Static task
static1
Behavioral task
behavioral1
Sample
11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170.exe
Resource
win10v2004-20240802-en
General
-
Target
11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170
-
Size
1016KB
-
MD5
a58fa746c690621ab70569fa5816d418
-
SHA1
bb3f7a421c2e0d09e9f317a17f5c7b8d6aa64262
-
SHA256
11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170
-
SHA512
796640ecde1f4a2884172fd8a656cb9a554a0e0213de84dc00cc947d82138727f564478916adcb6b57ff0a8e82f82716e29830ae8ba738f381dceb4f3c901b74
-
SSDEEP
24576:fAHnh+eWsN3skA4RV1Hom2KXcmtc5Rwutbkm:Ch+ZkldoPKsac5lt
Malware Config
Signatures
-
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
resource yara_rule sample autoit_exe -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170
Files
-
11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 568KB - Virtual size: 567KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 191KB - Virtual size: 191KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 207KB - Virtual size: 206KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ