Overview

overview

10

Static

static

10

PWN.AC.rar

windows10-2004-x64

3

PWN.AC/PWN.exe

windows10-2004-x64

10

PWN.AC/П�...й.txt

windows10-2004-x64

1

Resubmissions

23-06-2024 23:27

240623-3fk8ysxgjb 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PWN.AC.rar

  • Size

    152KB

  • Sample

    240623-3fk8ysxgjb

  • MD5

    dab29b7a3fcb3807ee1632b9ad8263d4

  • SHA1

    6ed3b85e8c5d6967b8170ed58c47accf2cc4ab8f

  • SHA256

    8286320ef9512e12cd838e2e3e051704d62d522742659afbb3ca19f8c444a04d

  • SHA512

    859173841b0f38939cbeb65dbcb77363cea9136211b9223e9138564b0aa84e98288f8fa6015420c3abb0be4a0f5e0d6a0313d428c47334bcff3044276df6e16e

  • SSDEEP

    3072:wfKQHq9E5zXl5RZ7DeJlI5zKl1fk3Aw91OGjkAOHbB73gF:5QHYSR7Z7DAlINKl1fkww9lFyN3w

Score
10/10
44caliberspywarestealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1215310807202799627/6HZ5IcWVou3y3RCr0gjeX5IP6YAHlSQA7mqRUnFxpGoxTLuwlGoDnHwKUfc_nm07jkPK

Targets

    • Target

      PWN.AC.rar

    • Size

      152KB

    • MD5

      dab29b7a3fcb3807ee1632b9ad8263d4

    • SHA1

      6ed3b85e8c5d6967b8170ed58c47accf2cc4ab8f

    • SHA256

      8286320ef9512e12cd838e2e3e051704d62d522742659afbb3ca19f8c444a04d

    • SHA512

      859173841b0f38939cbeb65dbcb77363cea9136211b9223e9138564b0aa84e98288f8fa6015420c3abb0be4a0f5e0d6a0313d428c47334bcff3044276df6e16e

    • SSDEEP

      3072:wfKQHq9E5zXl5RZ7DeJlI5zKl1fk3Aw91OGjkAOHbB73gF:5QHYSR7Z7DAlINKl1fkww9lFyN3w

    Score
    3/10
    behavioral1

    • Target

      PWN.AC/PWN.exe

    • Size

      407KB

    • MD5

      8a6e04cab1aea1c66325afbc422cd361

    • SHA1

      3ad3b8d7a22767bdeb042c8668b563f9090ed1ab

    • SHA256

      aa6c9986b5a8e300b60ef090c5f5506760c5d013721b4670376f09e6005a1479

    • SHA512

      cd00a32c9946b8fe57ddd4800df185648fde6bb0eb042696c7f2af97a4092ef5ba6aa54469bf71f789ffb90e281746590ed3b58fed1c1eb3c2933f72e1660949

    • SSDEEP

      6144:jXt3T6MDdbICydeBimcmXKhJUP+6rmA1D0fhRc:jXttpcmXKnUWQ1DqRc

    Score
    10/10
    44caliberspywarestealer

    • 44Caliber

      An open source infostealer written in C#.

      stealer44caliber

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral2

    • Target

      PWN.AC/Прочитай.txt

    • Size

      300B

    • MD5

      613fce84c385d0a1c02de4ed2d19a05a

    • SHA1

      9cc9e7d7122bcd4079d2f0a959c95f4c1439ecbc

    • SHA256

      b0166ba1c9121f7b1aa915909c8212e026883b719f84e30ea0353c454542c4c4

    • SHA512

      2a13d2a083f71faa08d9bc7322cdad334767e7ad1074538c546b72f59c037ec1340adab9e91331c5fa867f2ffafd66fa8b16f84e4f9edcbe9f11bff58ef7e8bd

    Score
    1/10
    behavioral3

MITRE ATT&CK Enterprise v15

Tasks