Static task
static1
Behavioral task
behavioral1
Sample
7a780f84c6ea95f95b98d687ff1b7e4429c959b45d662d9a3622335cfc28f334.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7a780f84c6ea95f95b98d687ff1b7e4429c959b45d662d9a3622335cfc28f334.exe
Resource
win10v2004-20240412-en
General
-
Target
7a780f84c6ea95f95b98d687ff1b7e4429c959b45d662d9a3622335cfc28f334
-
Size
1014KB
-
MD5
3ef7b313327f8135085cc2576fd6ae48
-
SHA1
4d36acaabc5285e4c4d8b168a24780cad5101022
-
SHA256
7a780f84c6ea95f95b98d687ff1b7e4429c959b45d662d9a3622335cfc28f334
-
SHA512
675ebf1f9b4fcb938ccf31b04b33b57c2c0a041d7b31792226366ec654ecf59dd475116a37204ce8b9f1b474d7603fd7e4e0bd135bddcfcc83a19c676a416ab6
-
SSDEEP
24576:LAHnh+eWsN3skA4RV1Hom2KXcmtcBhqovxJZbZppD5:mh+ZkldoPKsacBQo7ZbZ5
Malware Config
Signatures
-
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
Processes:
resource yara_rule sample autoit_exe -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 7a780f84c6ea95f95b98d687ff1b7e4429c959b45d662d9a3622335cfc28f334
Files
-
7a780f84c6ea95f95b98d687ff1b7e4429c959b45d662d9a3622335cfc28f334.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 568KB - Virtual size: 567KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 191KB - Virtual size: 191KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 204KB - Virtual size: 204KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ