General
-
Target
bcf978c4466179a2829f9fc0c0aa8da26ac0886ee12ac2d346fe497413848c7a.exe
-
Size
77.0MB
-
Sample
241206-dq2agsxndw
-
MD5
cc2387cb96f6a5ecfdac2cd576ccdc79
-
SHA1
afb62d3e60b92e2659ac62f1b72df0340709a192
-
SHA256
bcf978c4466179a2829f9fc0c0aa8da26ac0886ee12ac2d346fe497413848c7a
-
SHA512
ed4c85113017fd9e9f7966962841d086d4baf5e4da0180ebd3f756b55937d3b5505c0a1dcb7c60f47dd68ef16fffdb18d792ab8320860035555cb6d08a2b435f
-
SSDEEP
12288:vtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaA79AAROhq3uCk4No6A:vtb20pkaCqT5TBWgNQ7aA9Am3xkIo6A
Static task
static1
Behavioral task
behavioral1
Sample
bcf978c4466179a2829f9fc0c0aa8da26ac0886ee12ac2d346fe497413848c7a.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
bcf978c4466179a2829f9fc0c0aa8da26ac0886ee12ac2d346fe497413848c7a.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
bcf978c4466179a2829f9fc0c0aa8da26ac0886ee12ac2d346fe497413848c7a.exe
-
Size
77.0MB
-
MD5
cc2387cb96f6a5ecfdac2cd576ccdc79
-
SHA1
afb62d3e60b92e2659ac62f1b72df0340709a192
-
SHA256
bcf978c4466179a2829f9fc0c0aa8da26ac0886ee12ac2d346fe497413848c7a
-
SHA512
ed4c85113017fd9e9f7966962841d086d4baf5e4da0180ebd3f756b55937d3b5505c0a1dcb7c60f47dd68ef16fffdb18d792ab8320860035555cb6d08a2b435f
-
SSDEEP
12288:vtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaA79AAROhq3uCk4No6A:vtb20pkaCqT5TBWgNQ7aA9Am3xkIo6A
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-