General

  • Target

    a6c2a90a390e77076ff0fca78301e2e8ac7adf38ec3b55442af5110424c573e9.exe

  • Size

    532KB

  • Sample

    241120-x98nfssenq

  • MD5

    5b326747c5de6d0b684c576cd7a9ebd2

  • SHA1

    b0e22988ec66ed6337e407d264ebf48264fa0a22

  • SHA256

    a6c2a90a390e77076ff0fca78301e2e8ac7adf38ec3b55442af5110424c573e9

  • SHA512

    67ee810ba34c860a7f68399b2c4ca1916004e983108e51ea43b8dc6272e0facf2b627a293493f57b489aecbaf8e253bc8824fc18d172275955feff2bc32d438f

  • SSDEEP

    12288:fCiN9vp/FpHRdjWouP02XXV8Q0x9NkGBjOftD0gQWGMtV:fC2/dBjWo8iQ0DzBKtD02D

Malware Config

Targets

    • Target

      a6c2a90a390e77076ff0fca78301e2e8ac7adf38ec3b55442af5110424c573e9.exe

    • Size

      532KB

    • MD5

      5b326747c5de6d0b684c576cd7a9ebd2

    • SHA1

      b0e22988ec66ed6337e407d264ebf48264fa0a22

    • SHA256

      a6c2a90a390e77076ff0fca78301e2e8ac7adf38ec3b55442af5110424c573e9

    • SHA512

      67ee810ba34c860a7f68399b2c4ca1916004e983108e51ea43b8dc6272e0facf2b627a293493f57b489aecbaf8e253bc8824fc18d172275955feff2bc32d438f

    • SSDEEP

      12288:fCiN9vp/FpHRdjWouP02XXV8Q0x9NkGBjOftD0gQWGMtV:fC2/dBjWo8iQ0DzBKtD02D

    • 44Caliber

      An open source infostealer written in C#.

    • 44Caliber family

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks