vipkeylogger | 65eb2e3cd44c92afba76a1847b4ec063eaf72b62ccfc420d3563e394dfd59797 | Triage

Submit
Reports

Overview

overview

Static

static

5

65eb2e3cd4...97.exe

windows7-x64

65eb2e3cd4...97.exe

windows10-2004-x64

3

Sharing

General

Target

65eb2e3cd44c92afba76a1847b4ec063eaf72b62ccfc420d3563e394dfd59797.exe
Size

861KB
Sample

241119-wdngzatpbj
MD5

34a202942e6edb7c7680ae13e11d2135
SHA1

6a9230c002570c0d8c6a3b7887c9f62507c06c8e
SHA256

65eb2e3cd44c92afba76a1847b4ec063eaf72b62ccfc420d3563e394dfd59797
SHA512

3d0dceaa1a3581c1cc6ae493fcf5a0bf48b7772b4fa3a775a7512f358efab956ce2917c61f15b2aa928a6b0e388f021259ff7d0b727c71ba1064e1f729e886c5
SSDEEP

24576:uRmJkcoQricOIQxiZY1iaCc9OU7VuuYxFMU2S5:7JZoQrbTFZY1iaCcYYKFM25

Score

10^/10

vipkeylogger collection discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

65eb2e3cd44c92afba76a1847b4ec063eaf72b62ccfc420d3563e394dfd59797.exe

Resource

win7-20241010-en

vipkeylogger collection discovery keylogger stealer

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

65eb2e3cd44c92afba76a1847b4ec063eaf72b62ccfc420d3563e394dfd59797.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

vipkeylogger

Targets

- Target
  
  65eb2e3cd44c92afba76a1847b4ec063eaf72b62ccfc420d3563e394dfd59797.exe
- Size
  
  861KB
- MD5
  
  34a202942e6edb7c7680ae13e11d2135
- SHA1
  
  6a9230c002570c0d8c6a3b7887c9f62507c06c8e
- SHA256
  
  65eb2e3cd44c92afba76a1847b4ec063eaf72b62ccfc420d3563e394dfd59797
- SHA512
  
  3d0dceaa1a3581c1cc6ae493fcf5a0bf48b7772b4fa3a775a7512f358efab956ce2917c61f15b2aa928a6b0e388f021259ff7d0b727c71ba1064e1f729e886c5
- SSDEEP
  
  24576:uRmJkcoQricOIQxiZY1iaCc9OU7VuuYxFMU2S5:7JZoQrbTFZY1iaCcYYKFM25
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggercollectiondiscoverykeyloggerstealer

behavioral2

© 2018-2024

Terms | Privacy