General
-
Target
25092024_1210_25092024_Inquiry List.7z
-
Size
887KB
-
Sample
240925-pb8xkaxgkc
-
MD5
00aacebb1309bb2a82de9a8706f86b75
-
SHA1
b4ccfb27909bc6d0937c399d5620de9ec3328401
-
SHA256
f943cb049d650e9be768892b91e02be530367862e7ba40d6ff80c83cb69c38b2
-
SHA512
1ec5f4bc1c4447297c04993cbb32c9820d25d5c9965d454cd38f56495579b2842ff2069a4c3141ebdf27b38d9a2ebf2cb99979f6427627dbb72f37a1be355d35
-
SSDEEP
24576:+U+Q7KyXetctsMLUm4Od23xkW2kNvBMlbqz1:+U19LmMLUewK/kHGY
Static task
static1
Behavioral task
behavioral1
Sample
Inquiry List.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Inquiry List.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vipkeylogger
https://api.telegram.org/bot7204444211:AAHhCv47hRiqEWkkF-hzrMRRq69HpYbFD5Y/sendMessage?chat_id=2065242915
Targets
-
-
Target
Inquiry List.exe
-
Size
1.2MB
-
MD5
bdfe2ec12bd1484da6771e1862f7a7cc
-
SHA1
ffe2ca6d0e9ff913c160b76261f5d55bedf0b278
-
SHA256
1fdaed5b8ab899d562cc02742f56ae5ee1099dbdabda16bc399d07f4de7cf81d
-
SHA512
cca00ddc1c6feb851123582af080217d006d41a03dc96efb86c7f94a1b0714c283835f04c59a612e91128a42d30e9838ee07e73d713de7a8297220d2c3b6dde8
-
SSDEEP
24576:uRmJkcoQricOIQxiZY1iaCTnQUPskpg4c6OOXSp6rDX7a+sG7nx3:7JZoQrbTFZY1iaCTLEENGd6rDX7RsGx
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-