Overview

overview

10

Static

static

1

CHEMICAL LIST.exe

windows7-x64

10

CHEMICAL LIST.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CHEMICAL LIST.exe

  • Size

    1.2MB

  • Sample

    250221-qpplhssqhj

  • MD5

    f2bdfa3d9f81762e066a5b7a3c4d68b1

  • SHA1

    492801478917d21402cb02be68c7d8a9a657b128

  • SHA256

    ab59d618a853f1727cb824aaf10347e6775f3a0b8a39222678c7bd415e790d24

  • SHA512

    9fc6e69f4575fcaad081592276c0f5edcdc7f1f4084f23a87aea5ea404da64b8127d071ffbd1f282c1cf9932f899fc36e96c05d0052bd34656488097ed2fd4a9

  • SSDEEP

    24576:I2WCQXckPNssuo4Qt29kAehVvCfyHLOQM0F70tRH:I2csk/uoP2GDWyrS06t

Score
10/10
vipkeyloggercollectiondiscoverykeyloggerstealer

Malware Config

Extracted

Family

vipkeylogger

C2

https://api.telegram.org/bot7155890739:AAGk0jbDV2gAazIReZKFh86ZKJt--qaC54w/sendMessage?chat_id=1886630858

Targets

    • Target

      CHEMICAL LIST.exe

    • Size

      1.2MB

    • MD5

      f2bdfa3d9f81762e066a5b7a3c4d68b1

    • SHA1

      492801478917d21402cb02be68c7d8a9a657b128

    • SHA256

      ab59d618a853f1727cb824aaf10347e6775f3a0b8a39222678c7bd415e790d24

    • SHA512

      9fc6e69f4575fcaad081592276c0f5edcdc7f1f4084f23a87aea5ea404da64b8127d071ffbd1f282c1cf9932f899fc36e96c05d0052bd34656488097ed2fd4a9

    • SSDEEP

      24576:I2WCQXckPNssuo4Qt29kAehVvCfyHLOQM0F70tRH:I2csk/uoP2GDWyrS06t

    Score
    10/10
    vipkeyloggercollectiondiscoverykeyloggerstealer

    • VIPKeylogger

      VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

      stealerkeyloggervipkeylogger

    • Vipkeylogger family

      vipkeylogger

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks