Overview

overview

10

Static

static

10

Dupe V4.42.exe

windows7-x64

10

Dupe V4.42.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Dupe V4.42.exe

  • Size

    274KB

  • Sample

    240224-14wngsgd9t

  • MD5

    e69695656727b24faa0cce67b8a5a1fe

  • SHA1

    b71ca6b4f9f35bfd551ebf8d09255e4c8b13cc13

  • SHA256

    bce20f47da6456aa5e8ad6a47bef1e56b06efdac90e206d72edf3818e7c28bc9

  • SHA512

    7ddd3bc8229ffa318b1e6a1a8b19e11d8c1088dfd4c07fccf84d1e39501c562e2adb28fd02fac257f2c5f5b25412c151c4c168dac038f55f7e1a693fd2977c66

  • SSDEEP

    6144:wf+BLtABPDsth6Ej/UZkI4TjkRy5xafTyUlI1D0bft:DtK+I4TjkRyZZ1DQt

Score
10/10
44caliberspywarestealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1206974551552958464/exNVrcQItQDQp5Vif4AyKwrQX7lXQIl06vDpIAqDtX0OwImj8IH-5I460UrzegqRF6l4

Targets

    • Target

      Dupe V4.42.exe

    • Size

      274KB

    • MD5

      e69695656727b24faa0cce67b8a5a1fe

    • SHA1

      b71ca6b4f9f35bfd551ebf8d09255e4c8b13cc13

    • SHA256

      bce20f47da6456aa5e8ad6a47bef1e56b06efdac90e206d72edf3818e7c28bc9

    • SHA512

      7ddd3bc8229ffa318b1e6a1a8b19e11d8c1088dfd4c07fccf84d1e39501c562e2adb28fd02fac257f2c5f5b25412c151c4c168dac038f55f7e1a693fd2977c66

    • SSDEEP

      6144:wf+BLtABPDsth6Ej/UZkI4TjkRy5xafTyUlI1D0bft:DtK+I4TjkRyZZ1DQt

    Score
    10/10
    44caliberspywarestealer

    • 44Caliber

      An open source infostealer written in C#.

      stealer44caliber

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks