dc9cb4639e61dd96c8c99f010357648aa437d895b22c09f94025e1722e32d597 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc9cb4639e61dd96c8c99f010357648aa437d895b22c09f94025e1722e32d597
Size

2.7MB
MD5

73eb6cf78edac06fda3fc630dc35cb34
SHA1

46573062ff251b27c14d340ab75a195dd2ece0e3
SHA256

dc9cb4639e61dd96c8c99f010357648aa437d895b22c09f94025e1722e32d597
SHA512

2edff6bf251d5400eb4b1b459603a3d786c460c7819453022a112c0d8b1aefa6e8664326a0fdd271458e3d7d1db8e16c40e0bbbe38336044c85177f8c78e744a
SSDEEP

49152:bVg5tQ7a0FVx6U4bDtoJQykVx6U4bDtoJQyg5:xg5696UgDtoJQyc6UgDtoJQy

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Files

dc9cb4639e61dd96c8c99f010357648aa437d895b22c09f94025e1722e32d597
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ