General
-
Target
12143930620.zip
-
Size
113KB
-
Sample
231003-n3khlsad6x
-
MD5
465e3574d2f53abaf1a7309e101874ce
-
SHA1
e19aced37a3ed4ee53a948b995938dbfc0d975c6
-
SHA256
89776cccb48ad220d19e203d764955930907f60142f6c71b6cd32c6decb6867d
-
SHA512
a6daea9d94986ce07685ccb70505eee4bcd9dae11dac4c93c921fcc9405c9d363304b293b07d427b2b6608797e118201bc532b28cc75ad51540273b2ea37bd6b
-
SSDEEP
1536:DP3yoAqwiWgrzh01jKcRvlaTNuyH/HWXqH+1RyEiwYA5MKeLNyxEuonun:4GZ0IcplaTN5yx14EiwYA5FEXun
Behavioral task
behavioral1
Sample
f17c1d86bdbdb7e6bae2034ec80231638bd3312dd75a1f5b6fe55731a3a56433.exe
Resource
win10-20230915-en
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1158386448026849410/FtcZKAlq7edVMUGk395SXV3Q9JN9qbNFGOqPx7vDhxDM_to09iUh6gk0PVk4dwi2gGuA
Targets
-
-
Target
f17c1d86bdbdb7e6bae2034ec80231638bd3312dd75a1f5b6fe55731a3a56433
-
Size
274KB
-
MD5
7c02408a83fa049887df06c7c0c3f301
-
SHA1
2ced507a793f00e49648f0dccb08a304995434d3
-
SHA256
f17c1d86bdbdb7e6bae2034ec80231638bd3312dd75a1f5b6fe55731a3a56433
-
SHA512
04d3747ca6d1891760b3b444ebb3152bd42d1a4e21a4c9ff940b188e8c614a55dd44e09c89af49eadd56775f1ea29f4e7ac6a4cbd50728cc61032b4067c79896
-
SSDEEP
6144:6f+BLtABPDslRpZrQWT0IQZQZ9afTyUlI1D03oK:5lmK0IQZQdZ1DLK
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-