Extracted

Extracted

• • Target

    order.exe

  • Size

    1019KB

  • MD5

    d9db66e37915ab21e28573d7f6bf310e

  • SHA1

    daa966d3d523214c4de2d70e958e3686618800b9

  • SHA256

    9e7e7c7a7cfe618cb154602ed9de8022dea6c07420c0b5361d57c8e2016bb109

  • SHA512

    6fde4ab22e6aa120b80f3f512976a74014758f698560c169d162d3288acb54a2ea39d5d8b5af4e77f67236b687c07d599f5862378c7b10c9084c989c79e1fa32

  • SSDEEP

    24576:1tb20pkaCqT5TBWgNQ7aquX9g1Ffa/6A:mVg5tQ7aqAqm5

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2