General
-
Target
22102024_1612_22102024_Zahlung.img
-
Size
1.6MB
-
Sample
241022-tngq3awapm
-
MD5
8b48b893e09ce1222442c07ff7043ffb
-
SHA1
a5a7c061c843929240ba2d70a8b8a287a60b083a
-
SHA256
e23e3900231348d1bf90979e0287d78cc34f53b513fb46f2410391548c9b7dac
-
SHA512
a6bb1e79858ba474fc9836f4640764b57e528245118d277426d06b055eb22a910b2a868dd7f9976ac22166430d2f3296d0644dcee02364dabc4ba379706f13fe
-
SSDEEP
12288:ELkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLNy7DEv/EE8l5HhqvtY9rzS+6iGNev1:6fmMv6Ckr7Mny5QL93Mdqv4re+6u
Static task
static1
Behavioral task
behavioral1
Sample
Zahlung,jpg.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
Zahlung,jpg.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
Zahlung,jpg.exe
-
Size
1.1MB
-
MD5
3416c390fb272a17a1c1a796411c5afe
-
SHA1
a9b9134c22add2a45732e8886f439b2d7ef28942
-
SHA256
f3024f40a06568ae85fb111a6f93923437951b6720f84f8a06c1ce9d21af5c83
-
SHA512
f0d364223f65788b2584fd2dc83c0e04d16f9d60b3d911853914a46401ad6621952568d2d97075f4989a2524f9b1d71ac37cb7b897b32a671ac233f4a66e4214
-
SSDEEP
12288:rLkcoxg7v3qnC11ErwIhh0F4qwUgUny5QLNy7DEv/EE8l5HhqvtY9rzS+6iGNevT:ffmMv6Ckr7Mny5QL93Mdqv4re+6ut
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-