vipkeylogger | b5428c2846d67943664a3dacc23f81d79eb72840c0af0e335de6726b42a2b27e | Triage

Submit
Reports

Overview

overview

Static

static

5

b5428c2846...7e.exe

windows7-x64

b5428c2846...7e.exe

windows10-2004-x64

3

Sharing

General

Target

b5428c2846d67943664a3dacc23f81d79eb72840c0af0e335de6726b42a2b27e.exe
Size

77.0MB
Sample

241205-tcvhsaxmfr
MD5

d4f40910302d717a436b72e3acb3b9b4
SHA1

fcb3a4723dceea6d8c41245805e8f5a2027865c3
SHA256

b5428c2846d67943664a3dacc23f81d79eb72840c0af0e335de6726b42a2b27e
SHA512

f552f142eb6a5fc93bf32465cec8c50fd8313f41aa957cae633cb13cb345bc22d0391b5bbfd7478797d1857019d21c7a5d3429039e3e4e87750750dc12812f43
SSDEEP

24576:jtb20pkaCqT5TBWgNQ7azo8bMwaMXx4fD/J6A:gVg5tQ7azoCMwaMit5

Score

10^/10

vipkeylogger collection discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b5428c2846d67943664a3dacc23f81d79eb72840c0af0e335de6726b42a2b27e.exe

Resource

win7-20240903-en

vipkeylogger collection discovery keylogger stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

b5428c2846d67943664a3dacc23f81d79eb72840c0af0e335de6726b42a2b27e.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

vipkeylogger

Targets

- Target
  
  b5428c2846d67943664a3dacc23f81d79eb72840c0af0e335de6726b42a2b27e.exe
- Size
  
  77.0MB
- MD5
  
  d4f40910302d717a436b72e3acb3b9b4
- SHA1
  
  fcb3a4723dceea6d8c41245805e8f5a2027865c3
- SHA256
  
  b5428c2846d67943664a3dacc23f81d79eb72840c0af0e335de6726b42a2b27e
- SHA512
  
  f552f142eb6a5fc93bf32465cec8c50fd8313f41aa957cae633cb13cb345bc22d0391b5bbfd7478797d1857019d21c7a5d3429039e3e4e87750750dc12812f43
- SSDEEP
  
  24576:jtb20pkaCqT5TBWgNQ7azo8bMwaMXx4fD/J6A:gVg5tQ7azoCMwaMit5
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggercollectiondiscoverykeyloggerstealer

behavioral2

© 2018-2024

Terms | Privacy