b3129a9ed795554757593dedc79144f4d8c265a6ffad6990f7af7e4c479af110 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3129a9ed795554757593dedc79144f4d8c265a6ffad6990f7af7e4c479af110
Size

843KB
MD5

34b6590b2ad04576a125ee8b9556c9bf
SHA1

fc040478e6f829a59e962646139cc0b54d8f5b59
SHA256

b3129a9ed795554757593dedc79144f4d8c265a6ffad6990f7af7e4c479af110
SHA512

414ab1e99ce26d9d1bb6079136e771d9e04f3b99de5a7b46def30bc1efbc2529f2dacfd893b1efede1ae212a408556747a3b9bd4e215295c8258bd959d9a1a12
SSDEEP

12288:E4lsXvtCcmVVXzzn4PJAahPl/QEdIMiVbHydETJnJWkYwg7o1q9MmCS:E4lavt0LkLL9IMixoEFNYxo1q9MmCS

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3129a9ed795554757593dedc79144f4d8c265a6ffad6990f7af7e4c479af110

Files

b3129a9ed795554757593dedc79144f4d8c265a6ffad6990f7af7e4c479af110
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 560KB - Virtual size: 559KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ