Extracted

Extracted

• • Target

    352DE7DFD3FB836628D4FF158B4DE46BEB846AB06D4F00E50AF8F044C90D4557

  • Size

    1.2MB

  • MD5

    4ecf8fe6928f10c555d62b8405a16f9a

  • SHA1

    0d1ca422640f1f346c49695ff8adc91cb170163d

  • SHA256

    352de7dfd3fb836628d4ff158b4de46beb846ab06d4f00e50af8f044c90d4557

  • SHA512

    da9a320dd9a9bc9a38c4355865f3a591ea32b002bc40d66f92188a08b9f93674201cef990e40bf486ca0610a534ef2bf3d28fde5e7f370d0ce8127ad2220f508

  • SSDEEP

    24576:uRmJkcoQricOIQxiZY1iaCYBzTlwCehRH/XqbvwCy5jI:7JZoQrbTFZY1iaCqzxAhRfc05E

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2