General

  • Target

    5684-1093-0x0000000000400000-0x0000000000448000-memory.dmp

  • Size

    288KB

  • MD5

    49d9f57fd1122339c335749c5d573b94

  • SHA1

    a2ec9bba69df5b3af81a5c1bd24eeff22767e10f

  • SHA256

    481185422af382b289ecddbabc4181167fa9dcb7833dbb5dde9b47341de63a3d

  • SHA512

    c4e22e1acaee46fd1dd8ab728ec9b60c87e9124f1e5de4b313cac267c6bc203a8cd8103cf2e4ba8c65639b85fff7d848ca8472dfb06d63d5fe06aa3bba17313c

  • SSDEEP

    3072:qaXETsdsFfluhrdcZXdfvuWUF/z2SLjXU10dKQnVb2QfDs0xZY/VgaiHbbY:Iy2ry1nVb2klb

Malware Config

Extracted

Family

vipkeylogger

Credentials

Signatures

  • Vipkeylogger family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5684-1093-0x0000000000400000-0x0000000000448000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections