b337aef2e21d2113969f421d307a0bfc[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b337aef2e21d2113969f421d307a0bfc.bin
Size

607KB
MD5

428c9f24055efbf4cbb5b9b5b5351902
SHA1

be9874886e666e67279b76268239941454de24f0
SHA256

35ee5e13d6d4a24af4cd9b830ecf1efafd55cdc3e5701f416ea31115ec26860b
SHA512

3155688e1b57afd9c7bd54673252198443f6428ebb147cf792277632566faa412db2ca012f3747803c2764b4ec9e29df5afb428b81c527c6171aa6de6306a6c0
SSDEEP

12288:GzjMVqMsqRIiTfkc22qy7upO+L4pGAABJNRktvYlj0VJ8jMDFVNslPLr:GzxSRrrkcZq0/gnJN0pAjMD2lzr

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack001/493239f65d67f05cfa86644937ace5a0ba83fb316babf3d1d66d21674eae78e8.exe	autoit_exe

Files

b337aef2e21d2113969f421d307a0bfc.bin
.zip

Password: infected
493239f65d67f05cfa86644937ace5a0ba83fb316babf3d1d66d21674eae78e8.exe
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 557KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ