General

  • Target

    ba23834b70ee4feb3f4cf12c7d19d7472d6f025c07d5781a07fa681dd3b41b86.exe

  • Size

    77.0MB

  • Sample

    241205-taqf2sxlfn

  • MD5

    2e5d4eae567cc6db52dbc9f7ca1369da

  • SHA1

    8720c5eeacbbbb280876bae98ccefb25416e1c33

  • SHA256

    ba23834b70ee4feb3f4cf12c7d19d7472d6f025c07d5781a07fa681dd3b41b86

  • SHA512

    9a15093fbfec4068755646b333a767109a1039a0291a73f9ed31b3a2369bd94b4fb67e0802fc7374fcd75e1b0db6235acee4c0230011cb802453a0f1d2a1fca2

  • SSDEEP

    24576:/tb20pkaCqT5TBWgNQ7aVK2aU6B8NRum6A:8Vg5tQ7aVnNH5

Malware Config

Extracted

Family

vipkeylogger

Targets

    • Target

      ba23834b70ee4feb3f4cf12c7d19d7472d6f025c07d5781a07fa681dd3b41b86.exe

    • Size

      77.0MB

    • MD5

      2e5d4eae567cc6db52dbc9f7ca1369da

    • SHA1

      8720c5eeacbbbb280876bae98ccefb25416e1c33

    • SHA256

      ba23834b70ee4feb3f4cf12c7d19d7472d6f025c07d5781a07fa681dd3b41b86

    • SHA512

      9a15093fbfec4068755646b333a767109a1039a0291a73f9ed31b3a2369bd94b4fb67e0802fc7374fcd75e1b0db6235acee4c0230011cb802453a0f1d2a1fca2

    • SSDEEP

      24576:/tb20pkaCqT5TBWgNQ7aVK2aU6B8NRum6A:8Vg5tQ7aVnNH5

    • VIPKeylogger

      VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    • Vipkeylogger family

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.