General

  • Target

    4600-1134-0x0000000000400000-0x0000000000448000-memory.dmp

  • Size

    288KB

  • MD5

    e1d2f5446701e5ead4bd22f353732ce1

  • SHA1

    78972044f37f32289827b505e17f3089c8bc3037

  • SHA256

    58b45b8947918061edb4f8ed1002d7bd7753d8cbae93b8cae55e5510ff314989

  • SHA512

    e4094d14c7e1be41f6c4422da7a7b919091449180fd5c1fdadba4319adb8e26d8a9e8700d613889e7335c324d906418d86b61f8fbd4bf7f3caa7ca2dd00f6348

  • SSDEEP

    3072:5Cg1A5bl2tZVA4FzxX+ns4/3cBXLuSLFJU10dKQnVb2QfDs0xZY/Vgai/bbY:OQLuLy1nVb2kdb

Malware Config

Extracted

Family

vipkeylogger

Credentials

Signatures

  • Vipkeylogger family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4600-1134-0x0000000000400000-0x0000000000448000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections