C:\Users\isim\Desktop\44CALIBER-MODIFED-main\44CALIBER-MODIFED-main\44CALIBER\obj\Debug\Loader.pdb
Behavioral task
behavioral1
Sample
Loader.exe
Resource
win10v2004-20240611-en
General
-
Target
Loader.exe
-
Size
304KB
-
MD5
f896c2bfec649637e85c463e3a70b2a6
-
SHA1
04d65945a3b79ee5b48a7e7e22fd24c8198fe332
-
SHA256
d4917f32cf3755b07badf1179d6717d4f17618cb68184f0dda48f4a4bbb45376
-
SHA512
0fed9a755f93198e795aac73aff0e17478cd51ffb9c19f80fdfdaf53374b32e2016bf83f0415f253b6f76e736cb36fad5269021d73972749c3d3d84206c6ebe0
-
SSDEEP
6144:bFcT6MDdbICydeBvtCikGW9mhL8PzeVAOe044E:bFK1CikGemQHOeGE
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1255437795820966010/0VVoLF2QZxnBkoGw_P4ovEIbuHZLKgsoVU8zu2nEJgchI5ahmWwv98_frx1Jjvk7GNic
Signatures
-
44caliber family
-
Blackguard family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Loader.exe
Files
-
Loader.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 301KB - Virtual size: 301KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ