Overview

overview

10

Static

static

5

Platba_121...pg.exe

windows7-x64

10

Platba_121...pg.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f0c0c45087d04e89a5c6d449a4e7335fe8a17a73032706c6e993832f5297c8c6.zip

  • Size

    564KB

  • Sample

    241119-2g2fwstqew

  • MD5

    2fd79ca707795ba6594d222adf7c96b3

  • SHA1

    76ea662813269ce496a1c20b5ea6a40ec6eaba1a

  • SHA256

    67d6a5890ba8a43a122c2895431539db43fe18fcd7acaf283b3b362ca1371342

  • SHA512

    2de7594086d9b878c802cecb5d5cd0d95a6573f84773517cf774cc49d34408191a2655d3521aa5bb2fcb16c84c87a7bdcbfdf20a135a71eb7dc0b52d9c937465

  • SSDEEP

    12288:QxYH4K9YcgXzXR1beMZqHYrrkmg5Qc8pEwP5xVqMyyTuBtu8Nxg:Eg4K9YceXRtJQ2HgORP8MLM1g

Score
10/10
vipkeyloggercollectiondiscoverykeyloggerstealer

Malware Config

Extracted

Family

vipkeylogger

Credentials

Targets

    • Target

      Platba_12112024,jpg.exe

    • Size

      985KB

    • MD5

      c283f7231f0afe8e36105ac96d659f9f

    • SHA1

      2b176959f9268fe80f172f04e4f2492ba568d709

    • SHA256

      681fef105d5d7be701a4057aace3dbb1df5d8667b25545d4456fb7f72f37b4ae

    • SHA512

      72662ee410f4830c1c10f40baa381639b1088b81d6280e03a8acd2019376315868af14fcd91d33c7174bfc9ed2604de512ddfbec8ccd8e41831ada4b10fdf1be

    • SSDEEP

      24576:etb20pkaCqT5TBWgNQ7adQpP6EpmbTnXm6A:LVg5tQ7adQpBpmPW5

    Score
    10/10
    vipkeyloggercollectiondiscoverykeyloggerstealer

    • VIPKeylogger

      VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

      stealerkeyloggervipkeylogger

    • Vipkeylogger family

      vipkeylogger

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks