Extracted

• • Target

    0e5a94ce2ca28a97193426a16cae17cb282f5484aab944b2a90060e2d84fb0d8N.exe

  • Size

    947KB

  • MD5

    a3b930d818008118d4a1c0a055ca5210

  • SHA1

    631640062da01787484d2677c15b89948997def8

  • SHA256

    0e5a94ce2ca28a97193426a16cae17cb282f5484aab944b2a90060e2d84fb0d8

  • SHA512

    45562b51dac125aba163604c191076cbc9b849294b6d0f81b9017a3d646c913d9e861a9429a2298f611766c0a260642b7459789fb104f3bd3613bd8ea42375ff

  • SSDEEP

    24576:eMaSSKy2/SPNtqqR4tWOb780ySppfysKP:eRQGObXySppfyR

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerspywarestealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2