44caliber | b7a1613a7a3d0cf7bb1930220a90c7b2bbb3362b315c6c8e33b1dec044b5cad9 | Triage

Sharing

General

Target

gamesense+vacbypass.zip
Size

147KB
Sample

240305-1wrpkabf87
MD5

ed63ac9e4700b85bf1fddb64abc9d198
SHA1

3c094d04b23718e4ca638ae7c93c0e2bf72ac3cc
SHA256

b7a1613a7a3d0cf7bb1930220a90c7b2bbb3362b315c6c8e33b1dec044b5cad9
SHA512

d9a37ec30434f9a50391167aa1739130380e42d46304cb2b0484dcc09c8cff7e4dc47086d2ca262b0bd92690e90f8f1f389575f4b075fbe05f33b4362bbedbdc
SSDEEP

3072:92A1kpHcpkFLwr72dLqCLyp2un3hUfJm/3lMTHCEiHApJdTerM4egGErifLkwxpF:92A1MewwHGLqHUcNaHCEioJIMsrifLl

Score

10^/10

44caliber spyware stealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1140809162201243699/btqO8cRb46bEQDfduagpAMVv7owTAQ07NMRmYHKOBoLrPmi8MTwUvTQMbnvuk2E4cchn

Targets

- Target
  
  gamesense.exe
- Size
  
  275KB
- MD5
  
  06d26e80e55344a8a483c357d2c93361
- SHA1
  
  791f3e4a55785b940dfd335b9bf408a276b95258
- SHA256
  
  0e9d0fb06c0f889d46fac8b5d9afeb4a503ac39a73742729ec38a83cf48c3623
- SHA512
  
  504bea28b846edb81050792dc309a79d17c312df58b3fb363ecd6b281703c575ac9e643c91749fe15c9bb344de0124fe160e0e1910583857919c8fdc3d5750fd
- SSDEEP
  
  6144:Bf+BLCABPCSyu0Y6/8eaxLaqJCVImMOAle0EO+J:8yvZaxLaDVvgle3J
Score

10^/10

44caliber spyware stealer
- 44Caliber
  An open source infostealer written in C#.
  stealer 44caliber
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  loader+vacbypass.exe
- Size
  
  80KB
- MD5
  
  fc7ba0d39de049bfbe8bbea22c662402
- SHA1
  
  4ed5a84cc422da30edfa6be6485143b5718fd259
- SHA256
  
  77f2c591f0fd07d923d9ed0c014a7c4cb524aa0d1a293f0de94641d06d7fefb7
- SHA512
  
  920712f43fd2f541f630e530a79580eee82ecc4c5983604dc8b8286d2baaed050737e8794e644944a752b04452817aeb963dd8263b2d8f99b0a468ab1a22e992
- SSDEEP
  
  1536:o2Y0VNblnigen1FQGpaika1PASjg/oyRp:o23rbZi/8GprF3jg/ocp
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

44caliberspywarestealer

behavioral2