2ad1cbd1560ed6d261e9f59185792e8fa78c00b33bcfc577ecfbcb96676fd8c4 | Triage

Sharing

General

Target

2ad1cbd1560ed6d261e9f59185792e8fa78c00b33bcfc577ecfbcb96676fd8c4
Size

2.6MB
MD5

ed189a26863370646bc1a5fae95b7821
SHA1

a07f4a961c1f14a7c1ff6723a65f53e13fa11c5b
SHA256

2ad1cbd1560ed6d261e9f59185792e8fa78c00b33bcfc577ecfbcb96676fd8c4
SHA512

10759d115dbd3369d78cc20e92749ec543135bafe3c659f0183339015f9ff283bfe68e1d252fdafee4e327bc1d5e2e5c83489e1c96f14c9172140f7e4eb88ab6
SSDEEP

24576:QAHnh+eWsN3skA4RV1Hom2KXSmHdqf0K44JzixdvW80EXLq31gEfUvWDyBFZpxxy:Hh+ZkldoPKiYdqd6q

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ad1cbd1560ed6d261e9f59185792e8fa78c00b33bcfc577ecfbcb96676fd8c4

Files

2ad1cbd1560ed6d261e9f59185792e8fa78c00b33bcfc577ecfbcb96676fd8c4
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ