vipkeylogger | 4396623a16b786eb06a8ffde747c3399254d0d6977e5eeaef4fcef38e1615846 | Triage

Submit
Reports

Overview

overview

Static

static

5

4396623a16...46.exe

windows7-x64

4396623a16...46.exe

windows10-2004-x64

3

Sharing

General

Target

4396623a16b786eb06a8ffde747c3399254d0d6977e5eeaef4fcef38e1615846.exe
Size

1.2MB
Sample

250124-ycmv6avkf1
MD5

6233e664c66da2bc8236e395d69d5e99
SHA1

dde0a2a9112e071a45640c03d51d74c97adacf65
SHA256

4396623a16b786eb06a8ffde747c3399254d0d6977e5eeaef4fcef38e1615846
SHA512

ea2b74c59cda11a1ebb9a1a4b5c99091f26a7c9c91bc7becff67bc6f628d4a80637de19ed22ee48da1e1e25e0bd3de268a1420dfdf144939f60b7e6b1cf7a04f
SSDEEP

24576:uRmJkcoQricOIQxiZY1iaCpN1W+toAuoT5g/DFiwzRw+Zt:7JZoQrbTFZY1iaCzgxJoT5KFivKt

Score

10^/10

vipkeylogger collection discovery keylogger stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

4396623a16b786eb06a8ffde747c3399254d0d6977e5eeaef4fcef38e1615846.exe

Resource

win7-20240903-en

vipkeylogger collection discovery keylogger stealer

windows7-x64

16 signatures

120 seconds

Behavioral task

behavioral2

Sample

4396623a16b786eb06a8ffde747c3399254d0d6977e5eeaef4fcef38e1615846.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Extracted

Family

vipkeylogger

Credentials

Protocol: smtp
Host:
smtp.1und1.de
Port:
587
Username:
[email protected]
Password:
MonaLisa_2018
Email To:
[email protected]

Targets

- Target
  
  4396623a16b786eb06a8ffde747c3399254d0d6977e5eeaef4fcef38e1615846.exe
- Size
  
  1.2MB
- MD5
  
  6233e664c66da2bc8236e395d69d5e99
- SHA1
  
  dde0a2a9112e071a45640c03d51d74c97adacf65
- SHA256
  
  4396623a16b786eb06a8ffde747c3399254d0d6977e5eeaef4fcef38e1615846
- SHA512
  
  ea2b74c59cda11a1ebb9a1a4b5c99091f26a7c9c91bc7becff67bc6f628d4a80637de19ed22ee48da1e1e25e0bd3de268a1420dfdf144939f60b7e6b1cf7a04f
- SSDEEP
  
  24576:uRmJkcoQricOIQxiZY1iaCpN1W+toAuoT5g/DFiwzRw+Zt:7JZoQrbTFZY1iaCzgxJoT5KFivKt
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggercollectiondiscoverykeyloggerstealer

behavioral2

© 2018-2025

Terms | Privacy