Overview

overview

10

Static

static

3

BugSplat64.dll

windows7-x64

10

BugSplat64.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BugSplat64.dll.exe

  • Size

    12.4MB

  • Sample

    250227-qptv8sxzfs

  • MD5

    5dc0ed87146dacc6f84005f6667a977a

  • SHA1

    397fd547749314eca0780275e8c695067256d82d

  • SHA256

    5b0c0b5fab4030da17e80d45dddaacda910e443d3a270882196968b9309bfaaf

  • SHA512

    f3df02654ebee17d9b7c1346d6a4a69d8a5fb025731e27ac7cab4929e4ec87818d6ed446ad95a959000013730d65523ff24036af23847ab0646883883b7df786

  • SSDEEP

    98304:ppnzRymHDY4HFSnarEN1w7Kx7GdvrqexhNZZ0MG1qB1H7F2hjGXCcdWSxwxQ2jh:pNFD84H+NqelOBBZZsItR2hjGXPdcxF

Score
10/10
vipkeyloggercollectiondiscoverykeyloggerstealer

Malware Config

Extracted

Family

vipkeylogger

Credentials

Targets

    • Target

      BugSplat64.dll.exe

    • Size

      12.4MB

    • MD5

      5dc0ed87146dacc6f84005f6667a977a

    • SHA1

      397fd547749314eca0780275e8c695067256d82d

    • SHA256

      5b0c0b5fab4030da17e80d45dddaacda910e443d3a270882196968b9309bfaaf

    • SHA512

      f3df02654ebee17d9b7c1346d6a4a69d8a5fb025731e27ac7cab4929e4ec87818d6ed446ad95a959000013730d65523ff24036af23847ab0646883883b7df786

    • SSDEEP

      98304:ppnzRymHDY4HFSnarEN1w7Kx7GdvrqexhNZZ0MG1qB1H7F2hjGXCcdWSxwxQ2jh:pNFD84H+NqelOBBZZsItR2hjGXPdcxF

    Score
    10/10
    vipkeyloggercollectiondiscoverykeyloggerstealer

    • VIPKeylogger

      VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.

      stealerkeyloggervipkeylogger

    • Vipkeylogger family

      vipkeylogger

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks