General
-
Target
2628-31-0x0000000000400000-0x0000000000448000-memory.dmp
-
Size
288KB
-
MD5
719b6e97244820e7c4b768df560082d3
-
SHA1
afbcb35ade65d989342962f7442e17fb52640498
-
SHA256
b04007f70bf423ff167cd01dcc3fb181bc831093dca18cf86faeb13b3784e1d5
-
SHA512
2b1f11b679e5ef9d2c4064d271845e83af5f03f558410cc9a8ccde2d0f6df219df50738eef9584cc3fcc4816b619841c56de5e2182fcbbd150a1d6a193e75fc7
-
SSDEEP
3072:Li8zGMcOGgRcO+X+iS9ScSjSWSYS3VXmNqpxKdks/3pH4nSLD2I07bf5todmiLYM:mVtVud87ehnDo3K6DO7bT+ab
Score
10/10
Malware Config
Extracted
Family
vipkeylogger
C2
https://api.telegram.org/bot7514635603:AAFnm0liZNrDoyZysE6fl63uCfuqFuaKPug/sendMessage?chat_id=5116181161
Signatures
-
Vipkeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2628-31-0x0000000000400000-0x0000000000448000-memory.dmp
Headers
Sections