General

  • Target

    bcf978c4466179a2829f9fc0c0aa8da26ac0886ee12ac2d346fe497413848c7a.exe

  • Size

    77.0MB

  • Sample

    241205-vacqmasqd1

  • MD5

    cc2387cb96f6a5ecfdac2cd576ccdc79

  • SHA1

    afb62d3e60b92e2659ac62f1b72df0340709a192

  • SHA256

    bcf978c4466179a2829f9fc0c0aa8da26ac0886ee12ac2d346fe497413848c7a

  • SHA512

    ed4c85113017fd9e9f7966962841d086d4baf5e4da0180ebd3f756b55937d3b5505c0a1dcb7c60f47dd68ef16fffdb18d792ab8320860035555cb6d08a2b435f

  • SSDEEP

    12288:vtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaA79AAROhq3uCk4No6A:vtb20pkaCqT5TBWgNQ7aA9Am3xkIo6A

Malware Config

Extracted

Family

vipkeylogger

Targets

    • Target

      bcf978c4466179a2829f9fc0c0aa8da26ac0886ee12ac2d346fe497413848c7a.exe

    • Size

      77.0MB

    • MD5

      cc2387cb96f6a5ecfdac2cd576ccdc79

    • SHA1

      afb62d3e60b92e2659ac62f1b72df0340709a192

    • SHA256

      bcf978c4466179a2829f9fc0c0aa8da26ac0886ee12ac2d346fe497413848c7a

    • SHA512

      ed4c85113017fd9e9f7966962841d086d4baf5e4da0180ebd3f756b55937d3b5505c0a1dcb7c60f47dd68ef16fffdb18d792ab8320860035555cb6d08a2b435f

    • SSDEEP

      12288:vtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaA79AAROhq3uCk4No6A:vtb20pkaCqT5TBWgNQ7aA9Am3xkIo6A

    • VIPKeylogger

      VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    • Vipkeylogger family

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.