Overview

overview

10

Static

static

10

Insidious.exe

windows7-x64

10

Insidious.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04/03/2025, 14:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Insidious.exe

  • Size

    303KB

  • MD5

    7c71b3abefc0cd9e6852c577e466d905

  • SHA1

    1e2777765eb8340b0f9eefaa36b213634806d20c

  • SHA256

    686ef70e6f83b17792aac10f5853cd728d1647be6c57cfae1331602df69b211f

  • SHA512

    8f3a8f7142a73aacca46b930cf11b21efa0f8433480cb3e95d560a1a96f958413f00a2e8b05d7749656e50c6aa31e6da815434b0f703541821f42529b9a41114

  • SSDEEP

    6144:0b4T6MDdbICydeBrdcQG3yf51+/wjmA1D0113:0bGhcQG3yB1aK1DY3

Score
10/10
44caliberspywarestealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1346493084548075560/YEckkrmFm7scerU_vEBzkRjSlTmaNinaKTCIOFAolLHyb8EgBC4MRQBOOkH10nX3NlHv

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\Insidious.exe
    "C:\Users\Admin\AppData\Local\Temp\Insidious.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 3068 -s 1196
      2⤵
        PID:2764

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3068-0-0x000007FEF5A83000-0x000007FEF5A84000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3068-1-0x0000000000AA0000-0x0000000000AF2000-memory.dmp

      Filesize

      328KB

      Download

    • memory/3068-18-0x000007FEF5A80000-0x000007FEF646C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/3068-21-0x000007FEF5A80000-0x000007FEF646C000-memory.dmp

      Filesize

      9.9MB

      Download