Extracted

• • Target

    5db249834fac76bb1b3d747b2f97f565e286b4081a7a9ac3c0faa721dcb966d9.exe

  • Size

    77.0MB

  • MD5

    a28e1fa4994b223767af7e039b8403c0

  • SHA1

    2ac9ab5f04c5c6798e23bd922870c3bf20b806e4

  • SHA256

    5db249834fac76bb1b3d747b2f97f565e286b4081a7a9ac3c0faa721dcb966d9

  • SHA512

    e6cd5dc5c0651e67f6a6d1455be1c5f4b658d1b884f94566a4acf7cef598cb959aed35b70b937596b1db0dfeb2085bb1c2d7b280f43888a17949c1051c8b1f6e

  • SSDEEP

    24576:htb20pkaCqT5TBWgNQ7a9gXj5K81DP8zwBjV6A:yVg5tQ7a9gXjhBp5

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2