vipkeylogger | 1dbfa2e56e9d4dee56960ed3d29ef0423a9301d20f43998f3ecbe21222686c92 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

orden de c...34.exe

windows7-x64

orden de c...34.exe

windows10-2004-x64

Sharing

General

Target

1dbfa2e56e9d4dee56960ed3d29ef0423a9301d20f43998f3ecbe21222686c92
Size

691KB
Sample

250325-wrd6fszxav
MD5

ffa6acba3dc763188cc87a98935169bc
SHA1

f0af42999250c066e31739a55cf48bbe839bc1a8
SHA256

1dbfa2e56e9d4dee56960ed3d29ef0423a9301d20f43998f3ecbe21222686c92
SHA512

54ba7b72196470b31fa0050610ca44ce354b4c67c741ff85f876eababf2bfbfabbd0536d6a3b472c7b4fe2db4bc1a79f049787c7e2de04145d4734dee2c91477
SSDEEP

12288:+Ir71pxIbMpsIHZ3B9D/1DD3ZM0Z8qNrdzPFC5sSQ+ymcDguZkxZgUQC1MWzwe:nV71/jZ8gUG+MguezgUMW0e

Score

10^/10

vipkeylogger collection discovery keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

orden de compra urgente 57634.exe

Resource

win7-20240903-en

vipkeylogger collection discovery keylogger stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

orden de compra urgente 57634.exe

Resource

win10v2004-20250314-en

vipkeylogger collection discovery keylogger stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

vipkeylogger

Credentials

Protocol: smtp
Host:
mail.genesio.top
Port:
587
Username:
[email protected]
Password:
0M#M~X*1n=El
Email To:
[email protected]

Targets

- Target
  
  orden de compra urgente 57634.exe
- Size
  
  864KB
- MD5
  
  7b02970d645f97da4d67a4bcd8696f0f
- SHA1
  
  72886ef68f5f59b50dc1f6d7e49bd2b598372ea9
- SHA256
  
  78f62280687f1306d1b99e72d2a89e928b640cb5b46699a0f51897a77237d216
- SHA512
  
  5c0384f38d01ad26169563781c76c73d6aaf784d12dfd4c80f9f251f00461327bb42910263608a10055455902481aae85fb26b1f481664cc9912efb6159744cf
- SSDEEP
  
  12288:idQMYyOn6nzxxp/YRbryJClPNHfViozW4i6CSE+ymcDwuZkTZEUivBMpkR:KY9n6nzpCbr6MN/cYW4it+MwuedO1
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vipkeyloggercollectiondiscoverykeyloggerstealer

behavioral2

vipkeyloggercollectiondiscoverykeyloggerstealer

© 2018-2025

Terms | Privacy