Extracted

• • Target

    BugSplat64.dll.exe

  • Size

    12.4MB

  • MD5

    5dc0ed87146dacc6f84005f6667a977a

  • SHA1

    397fd547749314eca0780275e8c695067256d82d

  • SHA256

    5b0c0b5fab4030da17e80d45dddaacda910e443d3a270882196968b9309bfaaf

  • SHA512

    f3df02654ebee17d9b7c1346d6a4a69d8a5fb025731e27ac7cab4929e4ec87818d6ed446ad95a959000013730d65523ff24036af23847ab0646883883b7df786

  • SSDEEP

    98304:ppnzRymHDY4HFSnarEN1w7Kx7GdvrqexhNZZ0MG1qB1H7F2hjGXCcdWSxwxQ2jh:pNFD84H+NqelOBBZZsItR2hjGXPdcxF

  Score

  10^/10

  vipkeyloggercollectiondiscoverykeyloggerstealer

  • VIPKeylogger

    VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

    stealerkeyloggervipkeylogger

  • Vipkeylogger family

    vipkeylogger

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2