Extracted

• • Target

    TEKLİF TALEP VE FİYAT TEKLİFİ_xlxs.exe

  • Size

    2.8MB

  • MD5

    a012097dacbc27273d62dddca205503e

  • SHA1

    6387735e8184d8ac9ab66e5e90ac224264184301

  • SHA256

    2364e9f61c3f5b1987b9c1d6a65896a43beafbe39743973839769dcc4d9caf7e

  • SHA512

    64069dc6b45a3df63ce4816e9a7ccd21024f6114feee825ff1cfb5d2106e4c88855fe494da8b4c7d009a89bf10b58abdd1832894aad48bc53a47a400ac41a32c

  • SSDEEP

    12288:rgbwCaTjzEnZ6oyz4T9AFfmCN2XNDyHN0MQIE8SRQoPa9TiIDD0:rgbCDKZ61iAP4f8EaFio0

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerspywarestealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2