General
-
Target
26092024_0015_24092024_ERTESITESI TELEX KIADASI DOKUMENTUM,img.img
-
Size
1.7MB
-
Sample
240926-aj1tlayfja
-
MD5
46141a93183b7a457df8b00f93e072f8
-
SHA1
2aeba8559ae582bf7c29e38dd867378b1e235e19
-
SHA256
c51e79ad47c84a5d508658e5b8049be8ef04066bc47d60eb727a72724840a504
-
SHA512
9047c9a12d69500781fee04737ff98dfb46d9f40960c948d4c2d250ffabf2164c69d6ebb3d5983af3000ef95b2261fe8831132c0faba6b9dc8c64a4a5a607c90
-
SSDEEP
24576:eRmJkcoQricOIQxiZY1iaCD4BZQ+qVMroOaAuBjsEVOI/T:LJZoQrbTFZY1iaCMBanMkOaAuBXVHL
Static task
static1
Behavioral task
behavioral1
Sample
ERTESITESI TELEX KIADASI DOKUMENTUM,img.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ERTESITESI TELEX KIADASI DOKUMENTUM,img.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
ERTESITESI TELEX KIADASI DOKUMENTUM,img.exe
-
Size
1.1MB
-
MD5
48d0b9133f73fa13b7693738bc3bb762
-
SHA1
2d16f5d3bb170820fd3e05b3dd11b9fe1f084e63
-
SHA256
4745dacd033d6700d3b78f219c8ad3b3d018519b9b97e099dc75d576e4e62282
-
SHA512
0fc031be30864f1b671c87ffde953031182974e635819a244b754fed1ce752114c2d98f7343f7dd67a92126e0a4235dbc4db8e7fd47fd3f4fa110637480b5587
-
SSDEEP
24576:uRmJkcoQricOIQxiZY1iaCD4BZQ+qVMroOaAuBjsEVOI/TW:7JZoQrbTFZY1iaCMBanMkOaAuBXVHLW
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-