General
-
Target
malw.exe
-
Size
1.2MB
-
Sample
241004-pqyp5sybqe
-
MD5
5d50b68936da569ae7e46a4a6399661f
-
SHA1
e6c65e55c1b8e00a28d73a9adc87b7c91bab13a2
-
SHA256
ca1570ad60f3cd90794acb930a674b5cb584e2e59a9a048a2a9e0f3733667cee
-
SHA512
7b49db1cd0b94434dd9bf7f78cca036324dbd51729df34fb5e01b0e38dafedb5fd5af479d42595d0d800ed33f6125c72b085b0d4e6421a2a65164da2961c36a0
-
SSDEEP
24576:WfmMv6Ckr7Mny5QEGquoFvgfx2D14XhmpYLaEvR/e6dN:W3v+7/5QEGqEkDKhB1RGeN
Static task
static1
Behavioral task
behavioral1
Sample
malw.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
malw.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
malw.exe
-
Size
1.2MB
-
MD5
5d50b68936da569ae7e46a4a6399661f
-
SHA1
e6c65e55c1b8e00a28d73a9adc87b7c91bab13a2
-
SHA256
ca1570ad60f3cd90794acb930a674b5cb584e2e59a9a048a2a9e0f3733667cee
-
SHA512
7b49db1cd0b94434dd9bf7f78cca036324dbd51729df34fb5e01b0e38dafedb5fd5af479d42595d0d800ed33f6125c72b085b0d4e6421a2a65164da2961c36a0
-
SSDEEP
24576:WfmMv6Ckr7Mny5QEGquoFvgfx2D14XhmpYLaEvR/e6dN:W3v+7/5QEGqEkDKhB1RGeN
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-