44caliber

Sharing

Copy URL

Twitter E-mail

General

Target

AkebiGC.rar
Size

128.0MB
Sample

240209-kyj5habf93
MD5

40fc80c8ceb0dc1d17cc24b55a09ea5f
SHA1

4c270667f39d5648f5845b460f692ab2744226aa
SHA256

4d4c6e971e2c8635ffdcc310998c0ab3b72595cc6589754666554da4128c4862
SHA512

f1faa1c65d0e3108441dd0e639c0aa1c294d3f400e97b6efe852a8922344066952ac5ddab79a853a5a6e141d51ca2e0123cee7ed7c93d7220f803c2c1cfa91fb
SSDEEP

3145728:pGLC7t8sChdDFOoQiKLC7t8haSyYpS0llfLC7t8haSyYpS0llHiIaJaVE:pfSsChd0sScSI4+ScSI4CIaJaVE

Score

10^/10

Malware Config

Extracted

Family

44caliber

https://discord.com/api/webhooks/1205378577210548224/LNcoZrLKPyHLEN4pcKhtXlPWyk5g8jRNtbvhK_L1UGxjObYKgJwFG53LqgVJZWP5xjst

Targets

- Target
  
  Akebi/Akebi.exe
- Size
  
  274KB
- MD5
  
  6c10aa7f40c68f01050d041ab9c16417
- SHA1
  
  8b447164852a63f79e276396649f98dfb955e053
- SHA256
  
  db5cda1822fc9fa50bc6719d835d61692d936b674da3d840ba61ad1b11c616eb
- SHA512
  
  9636f49c03203faf53e48945efb3e182ddbcbd143822f7c706d11164d2a1a7e86caa72d3eabf307616011b79fb00b35a894dc6055a2d1cfa9966183e96a12a31
- SSDEEP
  
  6144:Bf+BLtABPDMZZzIlzcwKUfmBnxafTy8lI1D0zOy:uZOnKUfmBXx1DNy
Score

10^/10

44caliber spyware stealer
- 44Caliber
  An open source infostealer written in C#.
  stealer 44caliber
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  Akebi/cef.pak
- Size
  
  3.5MB
- MD5
  
  52f3fc9f9b84e341e57c4bf337b35b9f
- SHA1
  
  42425795baa91001ae79743a9e9023ec0ea5e6ad
- SHA256
  
  42b4cd144d1a6e395f9314ddf963ea65ca957a0a813d71b5f6e07ae40513c613
- SHA512
  
  4866f01ddc49b59ba44cf13628bdab7129a72cec8563bedc4664bfb2de6c0736afec2960941f17b274a4680fbaa745bde471ce623ed4f589ac31f7fe6bf4dd71
- SSDEEP
  
  49152:WFasXngmPl7MRJYlI4h3u2uFLw/beubUoSWPWolWaPa56lwEwmhRJRkx92xp73oF:+P3uEw8q96hIHVruP3KJ/
Score

1^/10
behavioral2
- Target
  
  Akebi/cef_100_percent.pak
- Size
  
  724KB
- MD5
  
  277a53a3922d71cc99626ab835cc8677
- SHA1
  
  e711062e5fef4f8c2e6fa2a0e93c0a6aca3a8056
- SHA256
  
  dae17c53566d83e24b8dbeb4329ff9a11999b05d30c2fc1d8d6a585535f6d3f8
- SHA512
  
  33d8a7843adf6c32cf6940806a0d934d67b8f6236ecbf560d226fe45180eefde35bdde97079a3f85f58188be199905255c51bc0028e4222f1440ebe51c224ba8
- SSDEEP
  
  6144:KbvBDe7NxHcSgEalEJxd0NvmdXWq1jxzwAj6TAVu1KTbkW/HQax5c1YC7x1+fSry:KDBDe7NzVNbkWHLgf1T2/tb
Score

1^/10
behavioral3
- Target
  
  Akebi/cef_200_percent.pak
- Size
  
  852KB
- MD5
  
  1822748dcb06d101954426fe75a62eb3
- SHA1
  
  8fd06ab468b681cb2818ac729594357535fbf5ec
- SHA256
  
  faded3d34e58c4dd61557f1f4c14c2dc83685a2259fdfa641f5d09eef5bbfbd5
- SHA512
  
  1315d155bce36b542d5b65def911e8e6fbb215bb11826bbe2e3f2b34f9e6163d25bbf880a59d8735aa02cd701d16d64d3ac61bb93a63234da0c4bdf22f9d08c8
- SSDEEP
  
  12288:0BDe7NzYfqj0o+Lgs4jTokWHzg5u/oFwFMT:0BDe7Nf0o+LbaDWHz0qoFgo
Score

1^/10
behavioral4
- Target
  
  Akebi/cef_extensions.pak
- Size
  
  1.7MB
- MD5
  
  597e878419411cc2ce35029b9c44cb72
- SHA1
  
  7d2d43b1c87679fcb9f6818ed14bba2d0e330775
- SHA256
  
  eb3bfc21fa8561afbb5ce1298797b6b832b02d2b09dff878725a035e19b31da3
- SHA512
  
  0b6f29fe03181458f335b440115b8b364b8ce3da554682affa7c2832530d61ec42447a9a7cc85f709ecf93209981133d2c98b150e49486f3227c165f3ce4057b
- SSDEEP
  
  49152:eiBMyOelfi23G97Zgl6mHSG1hdAKp6YlWXe/+ll:N1hmMwe/Ml
Score

1^/10
behavioral5
- Target
  
  Akebi/chrome_elf.dll
- Size
  
  690KB
- MD5
  
  4bc92038a76a457a1c36499bd843aa1a
- SHA1
  
  0ec0ab717f116231ee1f120e958aa1876845ffb0
- SHA256
  
  6084e9d7bf40c57c141e99fd061671abbf82dda61e8567dab22d4b5fdbc0cc29
- SHA512
  
  2ad8b1432bd79879d92e0d64ac0a5f14f554683a123e7fb86622a5263c3844c218d14495f60b4987add2e2d425348b3b63c1c398ae7ab5c59f11f22f7ef3e768
- SSDEEP
  
  12288:dRn335tvsz6Xu1HkXh312ix5zqYDoYFEaaqHudbjnySWGG7Kn:fH5tv4J1HkR3hoYe8i
Score

3^/10
behavioral6
- Target
  
  Akebi/chromelf.dll
- Size
  
  690KB
- MD5
  
  4bc92038a76a457a1c36499bd843aa1a
- SHA1
  
  0ec0ab717f116231ee1f120e958aa1876845ffb0
- SHA256
  
  6084e9d7bf40c57c141e99fd061671abbf82dda61e8567dab22d4b5fdbc0cc29
- SHA512
  
  2ad8b1432bd79879d92e0d64ac0a5f14f554683a123e7fb86622a5263c3844c218d14495f60b4987add2e2d425348b3b63c1c398ae7ab5c59f11f22f7ef3e768
- SSDEEP
  
  12288:dRn335tvsz6Xu1HkXh312ix5zqYDoYFEaaqHudbjnySWGG7Kn:fH5tv4J1HkR3hoYe8i
Score

3^/10
behavioral7
- Target
  
  Akebi/d3dcompiler_47.dll
- Size
  
  3.5MB
- MD5
  
  d2d0ff97605d2c2f8921e93062eb01ff
- SHA1
  
  586cdca915f47fa4b1010f781ec0504e3138efd2
- SHA256
  
  4056e0804a13d791362555636ba34158fade7c1e71599e415a285de1472d83d5
- SHA512
  
  7bff38be4c5c41a978b33b9458dc885c59e68fa3dd4e56c6b980d334837bef37b2205b1b69aa1f058c0d8e24e3938c29da917a198b640b521d9726a505683b10
- SSDEEP
  
  49152:KrqFNHA0sqBRTFXIgeElWEmsZbcjTmV8h6rc15K5mppbIar24SP1sEZgTK3iU7Ed:KrwNvDLICV8suT724SFSmsJ
Score

3^/10
behavioral8
- Target
  
  Akebi/d3dsystem.dll
- Size
  
  3.5MB
- MD5
  
  d2d0ff97605d2c2f8921e93062eb01ff
- SHA1
  
  586cdca915f47fa4b1010f781ec0504e3138efd2
- SHA256
  
  4056e0804a13d791362555636ba34158fade7c1e71599e415a285de1472d83d5
- SHA512
  
  7bff38be4c5c41a978b33b9458dc885c59e68fa3dd4e56c6b980d334837bef37b2205b1b69aa1f058c0d8e24e3938c29da917a198b640b521d9726a505683b10
- SSDEEP
  
  49152:KrqFNHA0sqBRTFXIgeElWEmsZbcjTmV8h6rc15K5mppbIar24SP1sEZgTK3iU7Ed:KrwNvDLICV8suT724SFSmsJ
Score

3^/10
behavioral9
- Target
  
  Akebi/devtools_resources.pak
- Size
  
  5.7MB
- MD5
  
  766eba8610853eb8c8985a3bbe44f6f3
- SHA1
  
  41e12e3783b5210735cc8a9f8e4bcf8da43c8e36
- SHA256
  
  7e9091666d5253441fe0639d01867450623a4add8fa375a31d09e9d1b0f67026
- SHA512
  
  688e5174c931fe0e3661d4a45139b5faea5460efcd30491dd9258ad5f36872ce51646eb638c837e8784785fe1806a63e5f68e796e68eab8a5ecc98b22cfd44e6
- SSDEEP
  
  49152:Ik06LFPZAnkA/koZdvvVqckTZdvvVqQ3FLyWzmiUTWUHbHTR2Cs1y3J2kkDJMuXr:IkWkw6
Score

1^/10
behavioral10
- Target
  
  Akebi/dll/chromelf.dll
- Size
  
  690KB
- MD5
  
  4bc92038a76a457a1c36499bd843aa1a
- SHA1
  
  0ec0ab717f116231ee1f120e958aa1876845ffb0
- SHA256
  
  6084e9d7bf40c57c141e99fd061671abbf82dda61e8567dab22d4b5fdbc0cc29
- SHA512
  
  2ad8b1432bd79879d92e0d64ac0a5f14f554683a123e7fb86622a5263c3844c218d14495f60b4987add2e2d425348b3b63c1c398ae7ab5c59f11f22f7ef3e768
- SSDEEP
  
  12288:dRn335tvsz6Xu1HkXh312ix5zqYDoYFEaaqHudbjnySWGG7Kn:fH5tv4J1HkR3hoYe8i
Score

3^/10
behavioral11
- Target
  
  Akebi/dll/d3dsystem.dll
- Size
  
  3.5MB
- MD5
  
  d2d0ff97605d2c2f8921e93062eb01ff
- SHA1
  
  586cdca915f47fa4b1010f781ec0504e3138efd2
- SHA256
  
  4056e0804a13d791362555636ba34158fade7c1e71599e415a285de1472d83d5
- SHA512
  
  7bff38be4c5c41a978b33b9458dc885c59e68fa3dd4e56c6b980d334837bef37b2205b1b69aa1f058c0d8e24e3938c29da917a198b640b521d9726a505683b10
- SSDEEP
  
  49152:KrqFNHA0sqBRTFXIgeElWEmsZbcjTmV8h6rc15K5mppbIar24SP1sEZgTK3iU7Ed:KrwNvDLICV8suT724SFSmsJ
Score

3^/10
behavioral12
- Target
  
  Akebi/dll/libGLEOSv2.dll
- Size
  
  4.5MB
- MD5
  
  c1649e692c3ad2286f00ea3d0c308b39
- SHA1
  
  de4eea121c46b5c78e7f00f982dd3b451cad857f
- SHA256
  
  873ef5948a0913d4487dab8ccedd3d17beff86201a0d48b111b1183772ef1bc9
- SHA512
  
  ab8fdd87765763904c7d52c71023fede5f5692f38380789ea4d90c4ff7c88b8eb59fdac471a15d399a271280ca470f2f224108495710d9922a8cfb72be11b05e
- SSDEEP
  
  98304:2UOQD4cLcczq0nTVrt1wVzkRs1vQznqzp:2YDnq0nTVoWslj
Score

3^/10
behavioral13
- Target
  
  Akebi/dll/libeab.dll
- Size
  
  89.2MB
- MD5
  
  481df7f01a1b3a6d028790d20f2d97bb
- SHA1
  
  2d56b5244ad233e1c9ca727b502d5c54976ba431
- SHA256
  
  dc01fa5ca5c750c8c9ac807ae10cafb6edc3ded266d116dbf488c5bd67ee96cd
- SHA512
  
  630a7931f7bf23f27580c87dbd9093e78e26a322e708faca6dd79778640e624f7816c84114be28017fb26f53f49a56bba42ecfa96be06b901d6e24a087a4ecc6
- SSDEEP
  
  1572864:QCfH67bepQdZZVZC1tcZCmWyW8aiPHnDZpm0EHvMqt1t2EZFzMFDR:9HMLEEqKP
Score

1^/10
behavioral14
- Target
  
  Akebi/dll/lindel.dll
- Size
  
  108KB
- MD5
  
  e0b6f3c763f192a08115b87c4a4e94d0
- SHA1
  
  cebb858de268b5e7e8704b6b5cb3d5ab1f5614d1
- SHA256
  
  e334032ec466005f07645c3c0f5ea7722202189c4b5723ef5dad77a129549791
- SHA512
  
  41d150a16d95a12ba296f069556f7dd9fe1f20389c34a4551866e41bf68f684e44093efe0ee688710a930be6930c08c80f8ae74b00e1cea8c81f94c2db46742e
- SSDEEP
  
  3072:88mtXPdLa2PHqpN2ogTWtrZY4a6FGuuL6TranpOtZmr:c02SpwTwrZYCGuuL6QuZE
Score

3^/10
behavioral15
- Target
  
  Akebi/ffmpeg.dll
- Size
  
  1.2MB
- MD5
  
  eae2a95bb9404eda67360ebefeb32080
- SHA1
  
  a2ba1507a815c54a91f74f3f1965ff1cceb75e13
- SHA256
  
  ebdf82bf567ba506879352053d5d670b369a41cfe783f3c177010460146518d3
- SHA512
  
  f6a06c3d678195b5c9b091e89b4493cf4012f1cf1f820f2778d28236d9566ed115feacb07f237ec79a8b71ddba3453d57233c63e079a0b498ad09b561a0e472c
- SSDEEP
  
  24576:y8M3T0FajLnlBXECsd/BgXJ8dr6VG74+lOjAd/o7Cln:yjb3lZ6d68N0V+lD1o7Cln
Score

1^/10
behavioral16
- Target
  
  Akebi/libEGL.dll
- Size
  
  108KB
- MD5
  
  e0b6f3c763f192a08115b87c4a4e94d0
- SHA1
  
  cebb858de268b5e7e8704b6b5cb3d5ab1f5614d1
- SHA256
  
  e334032ec466005f07645c3c0f5ea7722202189c4b5723ef5dad77a129549791
- SHA512
  
  41d150a16d95a12ba296f069556f7dd9fe1f20389c34a4551866e41bf68f684e44093efe0ee688710a930be6930c08c80f8ae74b00e1cea8c81f94c2db46742e
- SSDEEP
  
  3072:88mtXPdLa2PHqpN2ogTWtrZY4a6FGuuL6TranpOtZmr:c02SpwTwrZYCGuuL6QuZE
Score

1^/10
behavioral17
- Target
  
  Akebi/libGLEOSv2.dll
- Size
  
  4.5MB
- MD5
  
  c1649e692c3ad2286f00ea3d0c308b39
- SHA1
  
  de4eea121c46b5c78e7f00f982dd3b451cad857f
- SHA256
  
  873ef5948a0913d4487dab8ccedd3d17beff86201a0d48b111b1183772ef1bc9
- SHA512
  
  ab8fdd87765763904c7d52c71023fede5f5692f38380789ea4d90c4ff7c88b8eb59fdac471a15d399a271280ca470f2f224108495710d9922a8cfb72be11b05e
- SSDEEP
  
  98304:2UOQD4cLcczq0nTVrt1wVzkRs1vQznqzp:2YDnq0nTVoWslj
Score

3^/10
behavioral18
- Target
  
  Akebi/libGLESv2.dll
- Size
  
  4.5MB
- MD5
  
  c1649e692c3ad2286f00ea3d0c308b39
- SHA1
  
  de4eea121c46b5c78e7f00f982dd3b451cad857f
- SHA256
  
  873ef5948a0913d4487dab8ccedd3d17beff86201a0d48b111b1183772ef1bc9
- SHA512
  
  ab8fdd87765763904c7d52c71023fede5f5692f38380789ea4d90c4ff7c88b8eb59fdac471a15d399a271280ca470f2f224108495710d9922a8cfb72be11b05e
- SSDEEP
  
  98304:2UOQD4cLcczq0nTVrt1wVzkRs1vQznqzp:2YDnq0nTVoWslj
Score

3^/10
behavioral19
- Target
  
  Akebi/libcef.dll
- Size
  
  89.2MB
- MD5
  
  481df7f01a1b3a6d028790d20f2d97bb
- SHA1
  
  2d56b5244ad233e1c9ca727b502d5c54976ba431
- SHA256
  
  dc01fa5ca5c750c8c9ac807ae10cafb6edc3ded266d116dbf488c5bd67ee96cd
- SHA512
  
  630a7931f7bf23f27580c87dbd9093e78e26a322e708faca6dd79778640e624f7816c84114be28017fb26f53f49a56bba42ecfa96be06b901d6e24a087a4ecc6
- SSDEEP
  
  1572864:QCfH67bepQdZZVZC1tcZCmWyW8aiPHnDZpm0EHvMqt1t2EZFzMFDR:9HMLEEqKP
Score

1^/10
behavioral20
- Target
  
  Akebi/libeab.dll
- Size
  
  89.2MB
- MD5
  
  481df7f01a1b3a6d028790d20f2d97bb
- SHA1
  
  2d56b5244ad233e1c9ca727b502d5c54976ba431
- SHA256
  
  dc01fa5ca5c750c8c9ac807ae10cafb6edc3ded266d116dbf488c5bd67ee96cd
- SHA512
  
  630a7931f7bf23f27580c87dbd9093e78e26a322e708faca6dd79778640e624f7816c84114be28017fb26f53f49a56bba42ecfa96be06b901d6e24a087a4ecc6
- SSDEEP
  
  1572864:QCfH67bepQdZZVZC1tcZCmWyW8aiPHnDZpm0EHvMqt1t2EZFzMFDR:9HMLEEqKP
Score

1^/10
behavioral21
- Target
  
  Akebi/lindel.dll
- Size
  
  108KB
- MD5
  
  e0b6f3c763f192a08115b87c4a4e94d0
- SHA1
  
  cebb858de268b5e7e8704b6b5cb3d5ab1f5614d1
- SHA256
  
  e334032ec466005f07645c3c0f5ea7722202189c4b5723ef5dad77a129549791
- SHA512
  
  41d150a16d95a12ba296f069556f7dd9fe1f20389c34a4551866e41bf68f684e44093efe0ee688710a930be6930c08c80f8ae74b00e1cea8c81f94c2db46742e
- SSDEEP
  
  3072:88mtXPdLa2PHqpN2ogTWtrZY4a6FGuuL6TranpOtZmr:c02SpwTwrZYCGuuL6QuZE
Score

1^/10
behavioral22
- Target
  
  Akebi/natives_blob.bin
- Size
  
  81KB
- MD5
  
  d2414b8ae71f3f827b984167054e21a1
- SHA1
  
  a1768d8f11596c7e24f702e6b7fcf6b0c45d0506
- SHA256
  
  66a747124929695fdf5b74812e15518ee7ed4e1406e53febe064c39931948449
- SHA512
  
  e575fc3673d278f7b80625d99c840cda059661b977a37ed738f36c4a260850d92efa2ee567584f58fd57d82d31fcfbf5df4b0769bdf03d796df6326476b4abac
- SSDEEP
  
  1536:+bz4Oif2sMnL8gDpKD0rrr/4or06mGsY3csV3/EBSee0fHVvJ4TGD3zT+2/ei7g5:+bz4Oif2sMHEBSx0fHVvOT6jTVeikwV8
Score

1^/10
behavioral23
- Target
  
  Akebi/vgrl.dll
- Size
  
  3.4MB
- MD5
  
  15620a9f1936c028377523116e657b82
- SHA1
  
  be2d28d85af3c0e98884b6874f4668d361caf7c4
- SHA256
  
  786499d901e9b4f7d5f5d00847fd09ee6ddfebe7ef824c53b49e569a670d6e28
- SHA512
  
  1ae0c54dd997aeb9d95a5f78be98ebf66a022545ec6e61422fd8c754030ffec0485aabf3ffa7b9ca9feb7c6f638cde94c7335d56a17d9eb9fea2c179f2326f9a
- SSDEEP
  
  98304:LKdCMlrcK9LLB9h9qVh8jhYY5BFtvhxijrvGPSo:mdLlrfdh9qVhk5BFv8r+PN
Score

1^/10
behavioral24
- Target
  
  Akebi/vivoxsdk.dll
- Size
  
  10.6MB
- MD5
  
  49c587d64530b5a31b246c791643abe5
- SHA1
  
  fb5afe2fe639f7b9d05d36b258c64fe20b1d1f19
- SHA256
  
  6f6b8cdf286f7f1aec5245834fb8a8afcd6f9c764a6988b1b738df828fea2c89
- SHA512
  
  90775234fa17f192445bde2b106e7ba7158ddc6e000400b9cb1fd0b095a2210e97d17b15d9ca398062d51eeac820536492da993172aa40d32306aa4aafe86666
- SSDEEP
  
  196608:ETXSBFCzbnyZnn5QiIfAnXYmgLyGR6FuvFaEWmys2LRVfrgt4fKIo4McwOJI/:ErSBwzbnyZTeAnIlLyZGP2TTgXIoHrx/
Score

1^/10
behavioral25

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Reads user/profile data of web browsers

Accesses cryptocurrency files/wallets, possible credential harvesting

Looks up external IP address via web service

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25