General
-
Target
0e182adbcb485b1a7bafc18e2b78b069
-
Size
541KB
-
Sample
231230-et1zkaafgj
-
MD5
0e182adbcb485b1a7bafc18e2b78b069
-
SHA1
d8ac3b051bbd861561dcee1293574856494cfc50
-
SHA256
8f39a7e82e442859855f0b4e64abc7cdc1a164c97c5a4c04a13c775c26eaf9b1
-
SHA512
d8713d19d57814d1b18b83ca3943ea2f0fc58cd6d64b46e15344d7cc358218ca62070955159c1b866df08555ff7b41ea0f2744d7e140eb6bb51c8f2ce26a3e30
-
SSDEEP
12288:nTqN4kJCCSTiMZEuSiXpm8zxtWvS0YRs2g:WPCpTiwEF8PMS08
Malware Config
Targets
-
-
Target
0e182adbcb485b1a7bafc18e2b78b069
-
Size
541KB
-
MD5
0e182adbcb485b1a7bafc18e2b78b069
-
SHA1
d8ac3b051bbd861561dcee1293574856494cfc50
-
SHA256
8f39a7e82e442859855f0b4e64abc7cdc1a164c97c5a4c04a13c775c26eaf9b1
-
SHA512
d8713d19d57814d1b18b83ca3943ea2f0fc58cd6d64b46e15344d7cc358218ca62070955159c1b866df08555ff7b41ea0f2744d7e140eb6bb51c8f2ce26a3e30
-
SSDEEP
12288:nTqN4kJCCSTiMZEuSiXpm8zxtWvS0YRs2g:WPCpTiwEF8PMS08
Score10/10-
44Caliber
An open source infostealer written in C#.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-