F:\44caliber\44CALIBER\obj\Debug\Insidious.pdb
Behavioral task
behavioral1
Sample
ad8bad1ca3c888140a267dab3ca32f40N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
ad8bad1ca3c888140a267dab3ca32f40N.exe
Resource
win10v2004-20240802-en
General
-
Target
ad8bad1ca3c888140a267dab3ca32f40N.exe
-
Size
303KB
-
MD5
ad8bad1ca3c888140a267dab3ca32f40
-
SHA1
a8455a1023ca8b83b145669036eaf7e47fd23a4b
-
SHA256
a8234940d8bae72c337c38780bbe79af9ff944282113daa64d7c18addbe019f3
-
SHA512
d9522ee93908fb8b04d00a2ae0f79776f6570387ef625e0e46ffb34d185e2e25e753438ec92ed1d39ca6bd3c9ab777397e541facb087fe84852df064dabdc0f0
-
SSDEEP
6144:15hxT6MDdbICydeBvQ26i2dVTZ867mA1D0FI6:15dY26i2vTGA1DR6
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1267879755852677195/gVzfD2x4tcYypDXASFDiRFPDc3XXIcfmVrwOtmb4OxjlfTTOMCCPvDvp3O4Y4cLpKKeR
Signatures
-
44caliber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ad8bad1ca3c888140a267dab3ca32f40N.exe
Files
-
ad8bad1ca3c888140a267dab3ca32f40N.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 301KB - Virtual size: 300KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ