General
-
Target
bbbe993804cbc190fa9d492111069c1b406ac213bd5178170d1b817a3a39a48d
-
Size
1.0MB
-
Sample
241212-dpc69sylfw
-
MD5
73ac874af91f6dd0afbf0f1c577e87e2
-
SHA1
b8168049435eac7d0ee05941655d17c1f8ad67dc
-
SHA256
bbbe993804cbc190fa9d492111069c1b406ac213bd5178170d1b817a3a39a48d
-
SHA512
75b0f069308939d8d7007d714b00a19a7346fa9477386ecbf0eea50d5908cf4edfcb88e8f418cd434be06c3f8b686f584df1d156d6ef1214e40cbdd4c020156b
-
SSDEEP
24576:nu6J33O0c+JY5UZ+XC0kGso6Fa74XEnkWY:hu0c++OCvkGs9Fa7kEnY
Static task
static1
Behavioral task
behavioral1
Sample
bbbe993804cbc190fa9d492111069c1b406ac213bd5178170d1b817a3a39a48d.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
bbbe993804cbc190fa9d492111069c1b406ac213bd5178170d1b817a3a39a48d.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
vipkeylogger
Protocol: smtp- Host:
mail.wxtp.store - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@@ - Email To:
[email protected]
Targets
-
-
Target
bbbe993804cbc190fa9d492111069c1b406ac213bd5178170d1b817a3a39a48d
-
Size
1.0MB
-
MD5
73ac874af91f6dd0afbf0f1c577e87e2
-
SHA1
b8168049435eac7d0ee05941655d17c1f8ad67dc
-
SHA256
bbbe993804cbc190fa9d492111069c1b406ac213bd5178170d1b817a3a39a48d
-
SHA512
75b0f069308939d8d7007d714b00a19a7346fa9477386ecbf0eea50d5908cf4edfcb88e8f418cd434be06c3f8b686f584df1d156d6ef1214e40cbdd4c020156b
-
SSDEEP
24576:nu6J33O0c+JY5UZ+XC0kGso6Fa74XEnkWY:hu0c++OCvkGs9Fa7kEnY
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-