vipkeylogger | 28945cd90b6a5cfa6279d0c2ad30a4bbc474d2229e9278f89514c31eef494812 | Triage

Submit
Reports

Overview

overview

Static

static

5

Fizetes_12...pg.exe

windows7-x64

Fizetes_12...pg.exe

windows10-2004-x64

Sharing

General

Target

12112024_1612_12112024_Fizetes_12112024.jpg.img
Size

1.3MB
Sample

241112-tnksqavnft
MD5

4db8c5c81375c61af94b312c7cc791e3
SHA1

9b4eaf7cd323601dfaf69e6730c07b95502ba2b3
SHA256

28945cd90b6a5cfa6279d0c2ad30a4bbc474d2229e9278f89514c31eef494812
SHA512

05195d84bdede1f1f7bc400f56ad20250a2efc9c665f7f32024fd8320de4763e20f0ef833fda215b4212db9f56b642b7a53b55e9b5a1b5c0041f76c339a20bd8
SSDEEP

12288:dhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4aCZxHrPKIawhJ:rRmJkcoQricOIQxiZY1iaCZxHriIawf

Score

10^/10

vipkeylogger discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Fizetes_12112024,jpg.exe

Resource

win7-20240903-en

vipkeylogger discovery keylogger stealer

windows7-x64

11 signatures

300 seconds

Behavioral task

behavioral2

Sample

Fizetes_12112024,jpg.exe

Resource

win10v2004-20241007-en

vipkeylogger discovery keylogger stealer

windows10-2004-x64

11 signatures

300 seconds

Malware Config

Extracted

Family

vipkeylogger

Credentials

Protocol: smtp
Host:
mail.vagautocenter.nl
Port:
587
Username:
[email protected]
Password:
[email protected]
Email To:
[email protected]

Targets

- Target
  
  Fizetes_12112024,jpg.exe
- Size
  
  777KB
- MD5
  
  82c3c2e621b2d98aceaa55163a9ae667
- SHA1
  
  2d84e77fe03a7977d32630af0a5dcc8fe011b916
- SHA256
  
  d7408be59e5c5ab5c3259aac689ec3be62f54b43b111cec6310efcf666571fa1
- SHA512
  
  65c847fab147ee188c1b012a58770b1284cdbd45e7710b8edc17fb4c451691fc4bfdf5b3ea8eb3a189fd4b78654336cf5851e9d8ec31c518a6ef3eef8aae83d9
- SSDEEP
  
  12288:ehkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4aCZxHrPKIawhJk:uRmJkcoQricOIQxiZY1iaCZxHriIawfk
Score

10^/10

vipkeylogger discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggerdiscoverykeyloggerstealer

behavioral2

vipkeyloggerdiscoverykeyloggerstealer

© 2018-2024

Terms | Privacy