Extracted

• • Target

    c6094b00a087a57a40c1256a67cebc25.bin

  • Size

    293KB

  • MD5

    c6094b00a087a57a40c1256a67cebc25

  • SHA1

    29b100dbc5bc482949e483ebf5969646e417cb17

  • SHA256

    0408e2c545d837ff2eb08d92b94f80b6dd11d00b21788bc485c552ee3a2fa1ba

  • SHA512

    d9eba8f24dd310690c7145226fab7beab26d197f5b8278ee904cedf5f70f5a11603ab9ba93dcd817c8ecc3ff7fd0a1846982ed230a90a458dbbfe67dc372041e

  • SSDEEP

    3072:UNgIOuOIStjInreY8gHMPceeZdTXD4x37OrhYSCIujV8ZmQVDQ1Lh6cl1Lxatuwj:+OuOISqeYnQcpnyOrhYSxuj7F1hxUlF

  Score

  10^/10

  44caliberspywarestealer

  • 44Caliber

    An open source infostealer written in C#.

    stealer44caliber

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2