44caliber | Insidious[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Insidious.exe
Size

274KB
MD5

ef6bc453723d1b20c44a56d0dcd00817
SHA1

47c4e7dc57ad984a5f554119ef246bc6fe48cd72
SHA256

5f3be848217e45d69ad77faa56727d62dfc5612b16c4e89d4b64f302c2db6648
SHA512

0985df381786a2c68b7c7610135a4fba298822333ad48a24d460fdddc8c5a4808276b4eaf4f31831c03270400c8ec5561b2ed3679a1e412605940277fcb6b0bf
SSDEEP

6144:Bf+BLtABPDo/dQYfW5SgA9qI0DAafTyHlI1D0Fb7:K/C4gA9qI0Cy1Da7

Score

10^/10

44caliber

Malware Config

Signatures

44caliber family
44caliber

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Insidious.exe

Files

Insidious.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Desktop\44CALIBER-main\44CALIBER\obj\Release\Insidious.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ