General
-
Target
INVOICES.bat.exe
-
Size
77.0MB
-
Sample
241207-vnqjmsxkbw
-
MD5
7832c592d6a2e403b8323da6b238e789
-
SHA1
1b0a4f33ed26e9284d3a93b7a119a895eb12c0f2
-
SHA256
3e4a1645de56b2595ebd83686945f60b1fc4242d9dada664ca9ef9d6c3f8659f
-
SHA512
aa38396cb18fb5c7cae17413f42b6d3ee15adc82dc5a02513bd430c27f774433186f781cada07d6709d93448404fbdae179cf018144fbf2bfff1405330cbeb09
-
SSDEEP
24576:1u6J33O0c+JY5UZ+XC0kGso6Fac1HJWnny4sd09pWiszrWY:Xu0c++OCvkGs9FacdJ6VpWiXY
Static task
static1
Behavioral task
behavioral1
Sample
INVOICES.bat.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
INVOICES.bat.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
INVOICES.bat.exe
-
Size
77.0MB
-
MD5
7832c592d6a2e403b8323da6b238e789
-
SHA1
1b0a4f33ed26e9284d3a93b7a119a895eb12c0f2
-
SHA256
3e4a1645de56b2595ebd83686945f60b1fc4242d9dada664ca9ef9d6c3f8659f
-
SHA512
aa38396cb18fb5c7cae17413f42b6d3ee15adc82dc5a02513bd430c27f774433186f781cada07d6709d93448404fbdae179cf018144fbf2bfff1405330cbeb09
-
SSDEEP
24576:1u6J33O0c+JY5UZ+XC0kGso6Fac1HJWnny4sd09pWiszrWY:Xu0c++OCvkGs9FacdJ6VpWiXY
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-