Extracted

• • Target

    Loader.exe

  • Size

    274KB

  • MD5

    aa53f781ad5a200f415893c0da7396aa

  • SHA1

    bba01d4263629a7830081ea7f2b5fd1bf7e324e5

  • SHA256

    55b6defb5567076e025333cf20026653b1aaec699a5403b0f8f8cd167df3d5f9

  • SHA512

    935a56faf5549d9467caba32ba797d3000f4edb5eade40f298de61a223dd2b542e7f3cad5c9916223c90632ac8628f9cc3046b02b3b9944b703067b7e05cee56

  • SSDEEP

    6144:cf+BLtABPDMZZzIlzcwKUfmuO/9iXrEtdyIOe0dfx:7ZOnKUfmuO2oOeox

  Score

  10^/10

  44caliberblackguardpersistencespywarestealer

  • 44Caliber

    An open source infostealer written in C#.

    stealer44caliber

  • BlackGuard

    Infostealer first seen in Late 2021.

    stealerblackguard

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Adds Run key to start application

    persistence

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1