Overview

overview

10

Static

static

10

1c135a7b80...7d.exe

windows7-x64

10

1c135a7b80...7d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c135a7b80703354a6d8bac14381447d.exe

  • Size

    274KB

  • Sample

    230712-w2lchsfc81

  • MD5

    1c135a7b80703354a6d8bac14381447d

  • SHA1

    7562f7ba852f7ff91b6ef10647417bd54ff55c6c

  • SHA256

    cd8e9641046306857f3a12009ddf442922e32484696b475175c867e8ff580f3e

  • SHA512

    b9cad0723b37ee5612e64873ebddf428b4ace6396a2b301d8a19bc8c49c9084021f8c14da37298e262888ad62f6bbf78866bef152bb30fa8df39e60348396864

  • SSDEEP

    6144:hf+BLtABPDOpJTNN6eTSUdZ/pOlYeJqlA1D0Mk+:4pYSSUdZ/olYet1DY+

Score
10/10
44caliberspywarestealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/956477791124205569/zhz-iUwTtwf3ND8UdSeoNmdX8X4ElZBSxqhFrwstZ6oV5o-CWZxANYz737UasCARyImg

Targets

    • Target

      1c135a7b80703354a6d8bac14381447d.exe

    • Size

      274KB

    • MD5

      1c135a7b80703354a6d8bac14381447d

    • SHA1

      7562f7ba852f7ff91b6ef10647417bd54ff55c6c

    • SHA256

      cd8e9641046306857f3a12009ddf442922e32484696b475175c867e8ff580f3e

    • SHA512

      b9cad0723b37ee5612e64873ebddf428b4ace6396a2b301d8a19bc8c49c9084021f8c14da37298e262888ad62f6bbf78866bef152bb30fa8df39e60348396864

    • SSDEEP

      6144:hf+BLtABPDOpJTNN6eTSUdZ/pOlYeJqlA1D0Mk+:4pYSSUdZ/olYet1DY+

    Score
    10/10
    44caliberspywarestealer

    • 44Caliber

      An open source infostealer written in C#.

      stealer44caliber

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks