d5c7ca634e831f4c0471cee5f2730a899b43d5486263f0de4b3883eaca2c3a61 | Triage

Sharing

General

Target

d5c7ca634e831f4c0471cee5f2730a899b43d5486263f0de4b3883eaca2c3a61
Size

2.6MB
MD5

8b1f5d1ae0a540c81c70105a41c8626c
SHA1

168664b8419fdd5a654e41bcbe0cbfe196be7c41
SHA256

d5c7ca634e831f4c0471cee5f2730a899b43d5486263f0de4b3883eaca2c3a61
SHA512

d88f2620b0b50af97a57711b59df6a7a343cbc5b3af04552641ec8b942bf8c770bc9b07baeac07d9461fe863d4e62497b627f93a17212e1c188d4e32374ce119
SSDEEP

24576:QAHnh+eWsN3skA4RV1Hom2KXSmHdqf0K44JzixdvW80EXLq31gEfUvWDyBFZpxxI:Hh+ZkldoPKiYdqd6A

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5c7ca634e831f4c0471cee5f2730a899b43d5486263f0de4b3883eaca2c3a61

Files

d5c7ca634e831f4c0471cee5f2730a899b43d5486263f0de4b3883eaca2c3a61
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ