vipkeylogger | 2708-41-0x0000000000820000-0x0000000000862000-memory[.]dmp | Triage

Sharing

General

Target

2708-41-0x0000000000820000-0x0000000000862000-memory.dmp
Size

264KB
MD5

6e5488cc25c2b60d7156d984e8288aa1
SHA1

b4456ea7a99999a9c49b2e5e905827430558c7c1
SHA256

89b08f8f4b951a1443821231adb03d1459654ccd14717034567abe281f711382
SHA512

441e774c6b826b2919f2c47ce493d330d07eef820392e0ead59fa5a1275a394d0fc4b89e255d84d0e3f1be18ac2c2f99f62b61ed51f9537ac62c8ec3ddc7c68c
SSDEEP

3072:EKhzLCjBSJKK50lXYIf7X/YFM6bqnfLtJaRn4/AqtbykA0fSs09ZYTVgSKpbbY:6HjA4/5bw0fi9b

Score

10^/10

keylogger stealer vipkeylogger

Malware Config

Extracted

Family

vipkeylogger

Credentials

Protocol: smtp
Host:
mail.mmppf.com
Port:
587
Username:
[email protected]
Password:
Alm@AlMunif#2024
Email To:
[email protected]

Signatures

Vipkeylogger family
vipkeylogger

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2708-41-0x0000000000820000-0x0000000000862000-memory.dmp

Files

2708-41-0x0000000000820000-0x0000000000862000-memory.dmp
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ