General
-
Target
7e83dd646c94472644e2b279e426da77217add114289aeb822bc25f77c47e714
-
Size
1.2MB
-
Sample
240925-nn8lwswepe
-
MD5
69d85eebf31a36c0318a2fa2ffe7167d
-
SHA1
53b4426e506bdfdb0ae44d4712d8ae2563c7e249
-
SHA256
7e83dd646c94472644e2b279e426da77217add114289aeb822bc25f77c47e714
-
SHA512
1acebaba4a887d52b951f07e929cd62fae3ebe6a70d2c78db7496ccd8d597b2490bff3d579db8c316f3405d2eff2089695e8b88816df23e8f1daaa73db8695a9
-
SSDEEP
24576:uRmJkcoQricOIQxiZY1iaCtOZzhtMtQainv90gTVSPDm3l0ace:7JZoQrbTFZY1iaC0Z1kFSlbTVSPQz
Static task
static1
Behavioral task
behavioral1
Sample
7e83dd646c94472644e2b279e426da77217add114289aeb822bc25f77c47e714.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
7e83dd646c94472644e2b279e426da77217add114289aeb822bc25f77c47e714.exe
Resource
win10v2004-20240910-en
Malware Config
Extracted
vipkeylogger
Protocol: smtp- Host:
smtp.apport.hu - Port:
587 - Username:
[email protected] - Password:
cHf4Lq4n - Email To:
[email protected]
Targets
-
-
Target
7e83dd646c94472644e2b279e426da77217add114289aeb822bc25f77c47e714
-
Size
1.2MB
-
MD5
69d85eebf31a36c0318a2fa2ffe7167d
-
SHA1
53b4426e506bdfdb0ae44d4712d8ae2563c7e249
-
SHA256
7e83dd646c94472644e2b279e426da77217add114289aeb822bc25f77c47e714
-
SHA512
1acebaba4a887d52b951f07e929cd62fae3ebe6a70d2c78db7496ccd8d597b2490bff3d579db8c316f3405d2eff2089695e8b88816df23e8f1daaa73db8695a9
-
SSDEEP
24576:uRmJkcoQricOIQxiZY1iaCtOZzhtMtQainv90gTVSPDm3l0ace:7JZoQrbTFZY1iaC0Z1kFSlbTVSPQz
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-