C:\Users\Batuhan\Desktop\44CALIBER-main\44CALIBER\obj\Debug\Insidious.pdb
Behavioral task
behavioral1
Sample
execute.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
execute.exe
Resource
win10v2004-20240802-en
General
-
Target
rowz.rar
-
Size
111KB
-
MD5
0e0d40f4942e7ad55b1a39eac692cb74
-
SHA1
0665a43ff98e9246c3379afa8efdd7002f222bda
-
SHA256
433862c5f17d81ca847c161e0ab28cb38dcea2523150fed0ac6ee60c47031325
-
SHA512
cea5b31624a28214df7431cb26033e47a2a06b706e5748bfaf70fc121c8eeb1e1f99feb75f14a2b37092dc604e3a8faf7b57dd1d89262e0e32a533ca18036613
-
SSDEEP
1536:X9Z7W6Z86mLNJIqyXuBpvy9QIjb6MWB2SsjNsovZcYkMzJb9T4y3MAjqDRNWXBfP:DW6y6m7IqgscQ54vcYkqpr81DnXg76a7
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1264290240290361368/HDo7Noqy1EZnwf2Slhpj8GKIwaCmP_A66Af1DGldm_aCLel95CQQWcTbmmU_vwpsIMZr
Signatures
-
44caliber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/execute.exe
Files
-
rowz.rar.rar
Password: rowz
-
execute.exe.exe windows:4 windows x86 arch:x86
Password: rowz
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 301KB - Virtual size: 300KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ