0def33ec935aa6f0fba883392ce48f165090b7fa3480f92a8e8e381434c7f1e4 | Triage

Sharing

General

Target

0def33ec935aa6f0fba883392ce48f165090b7fa3480f92a8e8e381434c7f1e4
Size

3.6MB
MD5

0df3568408494b4a22266d0be843d83a
SHA1

38574bf38b335af3e8fbe1dc36b8bf467bf6a2e6
SHA256

0def33ec935aa6f0fba883392ce48f165090b7fa3480f92a8e8e381434c7f1e4
SHA512

bcd8dff59ca50874838d2754b45801cfc16333c5ecedd01d29dd8bde9539507fa052eb048e9a34c038ca44c39f68c25bdd00a015c495723bb22919d7ba1d476c
SSDEEP

98304:32cPKZiXDgHGo+8kjntEq7QGuHPt6BkDGN:mCKcziojntE8stybN

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0def33ec935aa6f0fba883392ce48f165090b7fa3480f92a8e8e381434c7f1e4

Files

0def33ec935aa6f0fba883392ce48f165090b7fa3480f92a8e8e381434c7f1e4
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 1.5MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE