General
-
Target
0x000b000000012737-60.dat
-
Size
274KB
-
Sample
220408-lgqfmagegp
-
MD5
f0a6137751223c932f77f1807ad0805e
-
SHA1
af5befc8e36c8c062ef96ad57e8e1a1f39a2f675
-
SHA256
2105779b2f3e3f454cea059d25484b9ef423a0318abc7c8cbe04289e393e8697
-
SHA512
c4096757420b11bc3748522202efb0d8ee1ecd09e7b773505a96124a339e40951533432d02dfbc929380f8a15160ed2911018dee56b2af7db4d6d9222e4dee4a
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/959366883545579581/Z1Be8qUrtXUbCZydkDEnV1VMcMYEDqpAE1fFmNhN26L5vd4nrcJOGi-iQnD-msZc-BJX
Targets
-
-
Target
0x000b000000012737-60.dat
-
Size
274KB
-
MD5
f0a6137751223c932f77f1807ad0805e
-
SHA1
af5befc8e36c8c062ef96ad57e8e1a1f39a2f675
-
SHA256
2105779b2f3e3f454cea059d25484b9ef423a0318abc7c8cbe04289e393e8697
-
SHA512
c4096757420b11bc3748522202efb0d8ee1ecd09e7b773505a96124a339e40951533432d02dfbc929380f8a15160ed2911018dee56b2af7db4d6d9222e4dee4a
Score10/10-
44Caliber
An open source infostealer written in C#.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-