Overview

overview

10

Static

static

10

SerotoninLoader.exe

windows7-x64

10

SerotoninLoader.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SerotoninLoader.exe

  • Size

    274KB

  • Sample

    240124-16bfbsabf4

  • MD5

    a1e427ad2ef7f222aa66a6256eae9470

  • SHA1

    5bf1775f86b3c20387f164055322692ef1e2a508

  • SHA256

    1ea45c54e59585e1cd3b415c1a8dd4e5e6146559802d55ad00549e88d0dad03c

  • SHA512

    59cd96e21c224301bd9721852c4714436b7896f5cddb55c39715bdfa4b33100a7bc8d86246f2c211e365cab2f8f41acb091ed1089756d9dd24ff0bdf76e46cf7

  • SSDEEP

    6144:of+BLtABPDslRpZrQWT0IQZQZtafTy8lI1D0Qkv:jlmK0IQZQNx1Dov

Score
10/10
44caliberspywarestealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1190238303706943558/sspm8U_-iZm0lPr7lzq2HlHtwE1OvN49WbP5Wq0jsesUiJAxFQ_ILy_elOLuM4tFYIXC

Targets

    • Target

      SerotoninLoader.exe

    • Size

      274KB

    • MD5

      a1e427ad2ef7f222aa66a6256eae9470

    • SHA1

      5bf1775f86b3c20387f164055322692ef1e2a508

    • SHA256

      1ea45c54e59585e1cd3b415c1a8dd4e5e6146559802d55ad00549e88d0dad03c

    • SHA512

      59cd96e21c224301bd9721852c4714436b7896f5cddb55c39715bdfa4b33100a7bc8d86246f2c211e365cab2f8f41acb091ed1089756d9dd24ff0bdf76e46cf7

    • SSDEEP

      6144:of+BLtABPDslRpZrQWT0IQZQZtafTy8lI1D0Qkv:jlmK0IQZQNx1Dov

    Score
    10/10
    44caliberspywarestealer

    • 44Caliber

      An open source infostealer written in C#.

      stealer44caliber

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

2
T1552

Credentials In Files

2
T1552.001

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks