vipkeylogger | 7ffba279d6f47ed76230be9dc7baae15b923dc09ba48f738d01e9beab32e9a58 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

5

7ffba279d6...58.exe

windows7-x64

7ffba279d6...58.exe

windows10-2004-x64

3

Sharing

General

Target

7ffba279d6f47ed76230be9dc7baae15b923dc09ba48f738d01e9beab32e9a58.exe
Size

1.2MB
Sample

241010-njfqbazfqk
MD5

3ebef42f57673d6b260644654522b053
SHA1

b63d68467a9be1260af9685b71eb8b54680e85d6
SHA256

7ffba279d6f47ed76230be9dc7baae15b923dc09ba48f738d01e9beab32e9a58
SHA512

72d25c34f67f5a291855c1602a8293dfbe02544605703630908f7a087a0eddbba1e31c8566e87c59b5b50863bcd5f5b0803d04d362c9716efda16984fbdee7d5
SSDEEP

24576:ffmMv6Ckr7Mny5QLhVzGODNZaxNZ7fA+oED:f3v+7/5QLhVKAKtAtED

Score

10^/10

vipkeylogger collection discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

7ffba279d6f47ed76230be9dc7baae15b923dc09ba48f738d01e9beab32e9a58.exe

Resource

win7-20241010-en

vipkeylogger collection discovery keylogger stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

7ffba279d6f47ed76230be9dc7baae15b923dc09ba48f738d01e9beab32e9a58.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

vipkeylogger

Targets

- Target
  
  7ffba279d6f47ed76230be9dc7baae15b923dc09ba48f738d01e9beab32e9a58.exe
- Size
  
  1.2MB
- MD5
  
  3ebef42f57673d6b260644654522b053
- SHA1
  
  b63d68467a9be1260af9685b71eb8b54680e85d6
- SHA256
  
  7ffba279d6f47ed76230be9dc7baae15b923dc09ba48f738d01e9beab32e9a58
- SHA512
  
  72d25c34f67f5a291855c1602a8293dfbe02544605703630908f7a087a0eddbba1e31c8566e87c59b5b50863bcd5f5b0803d04d362c9716efda16984fbdee7d5
- SSDEEP
  
  24576:ffmMv6Ckr7Mny5QLhVzGODNZaxNZ7fA+oED:f3v+7/5QLhVKAKtAtED
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggercollectiondiscoverykeyloggerstealer

behavioral2

© 2018-2025

Terms | Privacy