Behavioral task
behavioral1
Sample
autoclicka.exe
Resource
win7-20230621-en
General
-
Target
autoclicka.exe
-
Size
4.9MB
-
MD5
e89b43d57a67a3f4d705028cfbd7b6fb
-
SHA1
332c39d5130752b8c32d3b7275a05c13e874db84
-
SHA256
4bc6320085fff7355dd7916a03ef469af0baea9b0a613a1582bdd2a457c6fa40
-
SHA512
809e3b6e2eb34a7a061bb8de610baef25f91c0dee5fe1d2e42d04a0ac42e43b40b1ee4e42352cc7d59322aa5cf4b2645c85fed7f36906d68e22e400d48e437ef
-
SSDEEP
98304:W7ZWKhZIitb70UJNoyj27yM3+M/+4HH0kw4tz:W1xog2eQ+MWSww
Malware Config
Signatures
-
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource autoclicka.exe
Files
-
autoclicka.exe.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 400KB - Virtual size: 400KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.themida Size: 4.5MB - Virtual size: 4.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE