vipkeylogger

General

Target

clipper.exe
Size

1.4MB
Sample

241031-lv3ywatrf1
MD5

69621150c72b902cf4d966cb4b30263b
SHA1

9411161dccba43c16eca1e793f9b0f7cc83743be
SHA256

e01593fcbd4a14921318b1db7407896eba1e221322cd0b112bc608f1ccf1cefe
SHA512

eb36366424cbdfc22b47fc9ce3488514aa79221759459d59e061ac8b7e91c23c64741bb4a85fc5efef842a7c6ddfc648fbf43a1a738a03d1d0d2db032f59e9bc
SSDEEP

24576:gqDEvCTbMWu7rQYlBQcBiT6rprG8ag5mZ8iiaQoNXTkhvmnJKKA9nUbeYj:gTvC/MTQYxsWR7ag58oTdhNKMUi

Score

10^/10

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
mail.asesoriategueste.com
Port:
587
Username:
[email protected]
Password:
2[K9AW)mvDqL

Extracted

Family

vipkeylogger

Targets

- Target
  
  clipper.exe
- Size
  
  1.4MB
- MD5
  
  69621150c72b902cf4d966cb4b30263b
- SHA1
  
  9411161dccba43c16eca1e793f9b0f7cc83743be
- SHA256
  
  e01593fcbd4a14921318b1db7407896eba1e221322cd0b112bc608f1ccf1cefe
- SHA512
  
  eb36366424cbdfc22b47fc9ce3488514aa79221759459d59e061ac8b7e91c23c64741bb4a85fc5efef842a7c6ddfc648fbf43a1a738a03d1d0d2db032f59e9bc
- SSDEEP
  
  24576:gqDEvCTbMWu7rQYlBQcBiT6rprG8ag5mZ8iiaQoNXTkhvmnJKKA9nUbeYj:gTvC/MTQYxsWR7ag58oTdhNKMUi
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

1

T1217

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Email Collection

1

T1114

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Vipkeylogger family

Accesses Microsoft Outlook profiles

Looks up external IP address via web service

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2