General
-
Target
11122024_0637_Потврда-0794111224-jpg.exe.iso
-
Size
1.6MB
-
Sample
241211-hdtr4a1nay
-
MD5
bab0230f579b3c0b402085a45a271ebc
-
SHA1
ba5b52f9ff62f27c255e252398d23be6264f5eb3
-
SHA256
cc59e672814aa14d61d44fb6eaeb68502bbdc94f6fe45545ef439a8102e130d3
-
SHA512
51530dbef144196d8b672d6e50ed208f0320824764e7cf23354b7f325b421fc6de771b2adccf231482d2313f289da11a4622f23df00cc2d53fb854d6fe20879a
-
SSDEEP
24576:/u6J33O0c+JY5UZ+XC0kGso6Fa5ivMkhWY:Ju0c++OCvkGs9Fa5jY
Static task
static1
Behavioral task
behavioral1
Sample
Потврда-0794111224,jpg.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Потврда-0794111224,jpg.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Targets
-
-
Target
Потврда-0794111224,jpg.exe
-
Size
1.1MB
-
MD5
8b920dc356ed1b1793dcfe00199caa2d
-
SHA1
daa2eff7c6c782d70734d69246d0e08511b00dc8
-
SHA256
78cda513bfe7c617e33922c71d93101f76dfaa4d8da9cdd83cfc41ccc1d36ab2
-
SHA512
5530849739093e8b344be074969f02a737fd5a275b1b22d8c59a0b6ed5eebc895d5a815908f94d381fc302a3d3e919aeee2ab05b8db593f9631382df2bd2f3c8
-
SSDEEP
24576:ou6J33O0c+JY5UZ+XC0kGso6Fa5ivMkhWY:Cu0c++OCvkGs9Fa5jY
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-