General
-
Target
1140-339-0x0000000000480000-0x00000000004C4000-memory.dmp
-
Size
272KB
-
MD5
76930ad3f1bcf9a31fbce2ec7d7fee2b
-
SHA1
e76d2086f1939790f89efe48097693ff2137a327
-
SHA256
41e8a505e0bb87aea121269970223aa595301f8bbd14af0f35f373f8d6968653
-
SHA512
b18e26a70709cc8a81a676d132edfcc2d9d4b6402b72c720e13c88bcacd330f2a6931b0f1009a221ae75501b2b628584f778cedfcb1e4ca3079e9a871c60a6a2
-
SSDEEP
3072:8gKLhdVTDrDD9aw0q6Prx/EUk+0+m8mPhncbvPD5qbsjGdY/VgfsbbY:W/53RcbnD5wgb
Score
10/10
Malware Config
Extracted
Family
vipkeylogger
Credentials
Protocol: smtp- Host:
mail.novacitacor.pt - Port:
587 - Username:
[email protected] - Password:
#Novasystem123# - Email To:
[email protected]
C2
https://api.telegram.org/bot7502066508:AAGz5-yl79jZ7Tfefk024IrMFNLc6CGJF4I/sendMessage?chat_id=6978326966
Signatures
-
Vipkeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1140-339-0x0000000000480000-0x00000000004C4000-memory.dmp
Headers
Sections