44caliber | hxxps://disk[.]yandex[.]ru/d/JN-LxzQEH_gfVg | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://disk.yandex....

windows10-2004-x64

Resubmissions

02-03-2024 14:48

240302-r6p42sec9w 10

02-03-2024 14:48

240302-r6mc6aef56 1

02-03-2024 14:39

240302-r1bpgaec5s 10

02-03-2024 14:30

240302-rt7tbseb9x 10

02-03-2024 14:29

240302-rt11saee56 1

02-03-2024 14:13

240302-rjrz5aeb5t 10

Sharing

General

Target

https://disk.yandex.ru/d/JN-LxzQEH_gfVg
Sample

240302-rt7tbseb9x

Score

10^/10

44caliber spyware stealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://disk.yandex.ru/d/JN-LxzQEH_gfVg

Resource

win10v2004-20240226-en

44caliber spyware stealer

windows10-2004-x64

16 signatures

1800 seconds

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1213470089370800169/n0cIp20zmoXW96bm3kmEEDF8S6ayukwO6fCeFq-6ll6NW6LsRhdA972MVTaBHlihjCVc

Targets

- Target
  
  https://disk.yandex.ru/d/JN-LxzQEH_gfVg
Score

10^/10

44caliber spyware stealer
- 44Caliber
  An open source infostealer written in C#.
  stealer 44caliber
- Downloads MZ/PE file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

urlscan1

behavioral1

44caliberspywarestealer

© 2018-2024

Terms | Privacy