General
-
Target
60f58b0bf4822a12719e9021586daaaa9fb8ff9fa14f11323a5108903499e502
-
Size
1.5MB
-
Sample
250109-x5dbra1jfl
-
MD5
ae441dd27c4e87959a5dec0414b822b4
-
SHA1
c81511b544ee038131b5493d7570fa3be4d495fd
-
SHA256
60f58b0bf4822a12719e9021586daaaa9fb8ff9fa14f11323a5108903499e502
-
SHA512
f650a0cb435e09fd7a69a2e831c9a41ab30a895fa11bc5008e6ba30249ec5ec73f56cb14d12837f6e000e63eb6bd3e7b77c16f9dd299250af4cb3b54bd3d1c78
-
SSDEEP
24576:x0QtEHBwGurDs4vBFKkRLF4SeOJv1RIAhjLoamMiX4lNmZg0YxegPbUIDPP:x0Q8NXkKeF4SdjLoyEkmZ9Y14
Malware Config
Targets
-
-
Target
60f58b0bf4822a12719e9021586daaaa9fb8ff9fa14f11323a5108903499e502
-
Size
1.5MB
-
MD5
ae441dd27c4e87959a5dec0414b822b4
-
SHA1
c81511b544ee038131b5493d7570fa3be4d495fd
-
SHA256
60f58b0bf4822a12719e9021586daaaa9fb8ff9fa14f11323a5108903499e502
-
SHA512
f650a0cb435e09fd7a69a2e831c9a41ab30a895fa11bc5008e6ba30249ec5ec73f56cb14d12837f6e000e63eb6bd3e7b77c16f9dd299250af4cb3b54bd3d1c78
-
SSDEEP
24576:x0QtEHBwGurDs4vBFKkRLF4SeOJv1RIAhjLoamMiX4lNmZg0YxegPbUIDPP:x0Q8NXkKeF4SdjLoyEkmZ9Y14
Score10/10-
MassLogger
Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.
-
MassLogger Main payload
-
Masslogger family
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-