General
-
Target
7832c592d6a2e403b8323da6b238e789.bin
-
Size
779KB
-
Sample
241209-bt9d6askhn
-
MD5
ab18cdbe69f60bb2c4a2810aa99a783f
-
SHA1
2fb05d7e7719df9fcda6ffc4db06046068950618
-
SHA256
e7092bab021210862b9e460c410b597ddb914deb0343369541828e838be431b8
-
SHA512
ff6afdd6ca0d0fc051ff5e5ce922c870368b147f9ec1e89a84a1926eea5c1f960db1eaaebed3596c48f3bdb0e00da2b13cd571f9b70db7a26ed8fbc1605a96a5
-
SSDEEP
12288:tELGnaOIhAIa9CCPCPWpptNd8Sa9nDY4izN6/0GmQL0fX+D1XTB1fiv1lxko:tr3Aa9CC6Piptg9URGxLWX4XvfM1lxf
Static task
static1
Behavioral task
behavioral1
Sample
3e4a1645de56b2595ebd83686945f60b1fc4242d9dada664ca9ef9d6c3f8659f.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3e4a1645de56b2595ebd83686945f60b1fc4242d9dada664ca9ef9d6c3f8659f.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
3e4a1645de56b2595ebd83686945f60b1fc4242d9dada664ca9ef9d6c3f8659f.exe
-
Size
77.0MB
-
MD5
7832c592d6a2e403b8323da6b238e789
-
SHA1
1b0a4f33ed26e9284d3a93b7a119a895eb12c0f2
-
SHA256
3e4a1645de56b2595ebd83686945f60b1fc4242d9dada664ca9ef9d6c3f8659f
-
SHA512
aa38396cb18fb5c7cae17413f42b6d3ee15adc82dc5a02513bd430c27f774433186f781cada07d6709d93448404fbdae179cf018144fbf2bfff1405330cbeb09
-
SSDEEP
24576:1u6J33O0c+JY5UZ+XC0kGso6Fac1HJWnny4sd09pWiszrWY:Xu0c++OCvkGs9FacdJ6VpWiXY
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-