Extracted

• • Target

    gvvhbjnjuhugyftdrsesdtguiop.exe

  • Size

    1.0MB

  • MD5

    846c416864708d053b2bbc6b2612bdd5

  • SHA1

    1f32ba4e6694efbf7cff1acfc816cd4588e32266

  • SHA256

    3fc9216b8a01a87098877cf7ddd15deab038a03502884da4f97857055471be83

  • SHA512

    cc24eed9b37a1378feee7c68d391e927fd23ed35978903822ea85bb162c1aed6901907c34c49f9c04beb1417199ebf8b21f4c0a138d0a83d0c08db9d81a2c102

  • SSDEEP

    24576:Vtb20pkaCqT5TBWgNQ7avVdxWrcHxAPdr66A:GVg5tQ7avV/HSPdO5

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2