General
-
Target
24099762P2024091901KYRQA.exe
-
Size
1.2MB
-
Sample
240924-lm7xvsshpg
-
MD5
aa6fe985cad16a72f80f8ff5d23d35cf
-
SHA1
afbf1713a312efaa5bae37c5763818a801cfb195
-
SHA256
941a189bd84102c13255835bb2f4df77d9cb126be4e54faa179b9de469375fbe
-
SHA512
7fc269ccb157021f8510821ef6c362a7f71cb61fd4080328fd9844f33df9b93c2ddecb5953c5fbad727452aa4db2a668477686c62cb9f9a97fbd517040164f70
-
SSDEEP
24576:uRmJkcoQricOIQxiZY1iaCuZqjQv3xtliBJo748j+emS+gbw:7JZoQrbTFZY1iaCuZ5Dlino7BT+gE
Static task
static1
Behavioral task
behavioral1
Sample
24099762P2024091901KYRQA.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
24099762P2024091901KYRQA.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
24099762P2024091901KYRQA.exe
-
Size
1.2MB
-
MD5
aa6fe985cad16a72f80f8ff5d23d35cf
-
SHA1
afbf1713a312efaa5bae37c5763818a801cfb195
-
SHA256
941a189bd84102c13255835bb2f4df77d9cb126be4e54faa179b9de469375fbe
-
SHA512
7fc269ccb157021f8510821ef6c362a7f71cb61fd4080328fd9844f33df9b93c2ddecb5953c5fbad727452aa4db2a668477686c62cb9f9a97fbd517040164f70
-
SSDEEP
24576:uRmJkcoQricOIQxiZY1iaCuZqjQv3xtliBJo748j+emS+gbw:7JZoQrbTFZY1iaCuZ5Dlino7BT+gE
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-