Extracted

• • Target

    e2780d5f4e1a30a57a4e47f893370e60N.exe

  • Size

    303KB

  • MD5

    e2780d5f4e1a30a57a4e47f893370e60

  • SHA1

    f5adbd631b5303cb832eb59085210176dfb0bdb6

  • SHA256

    8d14c3ddc1f328f6afa101354b3bd237ea5f6d5ede5526c301d647db5e7b2829

  • SHA512

    d9b68d4d01e6fc495afcbf2255f684a609fc96edfdb17cc34bd2b3c27d54374225424a7f16214f38ea44281f0f63c21e46edda89de71aacc72cfb0d8ab6198e1

  • SSDEEP

    6144:h/oT6MDdbICydeBrdEGHpcJWbg6vmA1D0q0G:h/WJEGHpQWEM1DWG

  Score

  10^/10

  44calibercredential_accessspywarestealer

  • 44Caliber

    An open source infostealer written in C#.

    stealer44caliber

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2