C:\Users\kiril\Desktop\44CALIBER-main\44CALIBER\obj\Debug\Insidious.pdb
Behavioral task
behavioral1
Sample
bc3a66a87018863d22a6a7a9afd15f0af5499d021f0ede01466011e0a64a0ce1.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
bc3a66a87018863d22a6a7a9afd15f0af5499d021f0ede01466011e0a64a0ce1.exe
Resource
win10v2004-20240802-en
General
-
Target
e6b70143aaec2a59768be690eb1d83c635e373e9220e93127a5535cf2fb11d3f
-
Size
122KB
-
MD5
bc5743fe2018d700b70d4fd110818f63
-
SHA1
514314703c56998beb46c1ad96cce0610b78b7dc
-
SHA256
e6b70143aaec2a59768be690eb1d83c635e373e9220e93127a5535cf2fb11d3f
-
SHA512
9cf7fb662ba98cd3ff19773adc9d87e3d0fe0e60d348ba08dfde2a1a9b1bff4ab2447ab26475d9e6213e2619920414e1c1e5c74994dfa8040f8123c838c02e8a
-
SSDEEP
3072:BgfZUN2MFqFCmgPo8Mepw+lFinQP29MtCY:qKsMFqFCmgXpw+lgQeytr
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1254423260591030333/Im8Y-IPgPJTWTloM0jy_llzrxAFZLtGLTGrSJEpTfiSbOm4QV3WSBgCXN7xBYLC5ajH9
Signatures
-
44caliber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/bc3a66a87018863d22a6a7a9afd15f0af5499d021f0ede01466011e0a64a0ce1.exe
Files
-
e6b70143aaec2a59768be690eb1d83c635e373e9220e93127a5535cf2fb11d3f.zip
Password: infected
-
bc3a66a87018863d22a6a7a9afd15f0af5499d021f0ede01466011e0a64a0ce1.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 301KB - Virtual size: 300KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ