vipkeylogger | 516aab17b323ffdf53c58f6994996c75e8f4adec9228738dd028214e66a23569 | Triage

Submit
Reports

Overview

overview

Static

static

5

516aab17b3...69.exe

windows7-x64

516aab17b3...69.exe

windows10-2004-x64

Sharing

General

Target

516aab17b323ffdf53c58f6994996c75e8f4adec9228738dd028214e66a23569.exe
Size

1.2MB
Sample

241106-c4t8natfmk
MD5

ffec9c9515faec6b4847647f37a6a48d
SHA1

0fb40accfcb8a52f642dce7859bf84be6f558537
SHA256

516aab17b323ffdf53c58f6994996c75e8f4adec9228738dd028214e66a23569
SHA512

eb8960dee79a5800d33115151733c90dd9283a9e5d929ebc998cc414a64e00efc68d928c36cc30f6574c3753bd4ae7fb2e89723ebc0824ed88b23f84eb147b18
SSDEEP

24576:ffmMv6Ckr7Mny5QL3id2ew/YxFlrK1fO9iD2bpEfkW:f3v+7/5QL3iMvFZD2b6kW

Score

10^/10

vipkeylogger collection discovery evasion keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

516aab17b323ffdf53c58f6994996c75e8f4adec9228738dd028214e66a23569.exe

Resource

win7-20241023-en

vipkeylogger collection discovery evasion keylogger stealer

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

516aab17b323ffdf53c58f6994996c75e8f4adec9228738dd028214e66a23569.exe

Resource

win10v2004-20241007-en

vipkeylogger collection discovery evasion keylogger stealer

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Extracted

Family

vipkeylogger

Targets

- Target
  
  516aab17b323ffdf53c58f6994996c75e8f4adec9228738dd028214e66a23569.exe
- Size
  
  1.2MB
- MD5
  
  ffec9c9515faec6b4847647f37a6a48d
- SHA1
  
  0fb40accfcb8a52f642dce7859bf84be6f558537
- SHA256
  
  516aab17b323ffdf53c58f6994996c75e8f4adec9228738dd028214e66a23569
- SHA512
  
  eb8960dee79a5800d33115151733c90dd9283a9e5d929ebc998cc414a64e00efc68d928c36cc30f6574c3753bd4ae7fb2e89723ebc0824ed88b23f84eb147b18
- SSDEEP
  
  24576:ffmMv6Ckr7Mny5QL3id2ew/YxFlrK1fO9iD2bpEfkW:f3v+7/5QL3iMvFZD2b6kW
Score

10^/10

vipkeylogger collection discovery evasion keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Disables Task Manager via registry modification
  evasion
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggercollectiondiscoveryevasionkeyloggerstealer

behavioral2

vipkeyloggercollectiondiscoveryevasionkeyloggerstealer

© 2018-2025

Terms | Privacy