General
-
Target
123.scr
-
Size
282KB
-
Sample
241105-z11btsxrdv
-
MD5
9dc5e3d364fba20137971eb948ed5089
-
SHA1
5848daad55e30e542e17213ea83d4c4e8ad66641
-
SHA256
e009fee742f6dd1d2c9fc0e840dbeeca1a705a13c2667bf09daf216c60411e89
-
SHA512
a0eac98d1b820b59fa2ed0ab98bd70b3fa96af2d0d1498f6ad2e23829f6d1852bbc7512d9683ed1985c4d221bada57461a65ea18556d48235d7a8f6a127eefa9
-
SSDEEP
6144:if+BLtABPDMtBBfn1Y0gIoHOQpafTyUlI1D0fVg9MtW:JtVvgIoHOOZ1DKg96
Behavioral task
behavioral1
Sample
123.scr
Resource
win7-20240903-en
Malware Config
Extracted
44caliber
https://discordapp.com/api/webhooks/1184504729359896607/fPAMX9PDaXX6cd_-7EdUwUPRgvGLKrETMXz361gwk0y19F6LqJJCESeLcwPQReg9mLu9
Targets
-
-
Target
123.scr
-
Size
282KB
-
MD5
9dc5e3d364fba20137971eb948ed5089
-
SHA1
5848daad55e30e542e17213ea83d4c4e8ad66641
-
SHA256
e009fee742f6dd1d2c9fc0e840dbeeca1a705a13c2667bf09daf216c60411e89
-
SHA512
a0eac98d1b820b59fa2ed0ab98bd70b3fa96af2d0d1498f6ad2e23829f6d1852bbc7512d9683ed1985c4d221bada57461a65ea18556d48235d7a8f6a127eefa9
-
SSDEEP
6144:if+BLtABPDMtBBfn1Y0gIoHOQpafTyUlI1D0fVg9MtW:JtVvgIoHOOZ1DKg96
-
44Caliber family
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-