vipkeylogger | c081714907fc943cff0b637123039aff0237a226de4fb171cf430ed7c1da1163 | Triage

Sharing

General

Target

c081714907fc943cff0b637123039aff0237a226de4fb171cf430ed7c1da1163N.exe
Size

841KB
Sample

241219-zxdcwszpbj
MD5

ff0c39560bbe39e434266a93dffaa680
SHA1

b553242c24301d7afef118b4eb87bc0d4489b182
SHA256

c081714907fc943cff0b637123039aff0237a226de4fb171cf430ed7c1da1163
SHA512

1484922273850b0c2f8375ca6e551031936fa90f6ee9d3330556327ff8f0d092fe6cfc1ba698682d93a6ab2b9fe89edc575da4612d5ac8fa7b9c194ed8b0c2d2
SSDEEP

24576:4fPa89iWz9Gcg/GMEcCxTRplSZ98H+HdPHdTSkc14:uaOk/GVcCdXsZCH4

Score

10^/10

vipkeylogger discovery keylogger stealer

Malware Config

Extracted

Family

vipkeylogger

Credentials

Protocol: smtp
Host:
mail.al-subai.com
Port:
587
Username:
[email protected]
Password:
mouhannad1980$!$
Email To:
[email protected]

Targets

- Target
  
  c081714907fc943cff0b637123039aff0237a226de4fb171cf430ed7c1da1163N.exe
- Size
  
  841KB
- MD5
  
  ff0c39560bbe39e434266a93dffaa680
- SHA1
  
  b553242c24301d7afef118b4eb87bc0d4489b182
- SHA256
  
  c081714907fc943cff0b637123039aff0237a226de4fb171cf430ed7c1da1163
- SHA512
  
  1484922273850b0c2f8375ca6e551031936fa90f6ee9d3330556327ff8f0d092fe6cfc1ba698682d93a6ab2b9fe89edc575da4612d5ac8fa7b9c194ed8b0c2d2
- SSDEEP
  
  24576:4fPa89iWz9Gcg/GMEcCxTRplSZ98H+HdPHdTSkc14:uaOk/GVcCdXsZCH4
Score

10^/10

vipkeylogger discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggerdiscoverykeyloggerstealer

behavioral2

vipkeyloggerdiscoverykeyloggerstealer