3553971fdcbf18df8920c9ae9015631425f41aabb88cfd87169e40e07702c6b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3553971fdcbf18df8920c9ae9015631425f41aabb88cfd87169e40e07702c6b8
Size

3.3MB
MD5

2bac3d0a474b593bcc02c399c09dddec
SHA1

cf64b38f6c0e5ab525c4c1f7133e0de2dbf9b448
SHA256

3553971fdcbf18df8920c9ae9015631425f41aabb88cfd87169e40e07702c6b8
SHA512

3fb56018d2479f60df3ffe6eac3dfed4ba48b1fd6ee76d9980cea2536f73a9a7949f241a7942153beb3db03c3b008cfc74f0dd2c466d0c64615f1c705e445fb5
SSDEEP

98304:12cPK5iOXDgHObcmFJkKbBLkm3LL/pMjEgn:kCKwOzHbaKNLkgpMEE

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3553971fdcbf18df8920c9ae9015631425f41aabb88cfd87169e40e07702c6b8

Files

3553971fdcbf18df8920c9ae9015631425f41aabb88cfd87169e40e07702c6b8
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 1.5MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE