C:\Papki\Misheno\Rat\44CALIBER-main\44CALIBER\obj\Debug\Insidious.pdb
Behavioral task
behavioral1
Sample
Insidious.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Insidious.exe
Resource
win10v2004-20240802-en
General
-
Target
Insidious.exe
-
Size
303KB
-
MD5
73f91b648c6e449c678cc4bcaf217651
-
SHA1
8cb0cec0e31531b73bc04630c0ef86aec11894e6
-
SHA256
f2b5cbbdb4beb4ccfe4220af1bc7a1065524ee4dcad89fa180ccd3a4cac0d87a
-
SHA512
a2ad7c032bb93a9dc32a243cc0febb6fbe4272d44f381f6e9f2be7e94aca30a7b9871e9dd2a67f48b98202351605d81e5416e4c1d76275d590eba575bf8b006f
-
SSDEEP
6144:TRlT6MDdbICydeBV9suqPmlF62y6bmA1D0Gsp:TRT4uqPmH6Dg1Dmp
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1275043194824032316/eqfjpwfw-Aa32DfOOcp2pilYlVMwJCH973ItNa5eap8KHs1eapnkS0U23LDUza9Imjji
Signatures
-
44caliber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Insidious.exe
Files
-
Insidious.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 301KB - Virtual size: 300KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ