vipkeylogger | 2360-21-0x0000000000400000-0x0000000000448000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2360-21-0x0000000000400000-0x0000000000448000-memory.dmp
Size

288KB
MD5

b7a5ec720d62835d7d5e83042a0d4b91
SHA1

a219a2afff88797c7928e100c8dffe367cd62e7a
SHA256

839746f8409e124da5833f0b81250d0963db576eb29e81b2d760a2c7da4b1a1b
SHA512

bb58843cb081458452d9f2c0aec753910fd647f1f86e2fd430e9235e88799bcb93c733d39585554c6e204539a9faaaff8cdebf7362c421be1e7db9acfe61f519
SSDEEP

3072:baXETsdsFfluhrdcZXdfvuWUF/z2SLjXU10dKQnVb2QfDs0xZY/VgaiHbbY:jy2ry1nVb2klb

Score

10^/10

keylogger stealer vipkeylogger

Malware Config

Extracted

Family

vipkeylogger

Credentials

Protocol: smtp
Host:
novaoil.top
Port:
587
Username:
[email protected]
Password:
7213575aceACE@
Email To:
[email protected]

Signatures

Vipkeylogger family
vipkeylogger

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2360-21-0x0000000000400000-0x0000000000448000-memory.dmp

Files

2360-21-0x0000000000400000-0x0000000000448000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ