unsafe_3db0e385eb53a32d61a5a35908a99317868b571e4cf7079db67fd68604da662c | Triage

Resubmissions

02-10-2022 08:33

221002-kf3h5affa2 5

Sharing

General

Target

unsafe_3db0e385eb53a32d61a5a35908a99317868b571e4cf7079db67fd68604da662c
Size

1.6MB
MD5

b63bc3a7354168a6eeb8763d99967f84
SHA1

8aa1dbe692f74a576375ecfade7288674e08a354
SHA256

287c957b5d5a3a6420eecc7b3c25481ccf442a04e8455a829f8baf0cb6ee89bc
SHA512

4f5a20b800282bcac46dc607fade2dec9318fd2a67b1b0bd94dfc6b47f527a5dcbeee69305db156e92e50933d5bd31a581e1d93719a26e0bc33092d2d76dd9b7
SSDEEP

24576:vtb20pkaCqT5TBWgNjVY/0Ve0MmV0VMXeyrtoT1GowHTQoCwsCTg:sVg5tjVY/UdRoB5oCwI

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Files

unsafe_3db0e385eb53a32d61a5a35908a99317868b571e4cf7079db67fd68604da662c
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 557KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 830KB - Virtual size: 829KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ