44caliber | 087463d769d4bacbde05c6c64d54123fc50148ef081f643b29cb057cd61771e8 | Triage

Sharing

General

Target

7e52a8ea6d5e74171fc139b8a44c4f2b
Size

519KB
Sample

240128-3tctqsegfk
MD5

7e52a8ea6d5e74171fc139b8a44c4f2b
SHA1

bb07e01794eab7d9691862c486519706f9520122
SHA256

087463d769d4bacbde05c6c64d54123fc50148ef081f643b29cb057cd61771e8
SHA512

787f48ff7a6cb9508d9d6b7bfc627dd279533c2b56aa1ccbbbe4c96e8ed5fd1f957047d819e3354c3a281dabade90a9115bc18b57fc9c476c2ee0fc78dd1377c
SSDEEP

12288:XYONCsypxWpFogCZhsjMnw8opmAk8BDj/r1MywS/r3o:XRypxUoRigTobk8BDjhMy

Score

10^/10

44caliber spyware stealer

Malware Config

Targets

- Target
  
  7e52a8ea6d5e74171fc139b8a44c4f2b
- Size
  
  519KB
- MD5
  
  7e52a8ea6d5e74171fc139b8a44c4f2b
- SHA1
  
  bb07e01794eab7d9691862c486519706f9520122
- SHA256
  
  087463d769d4bacbde05c6c64d54123fc50148ef081f643b29cb057cd61771e8
- SHA512
  
  787f48ff7a6cb9508d9d6b7bfc627dd279533c2b56aa1ccbbbe4c96e8ed5fd1f957047d819e3354c3a281dabade90a9115bc18b57fc9c476c2ee0fc78dd1377c
- SSDEEP
  
  12288:XYONCsypxWpFogCZhsjMnw8opmAk8BDj/r1MywS/r3o:XRypxUoRigTobk8BDjhMy
Score

10^/10

44caliber spyware stealer
- 44Caliber
  An open source infostealer written in C#.
  stealer 44caliber
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

44caliberspywarestealer

behavioral2

44caliberspywarestealer