293bcd7db1813d892d59d5653bbae089323d1daa7c83f52e77541068d8c53148 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

293bcd7db1813d892d59d5653bbae089323d1daa7c83f52e77541068d8c53148
Size

896KB
MD5

1b70f37ed5d79f688cc95e3e3353ac08
SHA1

643fc049dfacf6641d30873b1f8f4c3a374c5810
SHA256

293bcd7db1813d892d59d5653bbae089323d1daa7c83f52e77541068d8c53148
SHA512

55cc82095248d2855752a005bc835cb4ff09653d5cea11f3f91af435a3d292545241fe6eb928b497d657d64e0ddb6c87c9bb805d2101ec430e508e030c4b662b
SSDEEP

24576:cAHnh+eWsN3skA4RV1Hom2KXcmtcv9jz5:7h+ZkldoPKsacvf

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
293bcd7db1813d892d59d5653bbae089323d1daa7c83f52e77541068d8c53148

Files

293bcd7db1813d892d59d5653bbae089323d1daa7c83f52e77541068d8c53148
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ