Extracted

• • Target

    Fizetés-visszaigazolása_773491,jpg.exe

  • Size

    1.1MB

  • MD5

    46df525d13c6430e026e2a068d16458f

  • SHA1

    808d2b8d860d90977baed3cd10c5e30be9702764

  • SHA256

    fa3262757d48ca8f047f9045bac15fb422cb91f231b1eb29f5250fb52ad7a9bc

  • SHA512

    f16e060f55d55629eda347fe0d9f6b8cb417a3ffe0af37f5c089bcbd23c45d5f1f2148b3330753fcba1d15f783af9016d64002966346f165094ba7dec5fc4a67

  • SSDEEP

    24576:4tb20pkaCqT5TBWgNQ7akTuyHOPTLF46A:BVg5tQ7akTut7Lm5

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2