vipkeylogger | 6c6df909a12aa572bc7f7ba7a1274503a8f3860fec5223f08017e51f2d2fb9a5 | Triage

Submit
Reports

Overview

overview

Static

static

5

FIZETESI.EXE.exe

windows7-x64

FIZETESI.EXE.exe

windows10-2004-x64

Sharing

General

Target

FIZETESI.EXE.exe
Size

1.0MB
Sample

241113-l3xrtszdkf
MD5

11cb76a19262b6b580ac914cc91a162a
SHA1

3b7c7012c38632f4e5c8e44665ed8fce5c71d42d
SHA256

6c6df909a12aa572bc7f7ba7a1274503a8f3860fec5223f08017e51f2d2fb9a5
SHA512

c71388dc7ca7f4e9a0a1cecf6ea6f28fadd4a7682fe455408365824eb8a2c702813eb72917372c8b655b8be0b9d565dbde81fb1ae565fc2f8cc8550e26af96ad
SSDEEP

24576:2tb20pkaCqT5TBWgNQ7aCleJBY0Agl6A:jVg5tQ7aCkZ5

Score

10^/10

vipkeylogger collection discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

FIZETESI.EXE.exe

Resource

win7-20240903-en

vipkeylogger collection discovery keylogger stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

FIZETESI.EXE.exe

Resource

win10v2004-20241007-en

vipkeylogger collection discovery keylogger stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

vipkeylogger

Targets

- Target
  
  FIZETESI.EXE.exe
- Size
  
  1.0MB
- MD5
  
  11cb76a19262b6b580ac914cc91a162a
- SHA1
  
  3b7c7012c38632f4e5c8e44665ed8fce5c71d42d
- SHA256
  
  6c6df909a12aa572bc7f7ba7a1274503a8f3860fec5223f08017e51f2d2fb9a5
- SHA512
  
  c71388dc7ca7f4e9a0a1cecf6ea6f28fadd4a7682fe455408365824eb8a2c702813eb72917372c8b655b8be0b9d565dbde81fb1ae565fc2f8cc8550e26af96ad
- SSDEEP
  
  24576:2tb20pkaCqT5TBWgNQ7aCleJBY0Agl6A:jVg5tQ7aCkZ5
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggercollectiondiscoverykeyloggerstealer

behavioral2

vipkeyloggercollectiondiscoverykeyloggerstealer

© 2018-2024

Terms | Privacy