44caliber | YammyLoader[.]bin[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

YammyLoader.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

YammyLoader.exe

Resource

win10v2004-20220414-en

44caliber discovery persistence spyware stealer

windows10-2004_x64

0 signatures

0 seconds

General

Target

YammyLoader.bin.zip
Size

108KB
MD5

c4b640c44324ea5c377d5c24fd15086a
SHA1

a326be523846272fb4ea7bc98d4be85c359bea8b
SHA256

f6553af26bd26235d620d64515b1742f62728fb672a68eee43977452ee3da63c
SHA512

b275708f0d30ba6f547a2b78b82f74d3515797710ef4ff0cfbfe827795f90f0d09db1d3f5fb8b551294f22c57d4ed56eb95d545af0aed080450e45d8996bcf88
SSDEEP

3072:RnSELJVe7fy64QrsqCpoXq+U/+e3THkG6wr5O:ZVmprQmq+UWk4

Score

10^/10

44caliber

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/865278638920171560/PRv_h9uiyjk1_AT7W333rVQwQoum9eVlsbp96PiWNkYCzOjv6NlP7AX9lOzA3VhkP3qz

Signatures

44caliber family
44caliber

Files

YammyLoader.bin.zip
.zip

Password: infected
YammyLoader.bin
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy