44caliber | 470914ddf3d824016ea5d00527b72f28e848ba4ef5cc48fc2d8ec65ca8d1f50d | Triage

Submit
Reports

Overview

overview

Static

static

SolaraBoot...er.exe

windows10-1703-x64

Sharing

General

Target

SolaraBootstrapper.exe
Size

304KB
Sample

240708-kcxtgashkd
MD5

57e127da218cf91a3bd38b177099edad
SHA1

40138b9611a8bc7dddc94bccd6d3847ca8ab881d
SHA256

470914ddf3d824016ea5d00527b72f28e848ba4ef5cc48fc2d8ec65ca8d1f50d
SHA512

55978686bdf56f7a9f1e9209d77494320390cb6ee5175de728028a7602e1e4c7624196eb5c6b8735f4b4b15dd132d1df8491d166f832580c6a2abeec460b4ef4
SSDEEP

6144:q/oT6MDdbICydeBrdEGHpcJWba23UVt3QA8e0F5B:q/WJEGHpQWeGUVtj8eUB

Score

10^/10

44caliber spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

SolaraBootstrapper.exe

Resource

win10-20240404-en

44caliber spyware stealer

windows10-1703-x64

17 signatures

150 seconds

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1259774804534497342/8EZmH3dK1jU0Q5PXQDVD0hawjscINRdEpoQ85BKJvoPo3stGWAfUJE7lZN4wJCUTHdnG

Targets

- Target
  
  SolaraBootstrapper.exe
- Size
  
  304KB
- MD5
  
  57e127da218cf91a3bd38b177099edad
- SHA1
  
  40138b9611a8bc7dddc94bccd6d3847ca8ab881d
- SHA256
  
  470914ddf3d824016ea5d00527b72f28e848ba4ef5cc48fc2d8ec65ca8d1f50d
- SHA512
  
  55978686bdf56f7a9f1e9209d77494320390cb6ee5175de728028a7602e1e4c7624196eb5c6b8735f4b4b15dd132d1df8491d166f832580c6a2abeec460b4ef4
- SSDEEP
  
  6144:q/oT6MDdbICydeBrdEGHpcJWba23UVt3QA8e0F5B:q/WJEGHpQWeGUVtj8eUB
Score

10^/10

44caliber spyware stealer
- 44Caliber
  An open source infostealer written in C#.
  stealer 44caliber
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

44caliberspywarestealer

© 2018-2024

Terms | Privacy