ed09314baeababb5543db0eb350cac49bc76d6942b255e1d36fe0b2dd25012fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed09314baeababb5543db0eb350cac49bc76d6942b255e1d36fe0b2dd25012fd
Size

753KB
MD5

6e886f8ad61811352061db66628a5550
SHA1

8801fdd526ce0e4c35182569537fe4fedc74a9a7
SHA256

ed09314baeababb5543db0eb350cac49bc76d6942b255e1d36fe0b2dd25012fd
SHA512

1ad4ecb7a8a88c883456871e3d289123dcaf6bdd5d30bb28415649e9a44c9ff95b462d8aed1d1372e2f58fbcdbcf5b1466f63fde90740ea0614bb58e08a9aa94
SSDEEP

12288:5pq2C/2OGAtkCP4cejGSOpRK3CnIiU3V6G:5pU/2+ttPJLfpRK3CnHsV6G

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Files

ed09314baeababb5543db0eb350cac49bc76d6942b255e1d36fe0b2dd25012fd
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 495KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.srdata
Size: 102KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE