General
-
Target
hesaphareketi01.exe
-
Size
1.6MB
-
Sample
240924-ns52kawhpc
-
MD5
33f9a52ed3ffb50b8521c8aa32937ffa
-
SHA1
74352bdb82ea54b118490eb2cde06a7270498e92
-
SHA256
cca0cb633f134cf902a00fbf802fe7a6cca46f5ce480b992218247b1f489062c
-
SHA512
13e6766120cefee771625f5a96a7539cd27c9bda27df32ce3069c15c7600ec0a7e609f5214fd92f49e9434144ee2e440e1b3fa5842f6b72856c74faa3a2bead6
-
SSDEEP
12288:QEOAC89LW3M1M6VwLVgHhLIqVnBJDcU+SQb+wCbDEXQSiftT8LkaoRRhDOM:QEOSBeK1wkhnVnHCSQS3EgSGwLkaoRbZ
Static task
static1
Behavioral task
behavioral1
Sample
hesaphareketi01.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
hesaphareketi01.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
hesaphareketi01.exe
-
Size
1.6MB
-
MD5
33f9a52ed3ffb50b8521c8aa32937ffa
-
SHA1
74352bdb82ea54b118490eb2cde06a7270498e92
-
SHA256
cca0cb633f134cf902a00fbf802fe7a6cca46f5ce480b992218247b1f489062c
-
SHA512
13e6766120cefee771625f5a96a7539cd27c9bda27df32ce3069c15c7600ec0a7e609f5214fd92f49e9434144ee2e440e1b3fa5842f6b72856c74faa3a2bead6
-
SSDEEP
12288:QEOAC89LW3M1M6VwLVgHhLIqVnBJDcU+SQb+wCbDEXQSiftT8LkaoRRhDOM:QEOSBeK1wkhnVnHCSQS3EgSGwLkaoRbZ
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-