b2a8b7bb60b82e7d3c8067de39f5ece05b1c4b3f3d306d57f9425198360d132f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2a8b7bb60b82e7d3c8067de39f5ece05b1c4b3f3d306d57f9425198360d132f
Size

1.1MB
MD5

55b5034362afb36a54d4f1d7c757a7a0
SHA1

3d63f8505e8363860414cc5b1478e464e2e6b3ec
SHA256

b2a8b7bb60b82e7d3c8067de39f5ece05b1c4b3f3d306d57f9425198360d132f
SHA512

9fc5875f7cc680bafb8a801ff69ad5f59aca419f1a12020d6dd27b3900125ca8273807e65f59f9285dee4c6e4712faa9cbf01ae53626e1c0abfbf0af4da1e91a
SSDEEP

12288:fpqiC/2OGAtkCP4cejGSOpRKVCGYUb80ApqiC/2OGAtkCP4D:fpo/2+ttPJLfpRKVCGYUI0Apo/2+ttP8

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Files

b2a8b7bb60b82e7d3c8067de39f5ece05b1c4b3f3d306d57f9425198360d132f
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 495KB - Virtual size: 495KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nkh
Size: 188KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE