Static task
static1
Behavioral task
behavioral1
Sample
CaliWare Disk Changer.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
CaliWare Disk Changer.exe
Resource
win10v2004-20240802-en
General
-
Target
CaliWare Disk Changer.exe
-
Size
1.1MB
-
MD5
0c3ff29ded2ec1ccb0355231841561fa
-
SHA1
80c661f6726700bf228152632c51df3a9a67558f
-
SHA256
bdf24444e3daa8d056963d6e7e41d38119e981ec6a924559e86bbe94d20faf4f
-
SHA512
7a416c4dc79c19a977750adeafce2969c6c6c94a1925c1adc6365765763324a863d105191b0046ba0a04060325b1716e9502304770d3ed7c23d030c6a4a2a272
-
SSDEEP
12288:t/SwMrSkgAJQysRG+Fh1pU3lwPwbOWBXLGKsRG+Fh1pU3lwPwbOWBGLG2sRG+Fh+:Lh1pmlHypvh1pmlHysTh1pmlHyqF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource CaliWare Disk Changer.exe
Files
-
CaliWare Disk Changer.exe.exe windows:4 windows x86 arch:x86
Password: AQ1SW2de3fr4
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ