General
-
Target
1108-42-0x0000000000700000-0x0000000000748000-memory.dmp
-
Size
288KB
-
MD5
f55c2ffb48fbe2501279d570c42113b0
-
SHA1
871994deafde2947d6e5c1dea48f6f1f5158703a
-
SHA256
52532a389804ecd39cde9ad6b598596b0428df4d0e534e1396a955ec078fed84
-
SHA512
95cf39c6ede8ea69b5b2209afbb0f267d9f541ed44e4cf5d4a8c4f8cbbe88478a792ce399e5870cfd8c0b8d59c283389e965bfc4f864cad12ce11ef7e20ce099
-
SSDEEP
3072:uiZ9iDVnQeTfJBTbo79XXvZ+uN34h5OyTicKXe1Jnub2nfDmiLXY/KBg4izbbY:cr4MK2nub2NEb
Score
10/10
Malware Config
Extracted
Family
vipkeylogger
C2
https://api.telegram.org/bot7315318214:AAHbW_8qzp1k_NeIC5gT45-OC58Jt1N6o4Y/sendMessage?chat_id=5080229442
Signatures
-
Vipkeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1108-42-0x0000000000700000-0x0000000000748000-memory.dmp
Headers
Sections