Extracted

• • Target

    Płatność 8557899,jpg.exe

  • Size

    1.1MB

  • MD5

    741eea55925237502bf85c1b86e4012b

  • SHA1

    0104879889fd5440e59978a98d6f715fa4a79c86

  • SHA256

    678fa6d49ff14e29a6a534db4ac0ad1f3aa9538101d2b6ed4aef40cedd8b4339

  • SHA512

    ab917b2694b00daeacbda1d82c72259316a4753e991e80ee0f2aa247d7df90268cdf46b27a2b166cfcb36b6ecd0e0ab4476b08aa138a66f0c634bbea100aaeb1

  • SSDEEP

    24576:Hu6J33O0c+JY5UZ+XC0kGso6Fa/tgAKWY:Bu0c++OCvkGs9Fa/tgYY

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2