General
-
Target
Pagamentojpg.exe
-
Size
1.1MB
-
Sample
241204-fj5qfaykak
-
MD5
0659e8150d35108cc2573e5b1078b26b
-
SHA1
ee77434a856c417591cc1e70fff55891d29b73cd
-
SHA256
1969889d88e2f49a75bdfb922352df56320fdfa87c77f90bc22a82576ef7ad03
-
SHA512
d74288d59c719681e91d144329bbc4c557fbc1d21deafc6412f3dcb0ba1e572754dab32a5baf173946ec9212d8eef4a1c974ff5189ed0226cac429d986885aa8
-
SSDEEP
24576:Mu6J33O0c+JY5UZ+XC0kGso6Fan+UtnOl4UlraWY:Wu0c++OCvkGs9Fan+Ux6Y
Static task
static1
Behavioral task
behavioral1
Sample
Pagamentojpg.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Pagamentojpg.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
Pagamentojpg.exe
-
Size
1.1MB
-
MD5
0659e8150d35108cc2573e5b1078b26b
-
SHA1
ee77434a856c417591cc1e70fff55891d29b73cd
-
SHA256
1969889d88e2f49a75bdfb922352df56320fdfa87c77f90bc22a82576ef7ad03
-
SHA512
d74288d59c719681e91d144329bbc4c557fbc1d21deafc6412f3dcb0ba1e572754dab32a5baf173946ec9212d8eef4a1c974ff5189ed0226cac429d986885aa8
-
SSDEEP
24576:Mu6J33O0c+JY5UZ+XC0kGso6Fan+UtnOl4UlraWY:Wu0c++OCvkGs9Fan+Ux6Y
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-