C:\Users\Chezee\Desktop\44CALIBER-main\44CALIBER\obj\Debug\Insidious.pdb
Resubmissions
23-06-2024 23:27
240623-3fk8ysxgjb 10Behavioral task
behavioral1
Sample
PWN.AC.rar
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
PWN.AC/PWN.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
PWN.AC/Прочитай.txt
Resource
win10v2004-20240611-en
General
-
Target
PWN.AC.rar
-
Size
152KB
-
MD5
dab29b7a3fcb3807ee1632b9ad8263d4
-
SHA1
6ed3b85e8c5d6967b8170ed58c47accf2cc4ab8f
-
SHA256
8286320ef9512e12cd838e2e3e051704d62d522742659afbb3ca19f8c444a04d
-
SHA512
859173841b0f38939cbeb65dbcb77363cea9136211b9223e9138564b0aa84e98288f8fa6015420c3abb0be4a0f5e0d6a0313d428c47334bcff3044276df6e16e
-
SSDEEP
3072:wfKQHq9E5zXl5RZ7DeJlI5zKl1fk3Aw91OGjkAOHbB73gF:5QHYSR7Z7DAlINKl1fkww9lFyN3w
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1215310807202799627/6HZ5IcWVou3y3RCr0gjeX5IP6YAHlSQA7mqRUnFxpGoxTLuwlGoDnHwKUfc_nm07jkPK
Signatures
-
44caliber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/PWN.AC/PWN.exe
Files
-
PWN.AC.rar.rar
-
PWN.AC/PWN.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 301KB - Virtual size: 300KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 105KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
PWN.AC/Прочитай.txt