Extracted

Extracted

• • Target

    F8C3F6B1795091D7211DC5B0D508C9FFA115E6FBBAB18B4EE9545B2124E211E5

  • Size

    1.2MB

  • MD5

    0154fe9c5f4ad81beeedcf4fdb397ed4

  • SHA1

    939c3757ae0f62cda2ef34935d34f3ac70bba776

  • SHA256

    f8c3f6b1795091d7211dc5b0d508c9ffa115e6fbbab18b4ee9545b2124e211e5

  • SHA512

    957e65880d3979dd952f6989d460071ab6dbfcb6aaa036a6249153db7ff35c72ef51056e63bd9721697f5f8b528f1876d2a7f67b0b36646778a16d0d6246c5e5

  • SSDEEP

    24576:uRmJkcoQricOIQxiZY1iaCrUHNXxWZW6+xBAio0WjijTbwPGS:7JZoQrbTFZY1iaCrSxXzPWjijT0OS

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2