44caliber | 8f172bf2e40df72ccbf6a764bd376d2032463a8aa30a3810e63478d4aaa43299 | Triage

Sharing

General

Target

e94364b4239eb39286dd3b07a9ea469c.bin
Size

111KB
Sample

230925-cvkb4abe5z
MD5

2feb6bbe34226f1973d3f01c15349cf8
SHA1

92821fbf596573cbc72e85429221aac30e885e60
SHA256

8f172bf2e40df72ccbf6a764bd376d2032463a8aa30a3810e63478d4aaa43299
SHA512

dfc3784d9dc87e4193f027363ebf1c38005f1f6014db26f4eb697db57f97af69f4dad57b50ef1a22ec484b2e2614dccca552f7831aae2bbbeb289ba794953f6a
SSDEEP

3072:8dgAo+7LT1QJCMzlVZwLgR1te9DveHYf68P76xh2Mz:8dn50DR1U9veHYf6m6r2Mz

Score

10^/10

44caliber spyware stealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1101119692103491584/GTMNvMSwfNfgMdtSqTcvjCvj1QDXJYPNxW9vEtgHszOELGeSAQDBrIp9Qf7oWif26BJd

Targets

- Target
  
  c2ade6498bf4fe3991c76104a2d5a8ad880ab4baaf0756f707eb3b22d9734a8f.exe
- Size
  
  274KB
- MD5
  
  e94364b4239eb39286dd3b07a9ea469c
- SHA1
  
  95a3fc71b5a4f63e1ce10c163af55b56f168a6f8
- SHA256
  
  c2ade6498bf4fe3991c76104a2d5a8ad880ab4baaf0756f707eb3b22d9734a8f
- SHA512
  
  bb924f1c1f8b851c70d5639abed43ed047452bac62580d060229e7a054d5f1be269e2888a3dfe511b434ac5a785dcf37216c95cffd8baaa9432cd930670acc13
- SSDEEP
  
  6144:8f+BLtABPDWlR1ZroWT0Ilb5wqlYeJ6lA1D0wIk:RluK0Ilb5/lYed1DMk
Score

10^/10

44caliber spyware stealer
- 44Caliber
  An open source infostealer written in C#.
  stealer 44caliber
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

44caliberspywarestealer

behavioral2

44caliberspywarestealer