General
-
Target
8db24332a5fab95f955dafe3fcac34cf932d9d0afa6b6d3a2406cc09304171b9
-
Size
1.5MB
-
Sample
241004-kmka5ayepe
-
MD5
4e78f6aefc51d6c727cb3c1e4bf0fb81
-
SHA1
7fa38adc2c202186ff20386b4e2e5243b202b81b
-
SHA256
8db24332a5fab95f955dafe3fcac34cf932d9d0afa6b6d3a2406cc09304171b9
-
SHA512
2a94650ec86f1b96ff39b6c6664c845264795a9277d88c03704d0352af6b0713a92b03ca2dbd02c00891e5993ee8f65e8217259a41e0a181e75e8093840534d8
-
SSDEEP
24576:b062cSEk8zNlLvC3nrOvC/RTXn036CcS2X9+R3qYpsSMZoCM+GjhHBATdI:A6PayQrlRjc6phQ8SM/GvAe
Static task
static1
Behavioral task
behavioral1
Sample
8db24332a5fab95f955dafe3fcac34cf932d9d0afa6b6d3a2406cc09304171b9.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
8db24332a5fab95f955dafe3fcac34cf932d9d0afa6b6d3a2406cc09304171b9.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
8db24332a5fab95f955dafe3fcac34cf932d9d0afa6b6d3a2406cc09304171b9
-
Size
1.5MB
-
MD5
4e78f6aefc51d6c727cb3c1e4bf0fb81
-
SHA1
7fa38adc2c202186ff20386b4e2e5243b202b81b
-
SHA256
8db24332a5fab95f955dafe3fcac34cf932d9d0afa6b6d3a2406cc09304171b9
-
SHA512
2a94650ec86f1b96ff39b6c6664c845264795a9277d88c03704d0352af6b0713a92b03ca2dbd02c00891e5993ee8f65e8217259a41e0a181e75e8093840534d8
-
SSDEEP
24576:b062cSEk8zNlLvC3nrOvC/RTXn036CcS2X9+R3qYpsSMZoCM+GjhHBATdI:A6PayQrlRjc6phQ8SM/GvAe
-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
2