vipkeylogger

Resubmissions

28/03/2025, 02:29

250328-cy1s9asrv9 10

28/03/2025, 02:25

250328-cwgmlasrv3 10

Sharing

Copy URL

Twitter E-mail

General

Target

cd4cb9d6bbef97d3e35c33b5e1ef096e84c29ffc288beea73ca7cfadda6da2d2
Size

671KB
Sample

250328-cy1s9asrv9
MD5

700899aa34731b3971651b1daed09f64
SHA1

f3441dc79521f5c33d9a52b70c658623354a0942
SHA256

cd4cb9d6bbef97d3e35c33b5e1ef096e84c29ffc288beea73ca7cfadda6da2d2
SHA512

fe3d2fcd2a491afb78de782989bb4a0c37892ce6a2cf2f54b208cd4a4b0f5c40fc5aee24b1c78cd19e9ff59e8bc46a95eb89e333dc5cbf7bbddcae64be304df5
SSDEEP

12288:y1d4O7fSGWbIRo3EYCUXyqeLY74hFMiOQsvpp/9YavT3Oa:yjTfrWEW3EY8W7qFrQT/9YW3Oa

Score

10^/10

Malware Config

Extracted

Family

vipkeylogger

https://api.telegram.org/bot7341655920:AAEZHIUvwdNfcPot5ywEeoVPxGPDy0dAzVs/sendMessage?chat_id=7128988401

Targets

- Target
  
  K25004 Chin Bee Road Piling Layout.exe
- Size
  
  1.1MB
- MD5
  
  c1523e38552e62abe928da077238703b
- SHA1
  
  09f2fa809b337d4f189f192f44d5ac82d607fcab
- SHA256
  
  4b3fb4c8594eec8feffeb0955e3103e6211086450e5fa202b4188de5c9179960
- SHA512
  
  bb77daf580f45b8b46ad004fa4e495b31eee770e1615af0d9d0c86c1b641aece87ad2db95ca776536e03b1879341a9d3c2d8d179644f63ee463523f9cc6d6548
- SSDEEP
  
  24576:vu6J33O0c+JY5UZ+XC0kGso6FaLJER/9UOJsWY:Zu0c++OCvkGs9FaLJw9U2Y
Score

10^/10

vipkeylogger collection discovery keylogger stealer
- VIPKeylogger
  VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
  stealer keylogger vipkeylogger
- Vipkeylogger family
  vipkeylogger
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral10 behavioral11 behavioral12 behavioral13 behavioral2 behavioral3 behavioral4 behavioral5 behavioral6 behavioral7 behavioral8 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Email Collection

T1114

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Vipkeylogger family

Accesses Microsoft Outlook profiles

Looks up external IP address via web service

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13