General
-
Target
57f9217497b0f8daa668ac390d818618.bin
-
Size
141KB
-
Sample
241112-blrjdatrhn
-
MD5
f1b6f9f8c973e7f3e58b2d2f51c49141
-
SHA1
8e689125cce2f2555c115c5f45f53c51dc012025
-
SHA256
cfa2da64ac2408f23b390241b0d30cfc27bf0c438f7429817ca9484336a73cbc
-
SHA512
68c7aa311575d4f4c6772805de889a8f770541ab8432b4ff856de6ae4582f6c5510410fa998da408e75afbc2a50ec4b0255207c57b8673ce0aa294440d9cdd2f
-
SSDEEP
3072:Rs5AThXSghEMNRtat7x9truCf+rEFPJednmeYsWuv:RXhlWmE7x9NuCWrENJedPYsB
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
a0a8c4d0447fda69b4cddabd2fd98542efe3b1e410186547422e5f8a4fc31c22.exe
-
Size
203KB
-
MD5
57f9217497b0f8daa668ac390d818618
-
SHA1
e31746b3320a8b5198d940325b8f37513286168e
-
SHA256
a0a8c4d0447fda69b4cddabd2fd98542efe3b1e410186547422e5f8a4fc31c22
-
SHA512
ff153be7cbc39c0b9b143652460493e2f947f5ffb5dda29ded558d0c6957ba8a789112079d94c22a1fdc52dcb53841d67a5defe513b8ff8c9061f5de2f0f2b19
-
SSDEEP
3072:dJDKW1LgppLRHMY0TBfJvjcTp5XdAYjb+uF4o8E6cPa7bYL:dJDKW1Lgbdl0TBBvjc/dZf+uH8by4bk
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-