General
-
Target
Transferencia de pago___________.exe
-
Size
1.1MB
-
Sample
250701-jcjq6shj2v
-
MD5
9e13a91027aad0b72286c035e03c9bee
-
SHA1
5608cc65418cbaa79486271e70efe86bf3f89f2a
-
SHA256
39581dce09ab253bc211c233a19fa8fd993f9aa0b04da21d5a9798abe34b9f77
-
SHA512
5aad7e3b3432c6a9e5b47544d955c37871495dead45ad46d8e632d87ac8e0f937040d47a0adcc02c81055f563a701b94384eba55f32710f35eb0257417f3e2e3
-
SSDEEP
24576:0uE0Vsb8Imfh1hGryBtXZ6/YJhGryBtXZ6/Y:HPVC8phD9KAn9KA
Static task
static1
Behavioral task
behavioral1
Sample
Transferencia de pago___________.exe
Resource
win10v2004-20250610-en
Malware Config
Extracted
vipkeylogger
https://api.telegram.org/bot7604002007:AAFT10a4un5YxTEh_lnASAJ8zp5sfBvBmxY/sendMessage?chat_id=7942936945
Targets
-
-
Target
Transferencia de pago___________.exe
-
Size
1.1MB
-
MD5
9e13a91027aad0b72286c035e03c9bee
-
SHA1
5608cc65418cbaa79486271e70efe86bf3f89f2a
-
SHA256
39581dce09ab253bc211c233a19fa8fd993f9aa0b04da21d5a9798abe34b9f77
-
SHA512
5aad7e3b3432c6a9e5b47544d955c37871495dead45ad46d8e632d87ac8e0f937040d47a0adcc02c81055f563a701b94384eba55f32710f35eb0257417f3e2e3
-
SSDEEP
24576:0uE0Vsb8Imfh1hGryBtXZ6/YJhGryBtXZ6/Y:HPVC8phD9KAn9KA
Score10/10-
VIPKeylogger
VIPKeylogger is a keylogger and infostealer written in C# and it resembles SnakeKeylogger that was found in 2020.
-
Vipkeylogger family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-