11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170
Size

1016KB
MD5

a58fa746c690621ab70569fa5816d418
SHA1

bb3f7a421c2e0d09e9f317a17f5c7b8d6aa64262
SHA256

11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170
SHA512

796640ecde1f4a2884172fd8a656cb9a554a0e0213de84dc00cc947d82138727f564478916adcb6b57ff0a8e82f82716e29830ae8ba738f381dceb4f3c901b74
SSDEEP

24576:fAHnh+eWsN3skA4RV1Hom2KXcmtc5Rwutbkm:Ch+ZkldoPKsac5lt

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170

Files

11885a82a89f173bfc56ada0cc3dffd97b8b75f267f1a74bf7e4e2c52af88170
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ