44caliber | 365b5ff8ca48c1fc8199963f1ca5b8ba17cdaf509a70bdcf39a1f494939efbef | Triage

Sharing

General

Target

8d06aa1339eb228d1e1cadafaafa6642
Size

1.2MB
Sample

240203-wys8yshgfq
MD5

8d06aa1339eb228d1e1cadafaafa6642
SHA1

10ee0eeae5ea05c4b129396e7698e080d1dd6b82
SHA256

365b5ff8ca48c1fc8199963f1ca5b8ba17cdaf509a70bdcf39a1f494939efbef
SHA512

c0db2d5c75d2b7fbaf5749979c98c7aa2b97ae89447b091b624f0c8b9c3339c5de26a174f477da6f9b4c04e1580d5bc2bdbc27ce8a295483cf6103c8ea825d70
SSDEEP

24576:SE6n68i0m4emAe0yup0fqRJXaFGAVD+jz4EhCjV2hvbS:z6n68NA3yupo+8VD+rG2B

Score

10^/10

44caliber spyware stealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/856136644549672990/QUNtw2qTusIFDmzy-UzjpJMUoOb_iEuhuGYNbubQrYAP-N--gudEwK04jXD4FjY9AbgU

Targets

- Target
  
  8d06aa1339eb228d1e1cadafaafa6642
- Size
  
  1.2MB
- MD5
  
  8d06aa1339eb228d1e1cadafaafa6642
- SHA1
  
  10ee0eeae5ea05c4b129396e7698e080d1dd6b82
- SHA256
  
  365b5ff8ca48c1fc8199963f1ca5b8ba17cdaf509a70bdcf39a1f494939efbef
- SHA512
  
  c0db2d5c75d2b7fbaf5749979c98c7aa2b97ae89447b091b624f0c8b9c3339c5de26a174f477da6f9b4c04e1580d5bc2bdbc27ce8a295483cf6103c8ea825d70
- SSDEEP
  
  24576:SE6n68i0m4emAe0yup0fqRJXaFGAVD+jz4EhCjV2hvbS:z6n68NA3yupo+8VD+rG2B
Score

10^/10

44caliber spyware stealer
- 44Caliber
  An open source infostealer written in C#.
  stealer 44caliber
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

44caliberspywarestealer

behavioral2

44caliberspywarestealer