General
-
Target
Loader.exe
-
Size
274KB
-
Sample
220709-wyzezaabf2
-
MD5
48de7b41e21e517d1ae57c2d6442b93d
-
SHA1
bcd876b0784835cfab4165fd434ad13a67db2365
-
SHA256
0ebbcb753aa42b66281ad10b99681563717aae91ffe95ab927ddb654b86e00ed
-
SHA512
91cfe55c9034806afa8505dc225569fe1437982a8c67c0539d528426737525d7128f6bdf4fb44050457f5a48a15be28c46134b8d1548f7c977770f54e4eeea87
Malware Config
Extracted
44caliber
https://discordapp.com/api/webhooks/989883604882563072/I6apuRJcmV6wI-bE0eT_u3YoI1Slj3mfLHwULpyZ35AEYu8xHDMfOn1VernNA60NWiN6
Targets
-
-
Target
Loader.exe
-
Size
274KB
-
MD5
48de7b41e21e517d1ae57c2d6442b93d
-
SHA1
bcd876b0784835cfab4165fd434ad13a67db2365
-
SHA256
0ebbcb753aa42b66281ad10b99681563717aae91ffe95ab927ddb654b86e00ed
-
SHA512
91cfe55c9034806afa8505dc225569fe1437982a8c67c0539d528426737525d7128f6bdf4fb44050457f5a48a15be28c46134b8d1548f7c977770f54e4eeea87
Score10/10-
44Caliber
An open source infostealer written in C#.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-