vipkeylogger | 0a1f4b0a9d8939e09986ff90633a4761c46b420ee6046c705ae779dd09afaf73 | Triage

Submit
Reports

Overview

overview

Static

static

5

0a1f4b0a9d...73.exe

windows7-x64

0a1f4b0a9d...73.exe

windows10-2004-x64

3

Sharing

General

Target

0a1f4b0a9d8939e09986ff90633a4761c46b420ee6046c705ae779dd09afaf73.exe
Size

77.0MB
Sample

241205-tanbpa1lfw
MD5

f33722ccd93260e70bcf81e6ed60203f
SHA1

484366ee7aaf644fcd08316ce81e7159169aeb95
SHA256

0a1f4b0a9d8939e09986ff90633a4761c46b420ee6046c705ae779dd09afaf73
SHA512

8dddd94ce64987c85e7f63b2b04e2fb8fd5d84345c57e40e2ef8d04a71554ba3f2e82abe28ce0f3a58132522cc2bdc086a2b1ae7e72ddc8aed9d4f500bd86c23
SSDEEP

24576:Ctb20pkaCqT5TBWgNQ7acie1TaJD+pYkZ4M6A:PVg5tQ7ac91TUDzkH5

Score

10^/10

vipkeylogger collection discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0a1f4b0a9d8939e09986ff90633a4761c46b420ee6046c705ae779dd09afaf73.exe

Resource

win7-20240729-en

vipkeylogger collection discovery keylogger stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

0a1f4b0a9d8939e09986ff90633a4761c46b420ee6046c705ae779dd09afaf73.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

vipkeylogger

Targets

- Target
  
  0a1f4b0a9d8939e09986ff90633a4761c46b420ee6046c705ae779dd09afaf73.exe
- Size
  
  77.0MB
- MD5
  
  f33722ccd93260e70bcf81e6ed60203f
- SHA1
  
  484366ee7aaf644fcd08316ce81e7159169aeb95
- SHA256
  
  0a1f4b0a9d8939e09986ff90633a4761c46b420ee6046c705ae779dd09afaf73
- SHA512
  
  8dddd94ce64987c85e7f63b2b04e2fb8fd5d84345c57e40e2ef8d04a71554ba3f2e82abe28ce0f3a58132522cc2bdc086a2b1ae7e72ddc8aed9d4f500bd86c23
- SSDEEP
  
  24576:Ctb20pkaCqT5TBWgNQ7acie1TaJD+pYkZ4M6A:PVg5tQ7ac91TUDzkH5
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggercollectiondiscoverykeyloggerstealer

behavioral2

© 2018-2024

Terms | Privacy