General
-
Target
Płatność 8557899,jpg.exe
-
Size
1.1MB
-
Sample
241203-drw26atjfp
-
MD5
741eea55925237502bf85c1b86e4012b
-
SHA1
0104879889fd5440e59978a98d6f715fa4a79c86
-
SHA256
678fa6d49ff14e29a6a534db4ac0ad1f3aa9538101d2b6ed4aef40cedd8b4339
-
SHA512
ab917b2694b00daeacbda1d82c72259316a4753e991e80ee0f2aa247d7df90268cdf46b27a2b166cfcb36b6ecd0e0ab4476b08aa138a66f0c634bbea100aaeb1
-
SSDEEP
24576:Hu6J33O0c+JY5UZ+XC0kGso6Fa/tgAKWY:Bu0c++OCvkGs9Fa/tgYY
Static task
static1
Behavioral task
behavioral1
Sample
Płatność 8557899,jpg.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
Płatność 8557899,jpg.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
Płatność 8557899,jpg.exe
-
Size
1.1MB
-
MD5
741eea55925237502bf85c1b86e4012b
-
SHA1
0104879889fd5440e59978a98d6f715fa4a79c86
-
SHA256
678fa6d49ff14e29a6a534db4ac0ad1f3aa9538101d2b6ed4aef40cedd8b4339
-
SHA512
ab917b2694b00daeacbda1d82c72259316a4753e991e80ee0f2aa247d7df90268cdf46b27a2b166cfcb36b6ecd0e0ab4476b08aa138a66f0c634bbea100aaeb1
-
SSDEEP
24576:Hu6J33O0c+JY5UZ+XC0kGso6Fa/tgAKWY:Bu0c++OCvkGs9Fa/tgYY
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-