Extracted

• • Target

    Loader.exe

  • Size

    304KB

  • MD5

    f896c2bfec649637e85c463e3a70b2a6

  • SHA1

    04d65945a3b79ee5b48a7e7e22fd24c8198fe332

  • SHA256

    d4917f32cf3755b07badf1179d6717d4f17618cb68184f0dda48f4a4bbb45376

  • SHA512

    0fed9a755f93198e795aac73aff0e17478cd51ffb9c19f80fdfdaf53374b32e2016bf83f0415f253b6f76e736cb36fad5269021d73972749c3d3d84206c6ebe0

  • SSDEEP

    6144:bFcT6MDdbICydeBvtCikGW9mhL8PzeVAOe044E:bFK1CikGemQHOeGE

  Score

  10^/10

  44caliberblackguardpersistencespywarestealer

  • 44Caliber

    An open source infostealer written in C#.

    stealer44caliber

  • BlackGuard

    Infostealer first seen in Late 2021.

    stealerblackguard

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Adds Run key to start application

    persistence

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1