vipkeylogger | 94200fb06fad1a23fa5ea66ecc628a459575c807f68da77b5e3472baf1fa70b4 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

3f9ac29a06...41.exe

windows7-x64

3f9ac29a06...41.exe

windows10-2004-x64

Sharing

General

Target

037b9dc9d5bee07e111173cbe87624b4.bin
Size

616KB
Sample

241215-bcy7vs1mgr
MD5

1f45fbb3c0a3f6d15efa86b2190c7c2d
SHA1

4af8c3b887c141a173702d5c9637b31af425a189
SHA256

94200fb06fad1a23fa5ea66ecc628a459575c807f68da77b5e3472baf1fa70b4
SHA512

f53f2969fcb5a1dfe2480593004915ef840e80eb84a8889d279b22cfb0eb859f0bfe5f765605c4f68dacc61ac333600a84786ff5d0f6ce32dae924aec5cd1e02
SSDEEP

12288:f2RM6W/KbEXvbgdc0FnAfPBQRGj0XVLawQQILpE/rtR/q90VZKeACFRsUyX4WTRL:f16aKbreJuGYLawpILpE/u9KZKhXFRL

Score

10^/10

vipkeylogger collection discovery keylogger stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3f9ac29a06c3a7145971c352ecc386b94dc13be8b479d09c920f36e20f6b1b41.exe

Resource

win7-20240729-en

vipkeylogger collection discovery keylogger stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

3f9ac29a06c3a7145971c352ecc386b94dc13be8b479d09c920f36e20f6b1b41.exe

Resource

win10v2004-20241007-en

vipkeylogger collection discovery keylogger stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

vipkeylogger

Credentials

Protocol: smtp
Host:
mail.htcp.homes
Port:
587
Username:
[email protected]
Password:
7213575aceACE@@
Email To:
[email protected]

Targets

- Target
  
  3f9ac29a06c3a7145971c352ecc386b94dc13be8b479d09c920f36e20f6b1b41.exe
- Size
  
  624KB
- MD5
  
  037b9dc9d5bee07e111173cbe87624b4
- SHA1
  
  881d8ba41c222c0ff9ee96dab3e954417da6c34f
- SHA256
  
  3f9ac29a06c3a7145971c352ecc386b94dc13be8b479d09c920f36e20f6b1b41
- SHA512
  
  5fc5c3794ff87db5d13e2b93c5805f4b17c23aff7d4f348a7634206f88d3814f479d9a73a157e8f01823facf5e70dea831a8725d45171b5e1164397ce2a08433
- SSDEEP
  
  12288:OPbTRt0NTO1JKbMDrZrVW+RLV//TSrSv9GDa0YN7vuAwmqG8kL:ybTniTOHmWr5Uq+rSoEduAwmNx
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggercollectiondiscoverykeyloggerstealer

behavioral2

vipkeyloggercollectiondiscoverykeyloggerstealer

© 2018-2025

Terms | Privacy