General
-
Target
ba23834b70ee4feb3f4cf12c7d19d7472d6f025c07d5781a07fa681dd3b41b86.exe
-
Size
77.0MB
-
Sample
241205-t43cpsypap
-
MD5
2e5d4eae567cc6db52dbc9f7ca1369da
-
SHA1
8720c5eeacbbbb280876bae98ccefb25416e1c33
-
SHA256
ba23834b70ee4feb3f4cf12c7d19d7472d6f025c07d5781a07fa681dd3b41b86
-
SHA512
9a15093fbfec4068755646b333a767109a1039a0291a73f9ed31b3a2369bd94b4fb67e0802fc7374fcd75e1b0db6235acee4c0230011cb802453a0f1d2a1fca2
-
SSDEEP
24576:/tb20pkaCqT5TBWgNQ7aVK2aU6B8NRum6A:8Vg5tQ7aVnNH5
Static task
static1
Behavioral task
behavioral1
Sample
ba23834b70ee4feb3f4cf12c7d19d7472d6f025c07d5781a07fa681dd3b41b86.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ba23834b70ee4feb3f4cf12c7d19d7472d6f025c07d5781a07fa681dd3b41b86.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
ba23834b70ee4feb3f4cf12c7d19d7472d6f025c07d5781a07fa681dd3b41b86.exe
-
Size
77.0MB
-
MD5
2e5d4eae567cc6db52dbc9f7ca1369da
-
SHA1
8720c5eeacbbbb280876bae98ccefb25416e1c33
-
SHA256
ba23834b70ee4feb3f4cf12c7d19d7472d6f025c07d5781a07fa681dd3b41b86
-
SHA512
9a15093fbfec4068755646b333a767109a1039a0291a73f9ed31b3a2369bd94b4fb67e0802fc7374fcd75e1b0db6235acee4c0230011cb802453a0f1d2a1fca2
-
SSDEEP
24576:/tb20pkaCqT5TBWgNQ7aVK2aU6B8NRum6A:8Vg5tQ7aVnNH5
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-