44caliber | Release[.]zip | Triage

Sharing

General

Target

Release.zip
Size

329KB
MD5

b4bc04a9de8511b1e580037b61f4bb8a
SHA1

4e38e8d2cd98a55fa96ff19ae7c71e255e54f28c
SHA256

235419025a4370a900cb615294e8c0328368159d94554da60bb63003606a1aed
SHA512

0d1a3a3a8e8d1d823700baa104b60d5d9ac1376806fd56c634107d27eee78b07e6400e572177adcbfecd664f2dd2354d1bcd1959cb298f2f7ba79512cec1a49e
SSDEEP

6144:pvlMkrmCOQBfUUK26TrFentFZPK+Mw1lqJlbYFc/ll0vbt2RfNz:5ZRSUAHFet4Hl4czebktt

Score

10^/10

44caliber

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/1352794031603712081/f-woauUxsO8FZ8GtPcSrZ_FxrccVOu_QXZdJAg8J3qgh9hizPxYvJ6Hq6QwtqH3P-wl6

Signatures

44caliber family
44caliber

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Release/Insidious.exe

Files

Release.zip
.zip
Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
Release/44CALIBER.csproj.AssemblyReference.cache
Release/44CALIBER.csproj.CoreCompileInputs.cache
Release/44CALIBER.csproj.FileListAbsolute.txt
Release/Insidious.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Цчяк\Desktop\44CALIBER-main\44CALIBER\obj\Release\Insidious.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Release/Insidious.pdb