52d00acb16cd0ace3299cf0316737c7984e235957e83a6369d0f4d16f70598a9 | Triage

Sharing

General

Target

52d00acb16cd0ace3299cf0316737c7984e235957e83a6369d0f4d16f70598a9
Size

806KB
MD5

3a16a6be9ce2c8c3a36e6a5046defe20
SHA1

eaeb585bd7cb1366f830b09624c130196df7b0f3
SHA256

52d00acb16cd0ace3299cf0316737c7984e235957e83a6369d0f4d16f70598a9
SHA512

0ad9fdc87a07079d028e96eea2300305df75e048d344b3691bcf02a7efa06c406a574e058f10470993a5169508f9cf7c4841b931df234faef12513426dc54b73
SSDEEP

12288:8gDhdkq5BCoC5LfWSLTUQpr2Zu19QmrM9Q:8gDhdkMRWfLTUO2Zu1umrMS

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Files

52d00acb16cd0ace3299cf0316737c7984e235957e83a6369d0f4d16f70598a9
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE