vipkeylogger | 478c6171817035d5cf8828d6d75ed0ce79017f260f7cfff8687adf7d11ae44e8 | Triage

Sharing

General

Target

03022025_0551_31012025_SOA Since OCT DEC 241738316681530012900.zip
Size

180KB
Sample

250203-gkf9xatqcm
MD5

bf51bf79a5fbc66902a8b62cabe50f57
SHA1

82025d383b5a06714a6544d2ad13f14bacf38c6c
SHA256

478c6171817035d5cf8828d6d75ed0ce79017f260f7cfff8687adf7d11ae44e8
SHA512

ee65284a710659386f62a1e68672f60f24e2618cb19c3a32dbfc3f3af36330dd6a3712ffb5fa048f0cfbf5cc0ddb6d607664376658741faad4738d0340e6b839
SSDEEP

3072:UF1KDsesp5YjBTo1eonvU3E/zK7a5lgBDlZOvEK1aUKkZTjjM:nsx5YjBTo1ey9/mayBZ21HjM

Score

10^/10

vipkeylogger collection discovery execution keylogger stealer

Malware Config

Extracted

Family

vipkeylogger

C2

https://api.telegram.org/bot8043603189:AAFpR2ormgQgQpP5aDirNgZd72aHXUsGdlI/sendMessage?chat_id=2135869667

Targets

- Target
  
  SOA Since OCT DEC 241738316681530012900.bat
- Size
  
  259KB
- MD5
  
  091339b9b937b6193b28a92975e7d2ae
- SHA1
  
  a4f023b841cdf5942908c93d27f33a4fbb0ffb07
- SHA256
  
  85a8c769dc1066bc515c68796178c74677e8bfc7a6251688f9f3bccb275df2d0
- SHA512
  
  880cf2459dafc438b168e3b3bfe81263bc9c08ce19c36e1f7a35429b72ccb95888435d4fc22efeefea8444a9f52416f4e73db516dd286cbc75f942d9b6942571
- SSDEEP
  
  6144:4s39gNPe2hOYtobWZ2OwqvFjOYJziR38Umc:4s3ONP3hkbW9h9OGtlc
Score

10^/10

execution vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Remote System Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

vipkeyloggercollectiondiscoveryexecutionkeyloggerstealer