Extracted

Extracted

• • Target

    05c09343bc96558c8e05256adc417d09708c55aa19c8b7c74d3f41b97f6766da

  • Size

    730KB

  • MD5

    178c596b5bbfdf57529862f72b62e07c

  • SHA1

    10a3c41e7d7db49bc55a39b31e22807448691b5b

  • SHA256

    05c09343bc96558c8e05256adc417d09708c55aa19c8b7c74d3f41b97f6766da

  • SHA512

    b13b2df9915ba627a1e2fb2c4a7dbb092d420ca6aaf2c60b41fcf494f3a0c97584031ce5d5caf8c4d600f0082ece38d8aa607ee3d389affe7ca97f3005537095

  • SSDEEP

    12288:O2iN4YfHmhWsDI+UhcU1kBQ5ehr3grg9dljjzo8bgMpY3+92k2I7FbOeIPe1y:O1KoHmhWgwF1klgk9TzoKY3+lJZCeqE

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerspywarestealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2