f4525ac1bd65e6c21542a285d07abe6a89835873c2b5154134f425c7227d38c8 | Triage

Sharing

General

Target

f4525ac1bd65e6c21542a285d07abe6a89835873c2b5154134f425c7227d38c8
Size

1.4MB
MD5

2be2cbdfaf6296a8c555fdf4b223edb9
SHA1

b05ef08dede45deca93a99523b733be5f6bd7f85
SHA256

f4525ac1bd65e6c21542a285d07abe6a89835873c2b5154134f425c7227d38c8
SHA512

774e95bc99d956d3f173e74624c1da1ad38070ea93fb36dd5c252f8515dd37df7938746754c9d6a8d9142139678a823ba11a631bdcdcac405f9066d1ca01945b
SSDEEP

24576:0tb20pkaCqT5TBWgNjVY+t5FbuBwt4clGC1Fr+:dVg5tjVY+RiB+Gc

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4525ac1bd65e6c21542a285d07abe6a89835873c2b5154134f425c7227d38c8

Files

f4525ac1bd65e6c21542a285d07abe6a89835873c2b5154134f425c7227d38c8
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 557KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 656KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ