Extracted

• • Target

    b5a624393544e6cb76dab6d34e0699d4f9b4155dce61ee9e3530f564841a0a96.exe

  • Size

    1.1MB

  • MD5

    62831f52ad3aaa48bef7b40bf80f4661

  • SHA1

    1927fec87ab542d634df33893f7c1c37bff36269

  • SHA256

    b5a624393544e6cb76dab6d34e0699d4f9b4155dce61ee9e3530f564841a0a96

  • SHA512

    d73fcf7822a3dd865f5c11edef718fff3023e700444cb8cb8be8196a783a24c69f6ab43cf4a5d31cc16356fa99c179bbd6794982566cd1a0e5ecc0e9bd1b3a79

  • SSDEEP

    24576:mqDEvCTbMWu7rQYlBQcBiT6rprG8aI8A9rCd7A:mTvC/MTQYxsWR7aI/rCd

  Score

  10^/10

  vipkeyloggercollectioncredential_accessdiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2