General
-
Target
C0R102410T20883910.eml
-
Size
2.2MB
-
Sample
241022-fkxq8aydlh
-
MD5
de2cc1826ccfca33a2c14233143eadab
-
SHA1
ea4bbaa9fc6acba05aa0a9fc7f64084e9adcc83a
-
SHA256
fd31fd4c408513f03ec0a24ec323a470d8efdc046e38cd45bc0a7ec88e084a7d
-
SHA512
045b35fb32ad7bcf1c16bb04ecd306fce5c627f885c8ff59e5ab9d0d400b4477bf7e6047b524049d97635b01d984a81955d915d4872d9417666240b1d69d550d
-
SSDEEP
24576:EVC1jZixZZsGP+zbIU9ixa80ChBCfYT4d4SAjHpSseAycWVvk2kp+Rq:f0xzCsa80aBCfuhSTAycyc5/
Static task
static1
Behavioral task
behavioral1
Sample
Zahlung,jpg.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Zahlung,jpg.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
Zahlung,jpg.exe
-
Size
1.1MB
-
MD5
3416c390fb272a17a1c1a796411c5afe
-
SHA1
a9b9134c22add2a45732e8886f439b2d7ef28942
-
SHA256
f3024f40a06568ae85fb111a6f93923437951b6720f84f8a06c1ce9d21af5c83
-
SHA512
f0d364223f65788b2584fd2dc83c0e04d16f9d60b3d911853914a46401ad6621952568d2d97075f4989a2524f9b1d71ac37cb7b897b32a671ac233f4a66e4214
-
SSDEEP
12288:rLkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLNy7DEv/EE8l5HhqvtY9rzS+6iGNevT:ffmMv6Ckr7Mny5QL93Mdqv4re+6ut
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-