Static task
static1
Behavioral task
behavioral1
Sample
b7a6d16e98ed7e31c3bd71fd55e0378f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b7a6d16e98ed7e31c3bd71fd55e0378f.exe
Resource
win10v2004-20240226-en
General
-
Target
b7a6d16e98ed7e31c3bd71fd55e0378f
-
Size
512KB
-
MD5
b7a6d16e98ed7e31c3bd71fd55e0378f
-
SHA1
fbd4566af3f7c0b61346673a805b66a04ca7e204
-
SHA256
bc8460321d4157c89c87244ff2932ca24ae11fae40edd65c580338ebbebb9d33
-
SHA512
cd8163d912447130e24403ecd75d0ac2ffaaa6a9a3deb69609810415eef931032a43b865b62d60e67143fe9d3e66b54e67a29872bd42967ffe016b91129dc4a2
-
SSDEEP
6144:1VY0W0sVVZ/dkq5BCoFaJ2i5Lf24C07N5OvSLTUF6pQxI6Upe2cBnTu19bcodj6+:1gDhdkq5BCoC5LfWSLTUQpr2Zu19Qm55
Malware Config
Signatures
-
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
resource yara_rule sample autoit_exe -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b7a6d16e98ed7e31c3bd71fd55e0378f
Files
-
b7a6d16e98ed7e31c3bd71fd55e0378f.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 399KB - Virtual size: 398KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 35KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ