General

  • Target

    11122024_1416_11122024_Megerősítés -73273-jpg.img

  • Size

    1.6MB

  • Sample

    241211-rlkzlazqel

  • MD5

    11b1f30f7faf8e74012e32fbccf37da1

  • SHA1

    6ccfb6f735787553e9a29c926f5ab6b974346006

  • SHA256

    8571118d59514577f936626fba2832d910ca0e3b35dbcf750b53c587007dbdfd

  • SHA512

    ed6c649e912b9064a3a956eab49028b1c9697c7c231d61b09b1f1b34271d8e58833d4908a08d2d2b4f52784ea455ac33b573c40e179a34bda07628ec8f1950eb

  • SSDEEP

    24576:uu6J33O0c+JY5UZ+XC0kGso6Fa5ivMkhWY:gu0c++OCvkGs9Fa5jY

Malware Config

Extracted

Family

vipkeylogger

Targets

    • Target

      Megerősítés -73273,jpg.exe

    • Size

      1.1MB

    • MD5

      8b920dc356ed1b1793dcfe00199caa2d

    • SHA1

      daa2eff7c6c782d70734d69246d0e08511b00dc8

    • SHA256

      78cda513bfe7c617e33922c71d93101f76dfaa4d8da9cdd83cfc41ccc1d36ab2

    • SHA512

      5530849739093e8b344be074969f02a737fd5a275b1b22d8c59a0b6ed5eebc895d5a815908f94d381fc302a3d3e919aeee2ab05b8db593f9631382df2bd2f3c8

    • SSDEEP

      24576:ou6J33O0c+JY5UZ+XC0kGso6Fa5ivMkhWY:Cu0c++OCvkGs9Fa5jY

    • VIPKeylogger

      VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    • Vipkeylogger family

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks