97d367e75cd3be81c7a7b63f7af8371cc0f393097c4729dd36d8dca5767a66d8 | Triage

Sharing

General

Target

97d367e75cd3be81c7a7b63f7af8371cc0f393097c4729dd36d8dca5767a66d8
Size

978KB
MD5

5b4bd61053ca3254e6e92160c1c9f905
SHA1

1f41c114cd4dc20bf13563db63cbde125a6b96c7
SHA256

97d367e75cd3be81c7a7b63f7af8371cc0f393097c4729dd36d8dca5767a66d8
SHA512

79dc609ffd1688a4d3014c544e9d8d16d9c6f6d3f1dd09ea27714584566d3eba76b19ef8b7b961177498b4f8eb45a6d2a5ab51ba3d76d7eb737daa5b4dff45a2
SSDEEP

24576:vjNefNkgsyIhuc2WNOAFG1x198LabpiGdN:8fNKJOAFMxALabpiO

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97d367e75cd3be81c7a7b63f7af8371cc0f393097c4729dd36d8dca5767a66d8

Files

97d367e75cd3be81c7a7b63f7af8371cc0f393097c4729dd36d8dca5767a66d8
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ