44caliber | 5ac29f18472f943f2eb3c256fdbfe251b04ca66afc22fcba65183b0509feb529 | Triage

Sharing

General

Target

0x000a0000000122c9-5.dat
Size

534KB
Sample

240217-ymr8maad71
MD5

0ce3051b867d50aa172d1b332f156e3e
SHA1

f87defe312cb3a5efea3f845d187762e153bddab
SHA256

5ac29f18472f943f2eb3c256fdbfe251b04ca66afc22fcba65183b0509feb529
SHA512

5169a3acd3c79cc4d22bf3a1f4d9770797d2c31503bab1022a153ad56c382e495de2ce06a8a04b3bb4b2fb2c666575dcdefa26533ff5affc4b6ce126e2166193
SSDEEP

6144:ef+BLtABPDLgj1xw1eO5rbMMzhgUsYqTXGG/5zJRb2IXe05f4VGWWxjdq:d161eO5rbHHsYqTXGOXXe+4k8

Score

10^/10

44caliber spyware stealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1199323175729758268/CBdP8e3cXbL0ED8xKBhMw0ikKHmITu-6CI4WjfttZm2aWGZGjp43Msrjwp8AVeEBf6T1

Targets

- Target
  
  0x000a0000000122c9-5.dat
- Size
  
  534KB
- MD5
  
  0ce3051b867d50aa172d1b332f156e3e
- SHA1
  
  f87defe312cb3a5efea3f845d187762e153bddab
- SHA256
  
  5ac29f18472f943f2eb3c256fdbfe251b04ca66afc22fcba65183b0509feb529
- SHA512
  
  5169a3acd3c79cc4d22bf3a1f4d9770797d2c31503bab1022a153ad56c382e495de2ce06a8a04b3bb4b2fb2c666575dcdefa26533ff5affc4b6ce126e2166193
- SSDEEP
  
  6144:ef+BLtABPDLgj1xw1eO5rbMMzhgUsYqTXGG/5zJRb2IXe05f4VGWWxjdq:d161eO5rbHHsYqTXGOXXe+4k8
Score

10^/10

44caliber spyware stealer
- 44Caliber
  An open source infostealer written in C#.
  stealer 44caliber
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

44caliberspywarestealer

behavioral2

44caliberspywarestealer