Extracted

Extracted

• • Target

    No. 623123.exe

  • Size

    1008KB

  • MD5

    64c4c04808fba22a4369dc7dfffd6855

  • SHA1

    c940743caa8119de9107bdb261fa2348e6ed6a41

  • SHA256

    e870a692b92ae1edf5ed5282a4fb15b856f6b40d5e06da8a9df825a3f1951b09

  • SHA512

    f08feabaaa5d0e52da126e57704a7531f96b808eca0eefa34a96f7396c76ab9c10184d2f1089cfb9308193d9c9b5eb80f1007a0cf0551f480b3f66b1f43b60df

  • SSDEEP

    24576:Qu6J33O0c+JY5UZ+XC0kGso6FabFGyv3hrRWY:au0c++OCvkGs9FabIypIY

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2