
-
Size
935KB
-
MD5
6d67841f172d8de051796807bf2e6033
-
SHA1
7589396ddab49161d519fdbc018e0d333a5cb8aa
-
SHA256
f9e01c12da5e8c667b0059cf68860cb8c2de48a327eab5ed7665fdc005c09084
-
SHA512
2d0f05c3ba5f34f3dcaf3dba17c0371bebffc8f0b7edc2adf99c4c3b482ca22ab3fe80a884afad5c861c7074d0ac6895171e6884637f923eaefbd721e5f766e1
-
SSDEEP
24576:OQ42JhAN8yFjYN4MRrMrExEAPQP8suSpa:lJcE4MR+ExEfXG
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-