MassLogger, a .NET credential stealer, is a keylogger and stealer malware. MassLogger’s prime objective is data extraction or information theft, such as bank account and/or credit card details. This malware was published in April 2020 and was offered for a moderate price on underground forums with a few licence choices. It starts with a launcher that employs rudimentary anti-debugging techniques that may be readily bypassed if detected. Eventually, the first stage loader XOR-decrypts the second stage assembly, which then decrypts, loads, and executes the final MassLogger payload.
MassLogger targets a wide range of apps to steal log-in credentials and other sensitive information. It obtains and exfiltrates user credentials from a variety of sources, including Microsoft Outlook, Google Chrome, Mozilla Firefox, and instant messengers.