General
-
Target
96134c810750cc56e372551f8070f06aee80ae0cc8eeac983502d6b8f66c77df.exe
-
Size
272KB
-
Sample
240928-w8ajlashle
-
MD5
b046211fe3f420a9ceb7663a560ece96
-
SHA1
785a1cff39f2a75cbfffed3d718e9e026b3c80a1
-
SHA256
96134c810750cc56e372551f8070f06aee80ae0cc8eeac983502d6b8f66c77df
-
SHA512
5a0fc701606682de24dfc1b8408b6d7c13205952128b211b9b7ef11a97871f2590d7c705b4032eab6a5661a1295fe4bc8bb58418b68e999e8fdd315009ca7eb3
-
SSDEEP
3072:lL6hDp5qqQjolo+XgVfXACCBc9jKnfL83mwnbItgQ2eXPs0lUY/VgMiObbY:gn5wnb+gWxb
Behavioral task
behavioral1
Sample
96134c810750cc56e372551f8070f06aee80ae0cc8eeac983502d6b8f66c77df.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
96134c810750cc56e372551f8070f06aee80ae0cc8eeac983502d6b8f66c77df.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vipkeylogger
Protocol: smtp- Host:
mail.lamela.si - Port:
587 - Username:
[email protected] - Password:
2014viks5961lamela - Email To:
[email protected]
Targets
-
-
Target
96134c810750cc56e372551f8070f06aee80ae0cc8eeac983502d6b8f66c77df.exe
-
Size
272KB
-
MD5
b046211fe3f420a9ceb7663a560ece96
-
SHA1
785a1cff39f2a75cbfffed3d718e9e026b3c80a1
-
SHA256
96134c810750cc56e372551f8070f06aee80ae0cc8eeac983502d6b8f66c77df
-
SHA512
5a0fc701606682de24dfc1b8408b6d7c13205952128b211b9b7ef11a97871f2590d7c705b4032eab6a5661a1295fe4bc8bb58418b68e999e8fdd315009ca7eb3
-
SSDEEP
3072:lL6hDp5qqQjolo+XgVfXACCBc9jKnfL83mwnbItgQ2eXPs0lUY/VgMiObbY:gn5wnb+gWxb
-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-