General
-
Target
baf492ce1891725d1d42490077998666b85938b0cb839302b5761a30cca16d7d
-
Size
602KB
-
Sample
241204-cmsnhawnct
-
MD5
d23e04769d75e0d671cf24f336e4d5f0
-
SHA1
e3b20356ea748b644981ceee21663e524471d8e8
-
SHA256
baf492ce1891725d1d42490077998666b85938b0cb839302b5761a30cca16d7d
-
SHA512
50a4084fa967ac5eb22e19a7466c7b8cf4d116a2877b5b96b2b65607c3bb3529f4384d8d7a58719d210ea7b6432d786caf45838c99a52e760b63fb191831fc7c
-
SSDEEP
12288:lw+oB/14LIjVQngDDKQSUEk8HkuMaLf6T5+gJsUJ1xQ6XGR:TYTNSUEJ
Behavioral task
behavioral1
Sample
baf492ce1891725d1d42490077998666b85938b0cb839302b5761a30cca16d7d.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
baf492ce1891725d1d42490077998666b85938b0cb839302b5761a30cca16d7d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
baf492ce1891725d1d42490077998666b85938b0cb839302b5761a30cca16d7d
-
Size
602KB
-
MD5
d23e04769d75e0d671cf24f336e4d5f0
-
SHA1
e3b20356ea748b644981ceee21663e524471d8e8
-
SHA256
baf492ce1891725d1d42490077998666b85938b0cb839302b5761a30cca16d7d
-
SHA512
50a4084fa967ac5eb22e19a7466c7b8cf4d116a2877b5b96b2b65607c3bb3529f4384d8d7a58719d210ea7b6432d786caf45838c99a52e760b63fb191831fc7c
-
SSDEEP
12288:lw+oB/14LIjVQngDDKQSUEk8HkuMaLf6T5+gJsUJ1xQ6XGR:TYTNSUEJ
-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-