General
-
Target
cd9cf87a8caec51defc040a90f55bf9cdab2c59abe1c21d9608d6cd680bfd9c9.exe
-
Size
1.2MB
-
Sample
240820-vwq55syakm
-
MD5
6d555abb7f2915424b92b0b797edbe46
-
SHA1
92b23c3f0390766e375dc25bd3671e99c2ad2b96
-
SHA256
cd9cf87a8caec51defc040a90f55bf9cdab2c59abe1c21d9608d6cd680bfd9c9
-
SHA512
8ef94aaff5f8ceebe78d82fff7fbaa24785ddd31c8baf988c7b97c2697ba1098f4f729e91ee6976b26b2032a978eb808609cb42d2dc76d83c4d210a41d9a3a50
-
SSDEEP
24576:2qDEvCTbMWu7rQYlBQcBiT6rprG8aJh1pL0xx3Wrways:2TvC/MTQYxsWR7aJpgtWr
Static task
static1
Behavioral task
behavioral1
Sample
cd9cf87a8caec51defc040a90f55bf9cdab2c59abe1c21d9608d6cd680bfd9c9.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
cd9cf87a8caec51defc040a90f55bf9cdab2c59abe1c21d9608d6cd680bfd9c9.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
cd9cf87a8caec51defc040a90f55bf9cdab2c59abe1c21d9608d6cd680bfd9c9.exe
-
Size
1.2MB
-
MD5
6d555abb7f2915424b92b0b797edbe46
-
SHA1
92b23c3f0390766e375dc25bd3671e99c2ad2b96
-
SHA256
cd9cf87a8caec51defc040a90f55bf9cdab2c59abe1c21d9608d6cd680bfd9c9
-
SHA512
8ef94aaff5f8ceebe78d82fff7fbaa24785ddd31c8baf988c7b97c2697ba1098f4f729e91ee6976b26b2032a978eb808609cb42d2dc76d83c4d210a41d9a3a50
-
SSDEEP
24576:2qDEvCTbMWu7rQYlBQcBiT6rprG8aJh1pL0xx3Wrways:2TvC/MTQYxsWR7aJpgtWr
-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-