Extracted

Extracted

• • Target

    d4e2fbfc32056e62acf75175d7612639a9987bea0b543c1805235c9582d4991a.exe

  • Size

    1.1MB

  • MD5

    3599e1d5d724fbb382a29f1cad0aeda4

  • SHA1

    3e1b82de92038cdb85749473ddaef0d680765d23

  • SHA256

    d4e2fbfc32056e62acf75175d7612639a9987bea0b543c1805235c9582d4991a

  • SHA512

    4d977f01f4c90b55489e9ae40e61ef545dcc74da26a29f66b3fecb19610ba4903df82127a5ed8e50c2120e9be3a88eafb04ce94f70107e55e5980e2869915ee9

  • SSDEEP

    24576:3u6J33O0c+JY5UZ+XC0kGso6FakmIjQd2gvMSgt6EWY:Ru0c++OCvkGs9Fakqd22v7Y

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2