Overview

overview

10

Static

static

1

AUTO SPARE...ST.exe

windows7-x64

10

AUTO SPARE...ST.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a0f8f874489c0121fd7c44b0efc3da1facc074a6aa1b51fbecaaa5714315fb5c.ace

  • Size

    587KB

  • Sample

    250221-ed4erasjgv

  • MD5

    805a81c52ab1b68ea09e5a4a6095d5cc

  • SHA1

    9a55e119e88d6755b4cce6e6158051a3d2d025ac

  • SHA256

    a0f8f874489c0121fd7c44b0efc3da1facc074a6aa1b51fbecaaa5714315fb5c

  • SHA512

    2e593e0f7762c3ae622c678f616dc4190bd95190fe2c84f7ac16eb8e1a5dc0661799afcaca2fb3f8511b80b6f2731bc944b4ed708f8a2556af42e22d0ae2ba03

  • SSDEEP

    12288:sn7DQjc1A0+5hz2OV3FBHWPOWaIPc8q8ZWz7o08yyB2u4bwyAWKUWNj9T:sSc1t+5h6OV7UOWXU/z70LirJ2NZT

Score
10/10
vipkeyloggerdiscoverykeyloggerstealer

Malware Config

Extracted

Family

vipkeylogger

C2

https://api.telegram.org/bot7155890739:AAGk0jbDV2gAazIReZKFh86ZKJt--qaC54w/sendMessage?chat_id=1886630858

Targets

    • Target

      AUTO SPARE PARTS LIST.exe

    • Size

      970KB

    • MD5

      ad4710de6439164971bcf0697dd25a55

    • SHA1

      ddbbf71511509b36fcafb71238e170769f590155

    • SHA256

      e9d87b999454486eb4f2d0befeb0ed7d82e59cc0cee03a646e0f5474a2610da6

    • SHA512

      00d84130a34046712f96590917b619e329806f8b8caf1e59beadd879c42a4a7fdf7e7eab335c7bfc14ff34a6719a252a8eb0a42a03e93982004b9941b9b5a5e8

    • SSDEEP

      12288:GYw1J/aQC2PqFOZzwWQ1vApLdckCDszpkU9e/pV8O/tCnfZs0aLEcsUV:i/8gJwKJdckCDSpkoehVvCfZUL7V

    Score
    10/10
    vipkeyloggerdiscoverykeyloggerstealer

    • VIPKeylogger

      VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

      stealerkeyloggervipkeylogger

    • Vipkeylogger family

      vipkeylogger

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks