Overview

overview

10

Static

static

10

2112-34-0x...ry.exe

windows7-x64

2112-34-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2112-34-0x0000000000480000-0x00000000004C8000-memory.dmp

  • Size

    288KB

  • MD5

    e3a63b24ab67c9e61d253c85f8a3324e

  • SHA1

    c52f02b486fd97c8e64a97676166bc52b4a0e992

  • SHA256

    53d6f834902d4eec04598d77fccf2229c7cf6f460817ea7216779480546bb71b

  • SHA512

    5ade496176dad6364183f403d849b00186f11f2383b802d2d29cf9137a27cbb9d5d1225e88cb3ab8587b63de1960c946f8c636bc8f757c6ecf2f486073ecb39f

  • SSDEEP

    6144:tK0jMsk4ciMA4W+hlEyUaq+YaeQB99PvPdHDYvCA02Xb+YZb:tK0jMsk4ciMA4W+hlEyUaq+YaeQB99Pc

Score
10/10
keyloggerstealervipkeylogger

Malware Config

Extracted

Family

vipkeylogger

C2

https://api.telegram.org/bot7511877228:AAEfdtsXiYLhmN4YbL4GOCHPaqlvykB-alc/sendMessage?chat_id=7534008929

Signatures

  • Vipkeylogger family
    vipkeylogger
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2112-34-0x0000000000480000-0x00000000004C8000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections