MassLogger2
MassLogger .NET 2020. QUOTATION REQUEST-DTC-9-PQD-0137.JS 4.4MB max obfuscation. Supply targeting.
Threat Profile
Type
Infostealer
Programming LanguageC#/.NET
C2 ProtocolHTTP/SMTP
First Seen2020
Targets
Kuresel
Purpose / Capabilities
- Credential Stealer+Keylogger
C2 Servers 2
| Address | Port | Protocol | Status | Action |
|---|---|---|---|---|
pentatomid.su
|
443 | HTTPS | INACTIVE | |
resented.su
|
443 | HTTPS | INACTIVE |
⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.
Research Reports (2)
MassLogger -- QUOTATION REQUEST-DTC-9-PQD-0137.JS 4.4MB Şirket Kodu Lure, Max JS Obfuskasyon | Orta
MassLogger 4.4MB QUOTATION REQUEST-DTC-9-PQD-0137.JS DTC sirket kodu PQD-0137 siparis. 3675 string 4.4MB.
Read Report →MassLogger 2 -- rckk8896011.hta 105 String, pentatomid.su + resented.su Sovyet Domainleri | Yüksek
MassLogger2 HTA dropper. pentatomid.su + resented.su (.su Sovyet TLD). 105 string minimal loader.
Read Report →