36a9a5ac318455e2df6ee45c1f57435c090919d4204c073a752edec8929df050 | Triage

Sharing

General

Target

36a9a5ac318455e2df6ee45c1f57435c090919d4204c073a752edec8929df050
Size

1.4MB
MD5

28b06e877f701a657210f71d96f5215a
SHA1

37e31c0eb93d9c6cbb9c50df3b95a2c2e8a27e55
SHA256

36a9a5ac318455e2df6ee45c1f57435c090919d4204c073a752edec8929df050
SHA512

a8f957e35a39f5dbdf524c68760c24b068be6d78b2d22ec0bdfb82f7cb122f723a9a2c7b5dd5505449cd0426551660264403ec441fa78be92de2e1a1168ae0c6
SSDEEP

24576:0tb20pkaCqT5TBWgNjVYVt5FbuBwt4clGC1FrHV6A:dVg5tjVYVRiB+Gc15

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36a9a5ac318455e2df6ee45c1f57435c090919d4204c073a752edec8929df050

Files

36a9a5ac318455e2df6ee45c1f57435c090919d4204c073a752edec8929df050
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 557KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 656KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ