44caliber | 79b3ca1b8819f91ab47df7421e1bff2b7cd53dfcb3bc6f9257eca9a651f8f6fb | Triage

Sharing

General

Target

79b3ca1b8819f91ab47df7421e1bff2b7cd53dfcb3bc6f9257eca9a651f8f6fbN.exe
Size

274KB
Sample

250217-bq9kravphr
MD5

4034bc9858eec0ab0f53013852e4a130
SHA1

95380a8ca4c372e06d017cabc9a7b7144c55347d
SHA256

79b3ca1b8819f91ab47df7421e1bff2b7cd53dfcb3bc6f9257eca9a651f8f6fb
SHA512

2a7ed7751bb2445bbbce94ddaaf55870977fee0495e3cbea8c71b619de4b1cc46558d3be539e123123a38b3bedb689d23cb2aadf6a43e58558b0e0ea5b409aa2
SSDEEP

6144:Wf+BLtABPDkkZ68Dm6pwyUruui8XafTyClI1D0vDx:xozqyUruuzf1DAx

Score

10^/10

44caliber discovery spyware stealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1338494455816130602/RfPMucy7qNgnF1KO1MI5iOATLOqPdaYE1pn3HhuPCtXjqRXs3t1NFhCJsYBUYOc2mSD5

Targets

- Target
  
  79b3ca1b8819f91ab47df7421e1bff2b7cd53dfcb3bc6f9257eca9a651f8f6fbN.exe
- Size
  
  274KB
- MD5
  
  4034bc9858eec0ab0f53013852e4a130
- SHA1
  
  95380a8ca4c372e06d017cabc9a7b7144c55347d
- SHA256
  
  79b3ca1b8819f91ab47df7421e1bff2b7cd53dfcb3bc6f9257eca9a651f8f6fb
- SHA512
  
  2a7ed7751bb2445bbbce94ddaaf55870977fee0495e3cbea8c71b619de4b1cc46558d3be539e123123a38b3bedb689d23cb2aadf6a43e58558b0e0ea5b409aa2
- SSDEEP
  
  6144:Wf+BLtABPDkkZ68Dm6pwyUruui8XafTyClI1D0vDx:xozqyUruuzf1DAx
Score

10^/10

44caliber spyware stealer discovery
- 44Caliber
  An open source infostealer written in C#.
  stealer 44caliber
- 44Caliber family
  44caliber
- Downloads MZ/PE file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

44caliberspywarestealer

behavioral2

44caliberdiscoveryspywarestealer