c56b57ae3f2a57ffe68719aad1a645e4167fda7886729a21125e49e3c20c92a7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c56b57ae3f2a57ffe68719aad1a645e4167fda7886729a21125e49e3c20c92a7
Size

2.5MB
MD5

f6e9a58cf2d29cdc7c8902626df66a2a
SHA1

13b2137827d1fdce48e00fcbd7cd8fdc182f6240
SHA256

c56b57ae3f2a57ffe68719aad1a645e4167fda7886729a21125e49e3c20c92a7
SHA512

75963fdf6ea1fea069af2fbe1656f4fe2c5e2179e4dc12c4668de8bc8bed2815ca6195d464be8a7be25d4d1eeca64769e61d9a96ee0404155d778975c562c918
SSDEEP

49152:KG00SSgCmP/ZwYj4ec7DL4h/mi5TdwDR47:KJnZwHX4dnTWd47

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c56b57ae3f2a57ffe68719aad1a645e4167fda7886729a21125e49e3c20c92a7

Files

c56b57ae3f2a57ffe68719aad1a645e4167fda7886729a21125e49e3c20c92a7
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 672KB - Virtual size: 672KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ