General
-
Target
04122024_0646_Pagamento,jpg.exe.iso
-
Size
1.6MB
-
Sample
241204-hj451s1qep
-
MD5
f12daa27cf77c8cae0cd0a415d0e76dd
-
SHA1
4de06763658032f62db06dc8d79c23bc864bb78f
-
SHA256
712cd0ffce6bdb218f40c8dbf2fc0ae374ee48f40703c55863dfa9eac3c864d9
-
SHA512
d08f49b43c169afc8732665fbcc677000d14d338ba895df046b68453592d16c394a2c8b37b9f2c6263b2b30a8b62129296ddef49fd53b15f9e009d7f6457399b
-
SSDEEP
24576:Ju6J33O0c+JY5UZ+XC0kGso6Fan+UtnOl4UlraWY:ru0c++OCvkGs9Fan+Ux6Y
Static task
static1
Behavioral task
behavioral1
Sample
Pagamento,jpg.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Pagamento,jpg.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
Pagamento,jpg.exe
-
Size
1.1MB
-
MD5
0659e8150d35108cc2573e5b1078b26b
-
SHA1
ee77434a856c417591cc1e70fff55891d29b73cd
-
SHA256
1969889d88e2f49a75bdfb922352df56320fdfa87c77f90bc22a82576ef7ad03
-
SHA512
d74288d59c719681e91d144329bbc4c557fbc1d21deafc6412f3dcb0ba1e572754dab32a5baf173946ec9212d8eef4a1c974ff5189ed0226cac429d986885aa8
-
SSDEEP
24576:Mu6J33O0c+JY5UZ+XC0kGso6Fan+UtnOl4UlraWY:Wu0c++OCvkGs9Fan+Ux6Y
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-