General
-
Target
a6baa421094ae5561400c553c662bd17
-
Size
253KB
-
Sample
240226-s8j69aac3s
-
MD5
a6baa421094ae5561400c553c662bd17
-
SHA1
7b049e54295e2816f33c53304d4b53b8b1a31a27
-
SHA256
f65ead2486253fc8f1ffb85322d3af078c3f0b59569e3ded89de0f510226015d
-
SHA512
fbbf4f3f9d3f5ef7e802601b9b125b46e54df1fc6c56ac6a08e98adef0518b2be845655b27d123a68f3647cfb4ce2014f005feeb618facf5bd440d21d1d03b83
-
SSDEEP
3072:XA7eUAkUo7+CJ+qppsXMpwJBzh3DGcZGGl6tj5rVgLZfzUGWg7w2zp1bCaKdOJ3K:weUAo5TxGJBzlGSGGEZgLxxEuCD
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/875024811489906738/CpyWbrHIQGqh718u5276J6WiFHZNZUgiY72o4Syy8xUjuJKn8uAQ0JGDBq6sXWEbGAnY
Targets
-
-
Target
a6baa421094ae5561400c553c662bd17
-
Size
253KB
-
MD5
a6baa421094ae5561400c553c662bd17
-
SHA1
7b049e54295e2816f33c53304d4b53b8b1a31a27
-
SHA256
f65ead2486253fc8f1ffb85322d3af078c3f0b59569e3ded89de0f510226015d
-
SHA512
fbbf4f3f9d3f5ef7e802601b9b125b46e54df1fc6c56ac6a08e98adef0518b2be845655b27d123a68f3647cfb4ce2014f005feeb618facf5bd440d21d1d03b83
-
SSDEEP
3072:XA7eUAkUo7+CJ+qppsXMpwJBzh3DGcZGGl6tj5rVgLZfzUGWg7w2zp1bCaKdOJ3K:weUAo5TxGJBzlGSGGEZgLxxEuCD
Score10/10-
44Caliber
An open source infostealer written in C#.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-