44caliber | 6bd2d0c64ce33ca5522c34a8927db8dd | Triage

Sharing

General

Target

6bd2d0c64ce33ca5522c34a8927db8dd
Size

274KB
MD5

6bd2d0c64ce33ca5522c34a8927db8dd
SHA1

370a93b652c6d566c5921d727e298adf9640aa87
SHA256

d17470457a84cb120cf0fde0c405ae82a954c39534368e2cb9c6798823c69fe3
SHA512

3275e4de111ff3da91b5c53c1d4124bf536f436c763b072f574d19f8f43c88e95d614915ebb73876d68086b3bc4eddc60fabd1e5ca428f56e3e37d922b3ff3f4
SSDEEP

6144:Mf+BLtABPD9NF/DVGK7zeNL+wN41V6GIeyXGRA1D0nmG:KNKK7zeNLXY69eyXL1DdG

Score

10^/10

44caliber

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/882980614087794780/2EXTWMBoMH9DQog67zK2ten38diDtxtqRM8VZIXtVQBTQ1ytliHQMSQQ6ozPiihxhSIW

Signatures

44caliber family
44caliber
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

6bd2d0c64ce33ca5522c34a8927db8dd

Files

6bd2d0c64ce33ca5522c34a8927db8dd
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ