General
-
Target
941121ee86aedcd5b3b86c677255924913b1acdccf452159423636c210415776N
-
Size
863KB
-
Sample
240929-3zm7na1clf
-
MD5
6ffcb918dafd0d182bae33bc38b57450
-
SHA1
3844e713119415723708482e774abad7e6ff1ce0
-
SHA256
941121ee86aedcd5b3b86c677255924913b1acdccf452159423636c210415776
-
SHA512
701864001b8559aafce2e084ebfac803e017bdd2fb18a7501d9914ad62fc9f4f18c1821dcd01b0644d80fd54d40bf63eb88ebd84b83e7f3384d9f8c1e563e4f1
-
SSDEEP
24576:2goxlaIGgVNZKAf0FtWMT6DJpPtDFAX6W:2goxlasAq0FtWMT6FpPVFAX
Static task
static1
Behavioral task
behavioral1
Sample
941121ee86aedcd5b3b86c677255924913b1acdccf452159423636c210415776N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
941121ee86aedcd5b3b86c677255924913b1acdccf452159423636c210415776N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vipkeylogger
https://api.telegram.org/bot7544728067:AAGLwA_euDB2noK3pr6iG8sF_66AjA8Mb9c/sendMessage?chat_id=6055880871
Targets
-
-
Target
941121ee86aedcd5b3b86c677255924913b1acdccf452159423636c210415776N
-
Size
863KB
-
MD5
6ffcb918dafd0d182bae33bc38b57450
-
SHA1
3844e713119415723708482e774abad7e6ff1ce0
-
SHA256
941121ee86aedcd5b3b86c677255924913b1acdccf452159423636c210415776
-
SHA512
701864001b8559aafce2e084ebfac803e017bdd2fb18a7501d9914ad62fc9f4f18c1821dcd01b0644d80fd54d40bf63eb88ebd84b83e7f3384d9f8c1e563e4f1
-
SSDEEP
24576:2goxlaIGgVNZKAf0FtWMT6DJpPtDFAX6W:2goxlasAq0FtWMT6FpPVFAX
-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-