D:\Для вас дорогие\44CALIBER\obj\Release\Insidious.pdb
Behavioral task
behavioral1
Sample
38957fb3708884f1a8befb0c17b0fa81f57005a5de058772cc12bf357c548eab.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
38957fb3708884f1a8befb0c17b0fa81f57005a5de058772cc12bf357c548eab.exe
Resource
win10v2004-20240802-en
General
-
Target
38957fb3708884f1a8befb0c17b0fa81f57005a5de058772cc12bf357c548eab.exe
-
Size
274KB
-
MD5
c0feb087f1cfa85fdb001e059f4c95c7
-
SHA1
1d9ab2eb37f85bea36f3e6ded442154181c96964
-
SHA256
38957fb3708884f1a8befb0c17b0fa81f57005a5de058772cc12bf357c548eab
-
SHA512
99d641dcebec431d905b83ea89b5b5fadd5c029215345834b604aeca23d25d236bbbe65c2d3179ad9d7597764d1791d9cfd18b3dc2d463acda6e1e72b6159a50
-
SSDEEP
6144:cf+BLtABPDsth6Ej/UZkI4TjkRy5fafTy4lI1D080T:vtK+I4TjkRyTF1DcT
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1280107935317495880/Q8mmvXU6Bc1Q-R-2e0aAMsbedaMqyt0txCOBc8XSsTRNeUIepUtoX2DE4a6MxP9SzEFB
Signatures
-
44caliber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 38957fb3708884f1a8befb0c17b0fa81f57005a5de058772cc12bf357c548eab.exe
Files
-
38957fb3708884f1a8befb0c17b0fa81f57005a5de058772cc12bf357c548eab.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 271KB - Virtual size: 271KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ