General
-
Target
1860-45-0x0000000000400000-0x000000000044A000-memory.dmp
-
Size
296KB
-
MD5
38121b3a58c4ebdce3ee5dc598d715d1
-
SHA1
be078f08e54cee744e0f3c27a20498adfc7506f3
-
SHA256
eb3d3b95ecf1f70407f9374942ab4d47b2a190bc7e3da47d6de6652e890f798e
-
SHA512
48e447ef17a16f841fdda72357ef099cb082af4669acf1980a6eda9ca1151d97e5e8bc952be53d495bae468d906cc67e20ff08fa10ccf0411ce7de314d8ae998
-
SSDEEP
3072:bQQF0LYRk7IhPhy5KcY1S6eirG4Hbqd9OcOWEXDeryzLb7X15Xqj1sjsFYTVgfiW:b0I9qDpYyryzLbD15XqZ8b
Score
10/10
Malware Config
Extracted
Family
vipkeylogger
Credentials
Protocol: smtp- Host:
mail.puyehuechile.cl - Port:
587 - Username:
[email protected] - Password:
Daem2024. - Email To:
[email protected]
C2
https://api.telegram.org/bot7734343353:AAEmQvfIoOWaFhz75a3JZ6hyXwpiKyq7nnY/sendMessage?chat_id=7049826127
Signatures
-
Vipkeylogger family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1860-45-0x0000000000400000-0x000000000044A000-memory.dmp
Headers
Sections