cb785dea77109bd20c54f22033651a3907e60fd5694fe5e3f4c839594915df83 | Triage

Sharing

General

Target

cb785dea77109bd20c54f22033651a3907e60fd5694fe5e3f4c839594915df83
Size

1.1MB
MD5

08020dbe30b4b060c06d6b0657cc8678
SHA1

292c200d592bc15c0644c1ab110347c1e023a585
SHA256

cb785dea77109bd20c54f22033651a3907e60fd5694fe5e3f4c839594915df83
SHA512

b94c518d3d84e0e42d00ac5b72011102e509df13621d95a938f837f52a24953f816467dc6b0668a3d405124a6f9cf4293bccf8f58c908ff42e7d85d457ef0aeb
SSDEEP

6144:O/8JeJfEuGs8k/bUlgqjpJDHCq17WSTLp980sbpy3KR/ie5bBb2Y+LHeBM7xXY:PJeJfEuGstgg/kjp98zHpie5tGHeBSX

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Files

cb785dea77109bd20c54f22033651a3907e60fd5694fe5e3f4c839594915df83
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 408KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.penask
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE