da78ddf077a51c77d33104afd7430a77a68cc92ef7c3c5a430b60db0a4c7c734 | Triage

Sharing

General

Target

da78ddf077a51c77d33104afd7430a77a68cc92ef7c3c5a430b60db0a4c7c734
Size

843KB
MD5

c5950edc3b3db19a94992a9639fe9b74
SHA1

9c6006b6bf731b0a69b1dafce6c207f58316b547
SHA256

da78ddf077a51c77d33104afd7430a77a68cc92ef7c3c5a430b60db0a4c7c734
SHA512

16e78f5fbdfd1c454e8b71ac6875daea65559dce4e3a8ffd2f49b43a6719103c249f7abab5746af86ef7144e33aca84ca3012b89b7834d870854753de27ec329
SSDEEP

12288:O4lsXvtCcmVVXzzn4PJAahPl/QEdIMiVbHydETJnJWkY9o7x1q9MmCS:O4lavt0LkLL9IMixoEFNYGx1q9MmCS

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da78ddf077a51c77d33104afd7430a77a68cc92ef7c3c5a430b60db0a4c7c734

Files

da78ddf077a51c77d33104afd7430a77a68cc92ef7c3c5a430b60db0a4c7c734
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 560KB - Virtual size: 559KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ