Extracted

• • Target

    605b7741ac2b49f6bb8208cfbc05c8fb4a1b4580ffb9020434e331e5e7073439

  • Size

    905KB

  • MD5

    58ef6f6ebdb7e8f707722520cd3b2cc6

  • SHA1

    ddd10f149e601b0fb8211e92c899cde17806a113

  • SHA256

    605b7741ac2b49f6bb8208cfbc05c8fb4a1b4580ffb9020434e331e5e7073439

  • SHA512

    2021cce903598eb734667a72c37948197a88880d99b5237e08f19dcf282dea3b669e6e1b1d68874db2ec3d2d2bbbb9ac8bfac77fc9775701bba3527366f9ef54

  • SSDEEP

    24576:uRmJkcoQricOIQxiZY1iaC3sbkmfWGNiMm:7JZoQrbTFZY1iaCWTiMm

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2