44caliber

Resubmissions

09-04-2023 16:27

230409-tx7c3sdf7t 1

09-04-2023 16:23

230409-tv84wsdf6z 10

Sharing

Copy URL

Twitter E-mail

General

Target

https://disk.yandex.ru/d/Tf0EJKzaNJx0sQ
Sample

230409-tv84wsdf6z

Score

10^/10

Malware Config

Extracted

Family

44caliber

https://discordapp.com/api/webhooks/1094353602480451655/iwXRe5GczCwBpNJy71UEaTWEPehskOT4c6LbuhNojAGvyX9mB0ftCXsTMjEdVh2ZaYw5

Targets

- Target
  
  https://disk.yandex.ru/d/Tf0EJKzaNJx0sQ
Score

10^/10

44caliber spyware stealer
- 44Caliber
  An open source infostealer written in C#.
  stealer 44caliber
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

T1081

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Exfiltration

Command and Control

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Accesses cryptocurrency files/wallets, possible credential harvesting

Looks up external IP address via web service

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

urlscan1

behavioral1