Static task
static1
General
-
Target
408c1f4f753d954c156a5eebb5d7fb00
-
Size
512KB
-
MD5
408c1f4f753d954c156a5eebb5d7fb00
-
SHA1
e5b41f7436da77a9a8f5a9edd84ae687e718bd8b
-
SHA256
b13f95c6c635ba1f8e277d4b2c9df45a1210b6cb8d0e9edaf9373aaeaf06789b
-
SHA512
f6c6d99782c600f73cf41ed24c49252271dbbcd2ec1692ac10c189bb2a491f653e65b1537e54033726f02242978b36305c1e2c5af6096effebcb2dbc549bdc0b
-
SSDEEP
6144:1VY0W0sVVZ/dkq5BCoFaJ2i5Lf24C07N5OvSLTUF6pQxI6Upe2cBnTu19bcodj6A:1gDhdkq5BCoC5LfWSLTUQpr2Zu19Qm5p
Malware Config
Signatures
-
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
resource yara_rule sample autoit_exe -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 408c1f4f753d954c156a5eebb5d7fb00
Files
-
408c1f4f753d954c156a5eebb5d7fb00.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 399KB - Virtual size: 398KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 35KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ