Static task
static1
Behavioral task
behavioral1
Sample
b7bcab6254e350d3e6726f221ef90abe3a909ba4cd0ad17cbfc11a0e651e5602.exe
Resource
win7-20240221-en
General
-
Target
b7bcab6254e350d3e6726f221ef90abe3a909ba4cd0ad17cbfc11a0e651e5602
-
Size
2.6MB
-
MD5
0dbc59ff95744137f3f34763e8ee3d81
-
SHA1
0b8613d8c43536689da43690347729051ec23150
-
SHA256
b7bcab6254e350d3e6726f221ef90abe3a909ba4cd0ad17cbfc11a0e651e5602
-
SHA512
542f1dcebd9204c4b4158d1471e67a39d393bddec42d7b751d9cf01a40344b532be3f5f19615f22c6f6c2db3dd6f94c042e58d620c1296cf29ba6ca68cc9c793
-
SSDEEP
24576:SAHnh+eWsN3skA4RV1Hom2KXSmHdK3VqbE6przwKpwvEuM/SD0wugdDEl6NrL/NG:Vh+ZkldoPKiYdKr9U
Malware Config
Signatures
-
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
Processes:
resource yara_rule sample autoit_exe -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource b7bcab6254e350d3e6726f221ef90abe3a909ba4cd0ad17cbfc11a0e651e5602
Files
-
b7bcab6254e350d3e6726f221ef90abe3a909ba4cd0ad17cbfc11a0e651e5602.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 568KB - Virtual size: 567KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 191KB - Virtual size: 191KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ