General
-
Target
Piraeus Payment 11.11.2024.xxe
-
Size
855KB
-
Sample
241111-m1wx7a1rgn
-
MD5
dbf29413335ccddbfc4bdb23d86e1206
-
SHA1
6f3ce36a81dec73fd2d0f1b8a2afe3b2f8bccd3f
-
SHA256
8036faeb2f086093760e69922e164f15bc4af81c25441251d9dfb2b4c10b6628
-
SHA512
25bf4fa9cd4cbbc7afa68956a1569f307752bb8409b2d675b201f5e9a8208cc845b61cd780e9e8f3d705c1541437939687bb2bb3a25092d157a681b2f46d8b46
-
SSDEEP
24576:wqvBvU4BlYQNAE5n59OjRdbx8Livcnu4T:wqeaYQv55UNdeuev
Static task
static1
Behavioral task
behavioral1
Sample
Piraeus Payment 11.11.2024.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Piraeus Payment 11.11.2024.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
Piraeus Payment 11.11.2024.bat
-
Size
77.0MB
-
MD5
6ec59574b2c103bebf0e1eb8581a7e72
-
SHA1
3e535f051221d7224ba3dc3ed82348b3878229cc
-
SHA256
1156bb4a48995534cffe5910ea49b3bd5b5b50d60721adbfc191af0cce5f1ce6
-
SHA512
4a414429d2b3d785b2fee33e12e6fc9734cf8898a8de2eb838007885759465d4bf25569547c2769eadb07f223a81bd5decc07ff2ee5511d419d2343f6bea2001
-
SSDEEP
24576:65EmXFtKaL4/oFe5T9yyXYfP1ijXdaK9blP/4FmqIMCsFEAaJpSZ:6PVt/LZeJbInQRaK9xP/4VCZp
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-