General
-
Target
21102024_1414_21102024_Számla_Fizetes_10212024,jpeg.img
-
Size
1.6MB
-
Sample
241021-rkgwjsyejn
-
MD5
ae598cf628b266d302b59d5f064f3d23
-
SHA1
b6af8d22a9be0870d5f57a32a5d7a06685eacb41
-
SHA256
221ed628ba049ebc5eb009564ae118889b14525c4c6c64889f958632be79c74c
-
SHA512
7f794f4ecdf0a4fedfeda4a6088b6c6ecec4cceaeb4b323bc30d9db18e8d70c7a563281f51114147938b95e4aebf950a085c14404a8b53e9eae9cf861397c192
-
SSDEEP
24576:2fmMv6Ckr7Mny5QLkRnPXlu+bBPYFFiQlsBO/iX:23v+7/5QLkRPVu+mFRlV
Static task
static1
Behavioral task
behavioral1
Sample
Számla_Fizetes_10212024,jpeg.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Számla_Fizetes_10212024,jpeg.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
Számla_Fizetes_10212024,jpeg.exe
-
Size
1.1MB
-
MD5
930cee39b4b2316726630447f99c3486
-
SHA1
c488c6bd9da75f012cec38a2dc7b7137d399050e
-
SHA256
1a7d14179fee9ad118c1f41edafeac18beff491c680a97503531fa802d0ef306
-
SHA512
7a3fa1e0fc0c24fefc5b49a9cdf0765a03e13958fb15461823c9c99b96afd4ed33516eab23690152a678c5702c429a5f5e2b69174d6f92d256a1af2ec1d93c69
-
SSDEEP
24576:ffmMv6Ckr7Mny5QLkRnPXlu+bBPYFFiQlsBO/iX3:f3v+7/5QLkRPVu+mFRlVk
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-