Extracted

• • Target

    wallpaperflare.com_wallpaper.jpg

  • Size

    254KB

  • MD5

    c0d009af6e1dbde741fd22cf71d8640e

  • SHA1

    cafbea83392a64f6aab58df2378060a445f45276

  • SHA256

    afacbf0fb67a3d232fe8b5dca2ccb8e514537a5442a8e55750c6fad216d7128f

  • SHA512

    ccffcfdb3cafc7c7a1891535ba2afc8a4ad3fcbd14813d5f23862e7c2fd700c93228867fafacba579d956d04391daa51050439881014c9cfd5e310d3d023c429

  • SSDEEP

    6144:BQ8uV4plxT9LeqJzu4SF45iYVOZUpqC7/mIVG8apw8N:BQT4pX9CAzj0YVOapqfuxg

  Score

  10^/10

  44caliberspywarestealer

  • 44Caliber

    An open source infostealer written in C#.

    stealer44caliber

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2