52d43df34e9584604e2223336fcd427f0e1d1dfb684e33d19e0c845b04fca59f | Triage

Sharing

General

Target

52d43df34e9584604e2223336fcd427f0e1d1dfb684e33d19e0c845b04fca59f
Size

1.2MB
MD5

f2c75dea95b3d5f54e05ce02888fbe79
SHA1

4eb86653b796c96d8ddf00979a01b0d7903c68ef
SHA256

52d43df34e9584604e2223336fcd427f0e1d1dfb684e33d19e0c845b04fca59f
SHA512

0f95d9430804f6a9fa0b6edf33c8a5b026ee4de5ef0b0fcac6cf2ea9c9e734f6ff839879d66c5a8ba1aa67480f79d45c8c0ef9f7d305ae9d83f6dbb28322fe45
SSDEEP

24576:LAHnh+eWsN3skA4RV1Hom2KXcmtcxafoJ11DjaPxe41:mh+ZkldoPKsacxaa1faI4

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52d43df34e9584604e2223336fcd427f0e1d1dfb684e33d19e0c845b04fca59f

Files

52d43df34e9584604e2223336fcd427f0e1d1dfb684e33d19e0c845b04fca59f
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 417KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ