General

  • Target

    caliber

  • Size

    274KB

  • Sample

    230901-mls8raeb5x

  • MD5

    51ef1b5bd832c2dd5527026a2c8385dd

  • SHA1

    f4cdb36b3bb2f7cb8328f7821a6c9f1a67abf69e

  • SHA256

    efc7c7dd299cd861e9196153e2f42b0365c17f6ed2e1336c0aa8b14342d4069e

  • SHA512

    b6e19a0a9e414c30388d4af1e9490547505de26eaedcb9ecf022b1b818073be8cb00cc96a63c1537caeebb5a6c4db635b801ee45e2815d3254374b93a52be631

  • SSDEEP

    6144:jf+BLtABPDZ1o2NjNRScMH5cgowlqg0lI1D0oeB:51HocY5cgJ51DaB

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1122141363941679136/q6BCXosW-M2T548ZAXG2lmcxF3COhfB4HKP6TsvadEd_-GW37BPl1h9nkHpx_As2wrMj

Targets

    • Target

      caliber

    • Size

      274KB

    • MD5

      51ef1b5bd832c2dd5527026a2c8385dd

    • SHA1

      f4cdb36b3bb2f7cb8328f7821a6c9f1a67abf69e

    • SHA256

      efc7c7dd299cd861e9196153e2f42b0365c17f6ed2e1336c0aa8b14342d4069e

    • SHA512

      b6e19a0a9e414c30388d4af1e9490547505de26eaedcb9ecf022b1b818073be8cb00cc96a63c1537caeebb5a6c4db635b801ee45e2815d3254374b93a52be631

    • SSDEEP

      6144:jf+BLtABPDZ1o2NjNRScMH5cgowlqg0lI1D0oeB:51HocY5cgJ51DaB

    • 44Caliber

      An open source infostealer written in C#.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks