6eacac0a8f12546336e95531c87ab535fc2d948f5133a479d9f77ca76f78441c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6eacac0a8f12546336e95531c87ab535fc2d948f5133a479d9f77ca76f78441c
Size

1.2MB
MD5

3c47320b54dafb660a5f7419d50c406b
SHA1

4fc51fe83aafb2d611010f3de6ce312b0e9c18c5
SHA256

6eacac0a8f12546336e95531c87ab535fc2d948f5133a479d9f77ca76f78441c
SHA512

1d501e7b44fe2bad76a4dac6b37be547cc6fbe0e189374c9b95b39f6fd72ac5f1649e1b00aa4e70b4c464c15183e3bb48c9041254ce38c0897bb41da55fec6aa
SSDEEP

24576:LAHnh+eWsN3skA4RV1Hom2KXcmtc611cIV4uDSnXD5:mh+ZkldoPKsac6ceq

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6eacac0a8f12546336e95531c87ab535fc2d948f5133a479d9f77ca76f78441c

Files

6eacac0a8f12546336e95531c87ab535fc2d948f5133a479d9f77ca76f78441c
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ