942d85853686035f224b1d5b0df6eecc61c5a91f8b9cd4217ac338e0c8096b0f

Sharing

Copy URL Twitter E-mail

General

Target

autoit-v3-setup.zip
Size

12.9MB
Sample

250517-wws56sdk3x
MD5

0f544b1c2ae93a94146da5c2855ae8f7
SHA1

b3857290a4469e2f03e1b7016fa6731502a201d6
SHA256

942d85853686035f224b1d5b0df6eecc61c5a91f8b9cd4217ac338e0c8096b0f
SHA512

5fbe7b9b7ca4447caeb11643927261cc7cc52a13d71368f2bba8d5b7f2ee1a1e3d97aefb6265102a621de8681c146b97a53dd90b06ada0feb6547b7ffab0401d
SSDEEP

393216:dYUgxlZL1imxuXY90bdgy0yZ2Hv5fNl4FQgLpcIXG1f:dYUgDZBNYWiIv14LLpHWJ

Score

8^/10

Malware Config

Targets

- Target
  
  autoit-v3-setup.exe
- Size
  
  12.9MB
- MD5
  
  a65b5df1a846fb0bb7ad4b2da19bbbcd
- SHA1
  
  b93c659c6f9eca5cdaea8e552c0466cac3ea61d6
- SHA256
  
  19f91ee8a2acf408d69be07e1c4a99992213e565b9c8bb6d5c52f59f79707da3
- SHA512
  
  34980e23fe4c17c358cd23678c53ff548117479eab9c5cbd9f937a76bb2772e49a60c46e190da88f973ce05338a891609f012936f27de4c71b84f2789955da29
- SSDEEP
  
  393216:TDaWWhLNL186VkPwBOf74ycQf2TftfJBYT6IL/owfe:TDaWWdNxpg2icfRC7L/xm
Score

4^/10

discovery
behavioral1
- Target
  
  $_4_/SciTE/SciTE.exe
- Size
  
  2.3MB
- MD5
  
  0bac842257dec4dfbd83cb6dc9e5d83f
- SHA1
  
  529b4ad6fe1d9555ce9f575ea545aa0eb31fba5e
- SHA256
  
  64e6d2d2218dd2e9b1a025c1f83f16ced7a5e43663407346767b77b254a2c5f4
- SHA512
  
  509febd4bb73df2aabbd9562e1404605ee286a4854e2540e3e04579a1be2855f324d535c87ee9dd9d9f126510c9730bee8fdc8e9a478c75550ae0d4cd170fbf3
- SSDEEP
  
  49152:1GSXoV72tpV9XE8Wwi1aCvYMdRluS/fYw44RxL:J4OEtwiICvYMpf
Score

3^/10

discovery
behavioral2
- Target
  
  Au3Check.exe
- Size
  
  228KB
- MD5
  
  3be697d1a92115d5ca76a633a527dfb7
- SHA1
  
  3de57026d0c859eb41bfd393dfc55b1efa40b7d7
- SHA256
  
  f150544c5d383db0c0177f5f543ec0a5b6ab95a97c08cbbd91485c25670eaaeb
- SHA512
  
  997a5952600b201045d035bdf7cd0ffde1993a8c91ae236c96d3cab02261240618c1c97eb19d619b541dace81ad9e52b76ea61b17b1fd433e070307baf17266f
- SSDEEP
  
  3072:4wOvOIXbP5KVkD8QC2mCBFv9m7usyT8tKQ9clyPqlO91/iDVSsWUG0bCP0j:nCb4VQjVsxyItKQNhigibj
Score

3^/10

discovery
behavioral3
- Target
  
  Au3Info.exe
- Size
  
  172KB
- MD5
  
  b6e281bf0e2c2f182f1537bc5148faa9
- SHA1
  
  0d6aac1d3c5709084ae6ee5cce7f8b29df2cd4ca
- SHA256
  
  5238261f80d3683101d2ef2242d92c3719a92a63c45a211c7973b831dd318f36
- SHA512
  
  442776a93bf23cb69c6437ba72851bcb5dc4b90c9b03f53f37177fd271e834247b3a1f0c6ed8724e5490b59f2465afe5668513efd9cd3aeafed3aaa071416576
- SSDEEP
  
  3072:xBUNnUxTtd4mzxFVaK4T6fWSlXe0lJQafeyrR0kr/yh5DEU/Pk13TfwqiTP0:xGNUl462K4TSFo5Y683TdiQ
Score

3^/10

discovery
behavioral4
- Target
  
  Au3Info_x64.exe
- Size
  
  191KB
- MD5
  
  3026c30ffe9201a5b6164a64988e55fc
- SHA1
  
  a6a30ef85a4800f83b5f1b855094f39624e1dc4b
- SHA256
  
  3ddd9baad088d3abea6ac26c19e957aae9cb9e47101cdec8115188ed0092b7e0
- SHA512
  
  4272a90e584c0e50574ca5d7acd53efd2b771d0995da26398a3cbecbe41104af531688e75377145d800273a662239355dfb752fc8c57985227b76de2be1e7cac
- SSDEEP
  
  3072:335iuvQBUeGMLkyRnuBGwl/1Gc9QnvGqyWQ93kr/yh5DEU/P5kP0z:377E7l3wdYtcH9b5Y651z
Score

1^/10
behavioral5
- Target
  
  Aut2Exe/Aut2exe.exe
- Size
  
  1.6MB
- MD5
  
  9b8f246dd211f92cae70e795ebdf1786
- SHA1
  
  06a564a0258a5653f71a2db291047893c6ce1588
- SHA256
  
  921e51d0d9f94c05c5ed10d2d2a80620c8ed930cc48d71e2ce0a5bab4a4f8158
- SHA512
  
  9931031af51966f51caec73579d71ca2710c7fe4de57f7faf6c51d44f0938510dbeb55f9282bf5ada58eadc0ee73c933855df3714e482091949ea75cd2f5b245
- SSDEEP
  
  24576:4C51xB6B9YNgqe1xTVIlz7X9zOo4PjnikEpx/nLWvJ+K:PK0eqkSR7Xgo4TiRPnLWvJ7
Score

3^/10

discovery
behavioral6
- Target
  
  Aut2Exe/Aut2exe_x64.exe
- Size
  
  1.7MB
- MD5
  
  2e466ee23d8c71d63f412e5219cfe1b8
- SHA1
  
  74ce7c9e423c8a6d3db0b543ad25539d03c1674f
- SHA256
  
  74f37e3b6ecddaf899b2f8e4f40d92ebed3c9a647745dc81aefccf9c79c7564a
- SHA512
  
  33eedb6cc5151b9799da33e7ade02a262f535e3833bceb7aaa6b5f7c6f87c0e77fd5b66de01928d65ac7d738c78d7af283551e3eb6520f80dc6325fe2ac7c616
- SSDEEP
  
  24576:jEeK2NocwiN/jc41p3qp11JsqbhOUe1xTVIlz7X9zOo4PjnikEpx/nLWvJ+X:hfYP1JsEDkSR7Xgo4TiRPnLWvJC
Score

1^/10
behavioral7
- Target
  
  Aut2Exe/upx.exe
- Size
  
  298KB
- MD5
  
  e9eacbb7ab4b3f66019e0a2f13a1dba9
- SHA1
  
  ae30894b29e52bf04afc4a54795d438fb910acff
- SHA256
  
  0c3dc789d0a46493bd097526b920d913d930d96b1052cb331eec3ac560c89996
- SHA512
  
  925445d20c93c65a282fc59f773551d824bff1f8e2623fd8ea0c587831a9550c400f121defb3d82c8f0401903fa69e3154dc98e29688d02af1d5d01247914a06
- SSDEEP
  
  6144:vZCWmlys014OqpXDXz7yIrozs0WuNd3ojusBdgnNW6r4F53ttuGENGFdVCLEYnPQ:hCWV7q9zGImAjJdcH4j3ttzFdVCLNSf5
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral8
- Target
  
  Examples/COM/Scriptomatic.au3
- Size
  
  20KB
- MD5
  
  a1b729edaa6b51a5972c426082c19737
- SHA1
  
  d78d0dccfe195c7fefe6033aded4fdcd7823976e
- SHA256
  
  22b1e3dbc9f6fa593a87765c186f4befd0d6041cdd8f3adefc828b952e08c49b
- SHA512
  
  fad8774e961763e3be2d5078d40979a4f959aa171515e5cda361818e782bc1a049c324a0a84829116b144d1d04ac5f9e22165baa0e63c732abfaba07f646fcf6
- SSDEEP
  
  192:HdvhxMXrf8jwDl1p6PngSUF1qU41ukjLzNK7ZN8NrRRQiER/MOV+WQNuyPudF+rU:HHsD6gSUwukANN8NnOxFWPkI9E5L
Score

3^/10

execution
behavioral9
- Target
  
  Examples/COM/Worksheet.xls
- Size
  
  13KB
- MD5
  
  48ea6822ca50d0ed031947b9d8d329c1
- SHA1
  
  f5548bcbd70ea31e567251317fdd2d34f001c160
- SHA256
  
  ad62ace472f8d341fe65ea4dd633d9f1ca3b04a82a66cf33a2d17794711ae241
- SHA512
  
  62700cd2657d7a551e2cfee5c90fbd5dc65b837734119f6bbac5d4e0545ececb9ba8beacdf7427790845e0b02b3d4f1ea7ade8c11c6b4fda6ceb3213750a3f62
- SSDEEP
  
  96:UqLyl2JLIqgchloB8MQj4dWb/ec/Oc/Oc/5CDch7+:Uqs2dhlFjl/D/D/56
Score

1^/10
behavioral10
- Target
  
  Examples/GUI/Advanced/msgboxwizard.au3
- Size
  
  16KB
- MD5
  
  de83becfe933ccce312c3e716636eebb
- SHA1
  
  03642051e21ded64734df7340cae63151709585a
- SHA256
  
  9cfc59c702259f4e35312f2d27416fb7fe5e21472dc4a88efdaf08d9a067a684
- SHA512
  
  b77be9667ae48822cc3eb04253cc0de8047ba51db7b262644828fbc95256ba81913e460680f5a47336d947bcaa4a390cde8b17ed6752b754efc5a7539aeab8f5
- SSDEEP
  
  192:9SXpXTn38NDXlJikGM5Iqr+7PS7B87zc70x7eI7vtAtbVRRx:9A389rriPmBUz00ReAFCbbP
Score

3^/10

execution
behavioral11
- Target
  
  Examples/Helpfile/Call.au3
- Size
  
  1KB
- MD5
  
  c5d4ef31fd577946054db5d0ad666a31
- SHA1
  
  861b3b1b758474097ce401231e1ecd4bc0319e65
- SHA256
  
  1362f064cf0ec94c177970ad93997e04b053697074e0cbf5c6b25cf8ee2c25f8
- SHA512
  
  98051eb6fa405cec292f70f61a1caca050c15b77cc7e8df77152897016be41d5aa290c304309f980fd30484093fba6ffaeb28f162aeafb6911cb24dae1fb96d6
Score

3^/10

execution
behavioral12
- Target
  
  Examples/Helpfile/Enum[2].au3
- Size
  
  1KB
- MD5
  
  75f2cf899c08400ad91e9e56a7e7c538
- SHA1
  
  a69b16c1e3ddb05d4e24ff32bb8ff52be5e61ef2
- SHA256
  
  9bc05925dc6625096b709b754b45b4a8ca843d90f09c3661bf29b8eb0e0c81cb
- SHA512
  
  5676f6836dd89c554d214e2aaf791dfca91ec9f31176ff969f625000c89989a14946c1431a295ebc2398d16df09bf1386bd654cf22ab8ec2c7022a64546be905
Score

3^/10

execution
behavioral13
- Target
  
  Examples/Helpfile/Extras/MyProg.exe
- Size
  
  2KB
- MD5
  
  fe48113f3a78f980634e8cdacabf5091
- SHA1
  
  4f00a7f6ae3e2a864a0edb2652485f0111d0cd06
- SHA256
  
  91de3a2577b3ca0f9a59cf9503cb567d7bd0165455d75c03ee44a4130c0a8cc1
- SHA512
  
  6e13c1063e9eca8fdefaf4dd5c376b45be4cd614d39d5e68723cc34ef2c2ce62a4da6d8ed33808c81159d9b1b5623fdc1f7124e8ddf2add0e9480c1e9aa56db2
Score

3^/10

discovery
behavioral14
- Target
  
  Examples/Helpfile/Extras/Resources.dll
- Size
  
  301KB
- MD5
  
  7939a3fbab49388336af4bd6659668bd
- SHA1
  
  d0157821bba9fc72ce22d845620f28bb6a2547a5
- SHA256
  
  3293d7cf51ec3d7a7fac72b07a949b7072984daddc952bfe00c25c02d70c1d14
- SHA512
  
  fdd6a4d97a18fc6b2ad8fb905b18b15cc70b4226dffd6c91693cbf02ca3bb6269fd1331b561681e130ef4eb21c7d1da5b4292e5890edb9cff6b93b2195510a0e
- SSDEEP
  
  6144:6SII1SLHco6FLY6shZBWlK3b++2kLD0HQXm8qW:6SIGLUh7Wk/LLq
Score

3^/10

discovery
behavioral15
- Target
  
  Examples/Helpfile/Extras/Test.doc
- Size
  
  49KB
- MD5
  
  5c28145269fdc4db8d5d642aff40cedd
- SHA1
  
  0d2de1c846cae037dd26e77496f7cb4272e01ae9
- SHA256
  
  c249cbbae0c989d2d6fbb04a373ca25a3295a10ad2f9ae5a80b393ba9e8395e1
- SHA512
  
  eecba3c288b0b2818ceba067d430d6274db7737e2c2d450c427bad83949f12988d08421feafb7ae9980fd1088ffad5453f9b2edee6dab3423e7f95289bbd025c
- SSDEEP
  
  384:pyfY2YrYn3j/UDTnSiSYsCT+ucO7iZE2PMXG75NNe1ltV/96j2L260j:n2YrY3j/UDTnFhT+POxGPIYKR
Score

1^/10
behavioral16
- Target
  
  Examples/Helpfile/Extras/Test2.doc
- Size
  
  32KB
- MD5
  
  345b41418ace68f770e4d1830a4fb248
- SHA1
  
  4e8df86bcb38ee7fe7ccf7e50d663a5cc940aadd
- SHA256
  
  b55a9e83251cb7f29f31dd369cbd9c3941c3725f4fad0e2a47f80e75f8f05498
- SHA512
  
  0d346908fd8e7eee21d4f6937a3d70488a01f44d5d3b9ddfae6c727051cda71278f3bf02f378ffa3c36b7a3db10f91f74044f4763a68040ab8e05e2513414614
- SSDEEP
  
  384:fG2YrYn3j/UDTnSiSYsCT+ucOniZE2+h5:u2YrY3j/UDTnFhT+PO7
Score

1^/10
behavioral17
- Target
  
  Examples/Helpfile/Extras/WMDebug.au3
- Size
  
  15KB
- MD5
  
  a1476b662f3b14b76b109cb7c2aeec85
- SHA1
  
  57ba92576bcc45d31be46b7a5a11c23ac233ad5b
- SHA256
  
  b58d71c1e851fbbc46c7f612eb402c7007c86f5395182e117ed271a6818c32c0
- SHA512
  
  f68f0909bdfc21f34607b5949ae9bcc163fc2c7786ba44a65b1fa35fd8660120d9d3fa4421e3f5a65632a2ce9565549fed9f4ae784bae148608aaa68b38bcff6
- SSDEEP
  
  192:UbremzFniJZsiqlD2YkdAugf96Lw06Uywmh04jCYG4oxJnR7PR:UbSawkiqYZdAugY893jCYG4aJnRV
Score

3^/10

execution
behavioral18
- Target
  
  Examples/Helpfile/Extras/WM_NOTIFY.au3
- Size
  
  6KB
- MD5
  
  19ef8dbdac8c87117940881db73067d4
- SHA1
  
  13aa882591ff448cb1ff427ae1af4b865429f311
- SHA256
  
  1b85333962bb1c3a91c1cd18c8d489028546acee8ee68a4e1500fef9e793118f
- SHA512
  
  9f20e52ea6878fd60cf827ee2d26fac15a2cd18e28e8f89b524ca53d51355693ee960d3c132d63361a9e73ef696b4101f86e2b821a12038433d844f82e077e67
- SSDEEP
  
  96:iwQRuNKxiK+fgjtU1MqAK+aFPOiW3E6r7Hgz/K+wCzOD2wANc3:iwQRuNoizfgjt6MqAz62y+Az/zta6Bc3
Score

3^/10

execution
behavioral19
- Target
  
  Examples/Helpfile/Extras/_Excel1.xls
- Size
  
  389KB
- MD5
  
  3afb5f71269ead99550dc48426d3502a
- SHA1
  
  9839db2ed2499d5553334be15fb14eb0359594ca
- SHA256
  
  ae0178828453e257c5c7a0eef40235cabcffca638f4c3947aeaf54106c9c47ca
- SHA512
  
  596b031fdc1b79da0c58aae223bb27c221c12dc7ca0ec07b71188215ba4d0b83917ac555f359bcb323f37f902ad12cea0d3ed75b2a7fbee3552bf369b58610fe
- SSDEEP
  
  3072:DJXKfgewihCxsRHQC4nqoOmdEh6kXu5GxKlAq3Va87h+BOy8PtaX47fBUL5:wYew9x+FAqHukvRoVaEh8O9tJJ0
Score

1^/10
behavioral20
- Target
  
  Examples/Helpfile/Extras/_Excel2.xls
- Size
  
  475KB
- MD5
  
  692a4b5440a26cba9a76ac6c64ba5849
- SHA1
  
  484b0921f160216b8a4d93c60a3cd693f079e66a
- SHA256
  
  d8b2be9626555dab72a5edce2953f6e3c3598b5499614e16df83348b3378080b
- SHA512
  
  494c2980f636df8b57c71be25ed77ce0dbae43a52fafa710dcbb622d16c85abb39a3e6e795cae5cdbae88967930921a5c559b62f9da531575a21a1813bd80bac
- SSDEEP
  
  6144:s0TlRpT5VbqEq+DfnJKjcuXG9do1+BcKz4oFLfQ4kfA:/TlnblNb3VwuTkI
Score

1^/10
behavioral21
- Target
  
  Examples/Helpfile/Extras/_Excel3.xls
- Size
  
  886KB
- MD5
  
  6c241c20cd21bd449cee51d76b02480e
- SHA1
  
  582f0b70672a42d7ed60266529fb5dacd62704e1
- SHA256
  
  d546fbc3fa5f9c819953839c836945cbd41355f91e2ed3f3e97e5a2be7f93aa9
- SHA512
  
  5207cc06b20ebeb9263ccbfc1c00d3d45f2fcff34fc7bb350b1a5fc5fe3d1e9396106b1753259b9aae6a83440cc6b91038fcfe36b54e6cea36fdbc7546daba2c
- SSDEEP
  
  6144:anoLgsIsQzIqQWnoayrbu6R6QDqWhhfnJKjcuXG9do1+BcKz4oFLfQ4kuY:fMj7c1CFgbj0QuiF3VwuTkv
Score

1^/10
behavioral22
- Target
  
  Examples/Helpfile/Extras/_Excel4.xls
- Size
  
  24KB
- MD5
  
  7852399837e805e239886d30cbbd6bfa
- SHA1
  
  7712ded795c2671d96937573f103469616e2b25e
- SHA256
  
  6922333639b8631adb1991fe8da09e54c47af7572e65fdf123cb670dd71f14f3
- SHA512
  
  ae92fdc462df9524f6569210d9429ae1daffecbe7744361e7e6836fcfdc4bdd5f238720a9c550067adda96e6fa6debfcb32c0dee4e5c8d980d01684b981da978
- SSDEEP
  
  192:qqiZDO+G0eo+s13x/lILZnBrJXaM2ESIXOVCCMwUNk3D37lulatlX3v:2DOqVC1k3DLlulalnv
Score

1^/10
behavioral23
- Target
  
  Examples/Helpfile/FileGetAttrib.au3
- Size
  
  1KB
- MD5
  
  cf1926518aaeb015fa4d1a568c866ad3
- SHA1
  
  5eb6bc1265da2e70aad219b7a70fbb44a8e34a13
- SHA256
  
  9a725037b4b5b261da41f8a0e6c7490afc602820d3822cc27dd814e2dfe6abc1
- SHA512
  
  f243e72c1d00068ddfe64a3865bd4b65bf23f42b2eaed39e7816b3928195c959e78d2f2d271e257cd38fbde415ef9cf5770a9bc12dd926ceaacecaee8ce25946
Score

3^/10

execution
behavioral24
- Target
  
  Examples/Helpfile/ForInNext.au3
- Size
  
  853B
- MD5
  
  758c074a0d0780cdba8e9d047d3c2581
- SHA1
  
  0a05f4078177795018c50f8610ab07b09825d265
- SHA256
  
  31cb5ecd9137b35daeff1cbd3c0cd8b46b57662a6a18b6dbed43503023c0f7c4
- SHA512
  
  059b4b68129e7733f3e502245a3dcbe7f722b7b85e3e707adc7ca862548430c39f5bac3895c66aba7f25bf83b52a64ab57d9b6209c7ac5ea2a103a3cb278c686
Score

3^/10

execution
behavioral25
- Target
  
  Examples/Helpfile/GUICtrlCreateContextMenu[2].au3
- Size
  
  2KB
- MD5
  
  0df91f74ee61c131fc6f45eef166f855
- SHA1
  
  150c387d786a8db5f525862058cde487427b7c8a
- SHA256
  
  6f54f9ab154b4f65a0d6d53ec7a34b76c5432f4f0065816a84cb717e654f4980
- SHA512
  
  326371a818b9c268e7b5c52dbb0b5c73f080252f7429e5d792e44e7398024929cd5bb86072e48c79ee5d8b6bf45af498db355bf1a80d107d6cf0d5b42a8d89ba
Score

3^/10

execution
behavioral26
- Target
  
  Examples/Helpfile/StringRegExpGUI.au3
- Size
  
  15KB
- MD5
  
  0dc14c39212ed99dbea76675a59c2f09
- SHA1
  
  0742f5fc6e9d3ad6b0610d559a5dda3271d6fe3d
- SHA256
  
  75c1b181b40044108bd8b69768ede674252bb0448b6c3d0bc909e80639183b08
- SHA512
  
  27f06bc44348f741249e08b23e11c557c27efa9d450dc9fb52ba9a8730d53a9dd32864b3b472947bcacfb519a229ad79db62e9b81bc7378ce6004d2a75613db5
- SSDEEP
  
  192:9JPcleR6EdUW2eudng061uPAE1F5gVgUFrhd3zZvHN6GT4h3fuT4O3FB:9lb2eudgxsAERgpdj1Bz
Score

1^/10
behavioral27
- Target
  
  Examples/Helpfile/_GDIPlus_ImageAttributesSetRemapTable.au3
- Size
  
  3KB
- MD5
  
  56205ab1cb0e40ae8b292c1bd366e39a
- SHA1
  
  d78478983ae8f3e14e1bc6266cae97b4f1ef290a
- SHA256
  
  29d4955e6e2a2069bbb55c084be62b514634b074ab4b8773729a4baf461ae453
- SHA512
  
  f4af1cbb09fdc274ca6233666bff949b818b904650927f7cb9fc07dbf53c66d66686e916a3918217f2072b5b6a77c91900f2bf5a0d69ec571ce6c37ba65e8d27
Score

6^/10

execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
behavioral28
- Target
  
  Examples/Helpfile/_GDIPlus_ImageGetPropertyIdList.au3
- Size
  
  811B
- MD5
  
  5a0c8e6f9eae86d984d3aa84da1dca06
- SHA1
  
  ae59582f6d717583b5b8c3b7432d0502d754f69e
- SHA256
  
  41d8d739170e259f315caebbf861dd8e6e309f9fd9341e9ea867743e3724558c
- SHA512
  
  a5289477ee895907641124f87e4d0429f46e4595da96bee1a2f59fc1db51045fcaa0ce0147807d66a0b9b7f1e7a55ac6a70a229b1789af8f988b6c212c85f5b4
Score

3^/10

execution
behavioral29
- Target
  
  Examples/Helpfile/_GDIPlus_LineBrushSetBlend.au3
- Size
  
  1KB
- MD5
  
  f566e731fade0d806a7acf06fd746a68
- SHA1
  
  f5f94fa07579a32b7d08b6deaefa802842961272
- SHA256
  
  9755c58f486d545966ab214a7908f6e1d1ca6636124018b6a4863d98ab60efc7
- SHA512
  
  966382772637f6f0d87bfc413bdefdd2867382269fc7dbd35a38c7d633568418b0a65d75b2cfbb66ab90a1851712b61d09008809841fc91477981b843e4e1c60
Score

6^/10

execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
behavioral30
- Target
  
  Examples/Helpfile/_GDIPlus_LineBrushSetColors.au3
- Size
  
  2KB
- MD5
  
  5d6a09715ee1140ad34e0b02b72e301f
- SHA1
  
  725c3fd3bf0cb0915693b566bf80a2ab01a7f4ac
- SHA256
  
  7356becb4a13803063bfaa1959e535405d93e48d5ad400b2790030940081f528
- SHA512
  
  41bde7593b19d8f1d606b6ffa2799ff483781ef4f00a3ba9b36e106c09186f47bc1184ce979eb4459e2e9a011a92c46c0a08eb0a5a7c73e6996e65cae8f7918a
Score

6^/10

execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
behavioral31
- Target
  
  Examples/Helpfile/_GDIPlus_PathAddCurve3.au3
- Size
  
  2KB
- MD5
  
  f0c5de14c8b92e596a408fc6d37e4efb
- SHA1
  
  c64279bbe0773a3e574f5b97d43403e6b186ed42
- SHA256
  
  39123984a740d4a4110772a8999736d9694f29aa6bc5ea067ea4e48268e31646
- SHA512
  
  8b2a26064b9124b522ec655aa6d6ac26b69001d4b643c53e8112e1f7db06c5be8b11f9cacb026583552c010a38207df8abee9247ead9fd470bd938bc5ddf3b22
Score

3^/10

execution
behavioral32

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

UPX packed file

Command and Scripting Interpreter: PowerShell

Command and Scripting Interpreter: PowerShell

Command and Scripting Interpreter: PowerShell

MITRE ATT&CK Enterprise v16

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32