045c41ac66a353966a50dbbcc769f3465e15bd961030db1f35c6dab921baf0fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

045c41ac66a353966a50dbbcc769f3465e15bd961030db1f35c6dab921baf0fb
Size

653KB
MD5

a26d3b0fecf6791bd6ba671f30754fda
SHA1

3f694a15fc90929d0a220ffebdab5dd0725389bf
SHA256

045c41ac66a353966a50dbbcc769f3465e15bd961030db1f35c6dab921baf0fb
SHA512

e4935fc0b2557019ac6e6936bd30e17ee3b0672a30bbb57545907f6ce452a549949264e1ac2e346d92f886be49f687feb20d7da34edb0e95495b67e30029b9fd
SSDEEP

12288:uZjMLf11MmPQeRXEHYYS3gA0FJO1t37nMtlU8I:uafIiy4NwdLTtlU8I

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Files

045c41ac66a353966a50dbbcc769f3465e15bd961030db1f35c6dab921baf0fb
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 518KB - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE