vipkeylogger | c381b6f26f45ce883db9092253c178dd6be9690aa9afa6d3f9fc6aed140827db | Triage

Submit
Reports

Overview

overview

Static

static

3

682f2d80ff...51.exe

windows7-x64

682f2d80ff...51.exe

windows10-2004-x64

Sharing

General

Target

e3089a51cb8e5ea6a8b180929d7035df.bin
Size

619KB
Sample

241117-b7glasyclb
MD5

3cf71ab17de20c7623681e22d0fef033
SHA1

2a62ee58b02a05c4c72fb10cfbb7e2244258673e
SHA256

c381b6f26f45ce883db9092253c178dd6be9690aa9afa6d3f9fc6aed140827db
SHA512

ecb283913faa8f7944da1dab6bdaa03bca726833ba41d966a0315f0e7304718804d72dee89a54342477f83c9a31b2671e279fbbf3e1e78e59d430e5e3b04213d
SSDEEP

12288:U2TO3jBRSMN03mY2QHnFEtSM9Os5V/4Pxhv6q3:8jBDN03mY2/kD6G

Score

10^/10

vipkeylogger collection discovery keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

682f2d80ff4ce0051e4f69035c89f9b30e7fc019aead7dd4c2f02b4fa2583851.exe

Resource

win7-20241010-en

vipkeylogger collection discovery keylogger stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

682f2d80ff4ce0051e4f69035c89f9b30e7fc019aead7dd4c2f02b4fa2583851.exe

Resource

win10v2004-20241007-en

vipkeylogger collection discovery keylogger stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

vipkeylogger

Credentials

Protocol: smtp
Host:
mail.tonicables.top
Port:
587
Username:
[email protected]
Password:
7213575aceACE@@
Email To:
[email protected]

Targets

- Target
  
  682f2d80ff4ce0051e4f69035c89f9b30e7fc019aead7dd4c2f02b4fa2583851.exe
- Size
  
  3.2MB
- MD5
  
  e3089a51cb8e5ea6a8b180929d7035df
- SHA1
  
  48af8061347ba332ef963fd776b4740bc0b5e89c
- SHA256
  
  682f2d80ff4ce0051e4f69035c89f9b30e7fc019aead7dd4c2f02b4fa2583851
- SHA512
  
  186f6f8272a4899d14fce91f48f574c7fa57fd8ccddbdb438128b390931bc120c9bcf1b66ddda6c60b6a618a676837477ba132e9cda1508f7665e32c54e257d9
- SSDEEP
  
  24576:JIpiKqbfBJCX29z/MUXtDUcBNNXdA1Dql+mcnwHN4zd:SpiKqbfBJYa5tDUo7XSol+mcnwtad
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggercollectiondiscoverykeyloggerstealer

behavioral2

vipkeyloggercollectiondiscoverykeyloggerstealer

© 2018-2024

Terms | Privacy