44caliber | 0x000a0000000122c9-5[.]dat | Triage

Sharing

General

Target

0x000a0000000122c9-5.dat
Size

534KB
MD5

0ce3051b867d50aa172d1b332f156e3e
SHA1

f87defe312cb3a5efea3f845d187762e153bddab
SHA256

5ac29f18472f943f2eb3c256fdbfe251b04ca66afc22fcba65183b0509feb529
SHA512

5169a3acd3c79cc4d22bf3a1f4d9770797d2c31503bab1022a153ad56c382e495de2ce06a8a04b3bb4b2fb2c666575dcdefa26533ff5affc4b6ce126e2166193
SSDEEP

6144:ef+BLtABPDLgj1xw1eO5rbMMzhgUsYqTXGG/5zJRb2IXe05f4VGWWxjdq:d161eO5rbHHsYqTXGOXXe+4k8

Score

10^/10

44caliber

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1199323175729758268/CBdP8e3cXbL0ED8xKBhMw0ikKHmITu-6CI4WjfttZm2aWGZGjp43Msrjwp8AVeEBf6T1

Signatures

44caliber family
44caliber

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0x000a0000000122c9-5.dat

Files

0x000a0000000122c9-5.dat
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\Downloads\44CALIBER-main\44CALIBER\obj\Release\Nursultan.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ