Overview

overview

10

Static

static

10

dll/BJJ.dll

windows7-x64

1

dll/BJJ.dll

windows10-2004-x64

1

dll/ICC.dll

windows7-x64

1

dll/ICC.dll

windows10-2004-x64

1

injector.exe

windows7-x64

10

injector.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    injector.rar

  • Size

    113KB

  • Sample

    241229-z4f3csxmb1

  • MD5

    f271ac19f19b39aeb19c9441356d3c99

  • SHA1

    2e96f759b2a27f6f277b400de31a75e79f13f05a

  • SHA256

    3f12fdb827c8ef287d48448f20385a9f940af02aa66dbc7bdc728778b361ef1b

  • SHA512

    edbe6553f8a00ad912f228753cbbb47111d642a9cd6d8738019f61258f7117fd2a61c2076287969992851fcfc47681b7905ce0a38cfbf53a691b48686cad0fa4

  • SSDEEP

    3072:RFmjaKKJ+7YFxg2mad+0988X2Z+2KdJpmQkxttNaA:2joJwGd+0mpk2WpmP

Score
10/10
44caliberspywarestealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1322256148446838815/YnQHY515s8K_YLOO2IuKm3JUDLvMN7kX8-PDF7seyznEtOJBkt61Btpjet07f3HMDgs6

Targets

    • Target

      dll/BJJ.dll

    • Size

      40KB

    • MD5

      b5bdc20676913da3ea1543cf35bd8caf

    • SHA1

      c03e37fa20ca9f7d40fdfef7706367869b55621c

    • SHA256

      13678c0f92b4faa6c12e670485d615cac817ef70e22e1dfada08f918269f3b50

    • SHA512

      84816ccf7deb6d1ba95a24d427011d358dc9995d3d503a8d2021135175deb3fdd63fa91a90b072d44d9b89dbcdbbc5bc88b55c8367c0df1bc13c22b2b9950f19

    • SSDEEP

      768:Y1O5WOC1O5WOC1O5WOC1O5WOC1O5WOC1O5WOC1O5WOC1O5WOC1O5WOC1O5WOC1Oq:YvOCvOCvOCvOCvOCvOCvOCvOCvOCvOCN

    Score
    1/10
    behavioral1behavioral2

    • Target

      dll/ICC.dll

    • Size

      2KB

    • MD5

      bc62792d246003a907ae0d810323c5ef

    • SHA1

      d40aa132e72cdf62f700deae646999ba8867cc48

    • SHA256

      7de7790a3f6369fd7e60377bae19e82f662324e5331adcab176d93c4770d63d7

    • SHA512

      9990f68ddb9ba15e6de02a80bb95a23886d493af87f790ef75a723d9645e46a565a0514509149ec9afa00ae6895e88014eb54b193607e16113759ded976a45b1

    Score
    1/10
    behavioral3behavioral4

    • Target

      injector.exe

    • Size

      303KB

    • MD5

      48c85ca1bc5b51b14633d0d01162cba7

    • SHA1

      c4c4a8b9df4cf1fd756317760b2ce5206e93fff8

    • SHA256

      56e046611b9472a1a69d20580d1e0749b5363c3b3757fe61ff71a94e50d2cd8b

    • SHA512

      ba5367c69ebe1732540e037974ef6c7834acc64bd5514d1fa630fce6a96fefd79d7014365bbefb5cc8ddf25891a71c9238c195e8dfc8ef6a81b98bad8a3a0506

    • SSDEEP

      6144:whDT6MDdbICydeBb4eKct+ldgk6WSmA1D0Ox6:whZMeKctWdDhk1D/6

    Score
    10/10
    44caliberspywarestealer

    • 44Caliber

      An open source infostealer written in C#.

      stealer44caliber

    • 44Caliber family

      44caliber

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks