e1dc0f32fafc3af006069bf864e02fe08af1b17681281215e5ed8f074e6aaa1e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1dc0f32fafc3af006069bf864e02fe08af1b17681281215e5ed8f074e6aaa1e
Size

804KB
MD5

2e6076ab327a7c3e04a3564a04467c5d
SHA1

79ccbdbe476c022d39b3d3b2bd9a19c33d0d5ca7
SHA256

e1dc0f32fafc3af006069bf864e02fe08af1b17681281215e5ed8f074e6aaa1e
SHA512

a770bfb3d08f6d5cdf249fe4deeb054fdb8da1fdc9fa4bbec4e4db586da74b68125b7dce991b67ba9df84f42812a3caddd148dd43ac35b56b9eb5cf4bb5e825f
SSDEEP

12288:/pqiC/2OGAtkCP4cejGSOpRK3CyfPDZR:/po/2+ttPJLfpRK3CyftR

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Files

e1dc0f32fafc3af006069bf864e02fe08af1b17681281215e5ed8f074e6aaa1e
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 496KB - Virtual size: 495KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.3rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE