44caliber | 0259fcb47c0f4720fd1189cce27496d109e518fd29a86c14877a178be98ac39f | Triage

Sharing

General

Target

0259fcb47c0f4720fd1189cce27496d109e518fd29a86c14877a178be98ac39f
Size

303KB
MD5

3ee5f6209cd61e76a5094cd557f19397
SHA1

e6c6024eef30b70118bd2a46caa18094329236cd
SHA256

0259fcb47c0f4720fd1189cce27496d109e518fd29a86c14877a178be98ac39f
SHA512

ed39dfa6841eb2d0b9555bd097ab5b5df1d2210c09af069433522f096a8e50043f05bc990d341417b3e3e6fa48e45f5a678b75e1fd5ef4aa9d684a2bd9b52322
SSDEEP

6144:S5hxT6MDdbICydeBvQ26i2dVTZ86rmA1D0oVr6:S5dY26i2vTGQ1DVr6

Score

10^/10

44caliber

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1275107356367388704/roqjMlMySpW-zLEdW4HEDDUN7HAzi90wBYpi5xr98pNekoem7ifN6jBJOTc9aGHL1SDD

Signatures

44caliber family
44caliber

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Cheat 0x кряк/0x launcher.exe

Files

0259fcb47c0f4720fd1189cce27496d109e518fd29a86c14877a178be98ac39f
.zip
Cheat 0x кряк/0x launcher.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\hrulk\Downloads\44CALIBER-main\44CALIBER-main\44CALIBER\obj\Debug\Insidious.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ