44caliber | e6b70143aaec2a59768be690eb1d83c635e373e9220e93127a5535cf2fb11d3f

General

Target

e6b70143aaec2a59768be690eb1d83c635e373e9220e93127a5535cf2fb11d3f
Size

122KB
MD5

bc5743fe2018d700b70d4fd110818f63
SHA1

514314703c56998beb46c1ad96cce0610b78b7dc
SHA256

e6b70143aaec2a59768be690eb1d83c635e373e9220e93127a5535cf2fb11d3f
SHA512

9cf7fb662ba98cd3ff19773adc9d87e3d0fe0e60d348ba08dfde2a1a9b1bff4ab2447ab26475d9e6213e2619920414e1c1e5c74994dfa8040f8123c838c02e8a
SSDEEP

3072:BgfZUN2MFqFCmgPo8Mepw+lFinQP29MtCY:qKsMFqFCmgXpw+lgQeytr

Score

10^/10

44caliber

Family

44caliber

C2

https://discord.com/api/webhooks/1254423260591030333/Im8Y-IPgPJTWTloM0jy_llzrxAFZLtGLTGrSJEpTfiSbOm4QV3WSBgCXN7xBYLC5ajH9

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/bc3a66a87018863d22a6a7a9afd15f0af5499d021f0ede01466011e0a64a0ce1.exe

e6b70143aaec2a59768be690eb1d83c635e373e9220e93127a5535cf2fb11d3f
.zip

Password: infected
bc3a66a87018863d22a6a7a9afd15f0af5499d021f0ede01466011e0a64a0ce1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\kiril\Desktop\44CALIBER-main\44CALIBER\obj\Debug\Insidious.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ