44caliber | 7FEGBYFBHFBJH32[.]exe | Triage

Sharing

General

Target

7FEGBYFBHFBJH32.exe
Size

303KB
MD5

5fd5700f4787f405bc2a0fc6e6233037
SHA1

ba4e438f6976803a6965fb5dd7187a9f0674e4c8
SHA256

a680029a0a1bd1aa336b5e4086104f21f2a97b054e6fb1b9fb122ed32786ce12
SHA512

f221ee33b25b57a3c39e5e0f872ecdf987dacfb6d134b93efa87b91868e685533e564f62975af5b5e36524f1d0dd505835f84bfe7385c98942feab254a4e9c23
SSDEEP

6144:yFcT6MDdbICydeBvtCikGW9KJj6TmA1D0efJ:yFK1CikGeK5o1D1J

Score

10^/10

44caliber

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1324061351169101927/Upg-sOh6FXJYwbAsqIx2PTZdfYr6z3JtFkd-CN6KxlCaM74dpejrx9TbGUYSk03-Cb92

Signatures

44caliber family
44caliber

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7FEGBYFBHFBJH32.exe

Files

7FEGBYFBHFBJH32.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ddtug\Downloads\44CALIBER-main\44CALIBER\obj\Debug\Insidious.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ