Try now !
Malicious
Open options
Share on LinkedIn
Add to favorites
Add to collection
Download sample
Download JSON report
Print
Re-Scan
AutoIt Compiled Script
MD5:
0ef58b2d9542a426699f4bd79e366d0b
Size:
1.89 MB
application/x-dosexec
Executable
AutoIt
Suspect
Decompiled
PE (Portable Executable)
PE File Layout
Win 64 Exe
x64
PDB Path
General
Structural Analysis
Config.
0
Yara Rules
29
Sync
Community
Summary by MalvaGPT
Generate AI Summary
Characteristics
Hash
Hash Value
MD5
0ef58b2d9542a426699f4bd79e366d0b
Sha1
ab4c95681d007aae6b0253f0c7ba1b5012a4dda5
Sha256
6149afa88ed6807a53a55beea46e66d62f6ba3a9709cdb0bc36217fadbe3e1ad
Sha384
faea1ab5bea8a9387432a9bfbec46f55009ccb9a16b911c586d218deb02a013a683483a60b9f840df5b44e4115145137
Sha512
dea9e05e4f61bd92820abbcde4fe42951f04fa8eef8381d0e75a0fa4e90c369057feeaf1f3070877f5d6f30bd601e03c24504105ea2584e548f086c423e64d8f
SSDeep
49152:02EYTb8atv1orq+pEiSDTj1VyvBaG8CXzY3Q0mSPIizean1FFCaQnfB:ZXbIrq/ozRjSwfanoaQnJ
TLSH
AF95D01933A4419DFEABE177CA12C607D7B1B84A0277862F01A45B767F337716A2E321
PeID
Microsoft Visual C++ 8.0 (DLL)
Microsoft Visual C++ v6.0 DLL
Pe123 v2006.4.4-4.12
File Structure
0ef58b2d9542a426699f4bd79e366d0b
Executable
AutoIt
Suspect
Decompiled
PE (Portable Executable)
PE File Layout
Win 64 Exe
x64
PDB Path
Malicious
aut83F1.tmp.tok
AutoIt
Suspect
Decompiled
Malicious
[Cleaned].au3
AutoIt
Suspect
Decompiled
Malicious
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:2057
ID:0002
ID:2057
ID:2057.exif
ID:2057-preview.png
RT_STRING
ID:0007
ID:2057
ID:0008
ID:2057
ID:0009
ID:2057
ID:000A
ID:2057
ID:000B
ID:2057
ID:000C
ID:2057
ID:0139
ID:2057
RT_RCDATA
ID:0000
ID:0
Executable
AutoIt
RT_GROUP_CURSOR4
ID:0063
ID:2057
ID:00A9
ID:2057
RT_VERSION
ID:0001
ID:2057
RT_MANIFEST
ID:0001
ID:2057
Informations
Name
Value
Info
PE Detect: PeReader OK (file layout)
Info
PDB Path: t$di
0ef58b2d9542a426699f4bd79e366d0b (1.89 MB)
File Structure
0ef58b2d9542a426699f4bd79e366d0b
Executable
AutoIt
Suspect
Decompiled
PE (Portable Executable)
PE File Layout
Win 64 Exe
x64
PDB Path
Malicious
aut83F1.tmp.tok
AutoIt
Suspect
Decompiled
Malicious
[Cleaned].au3
AutoIt
Suspect
Decompiled
Malicious
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rdata
.data
.pdata
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:2057
ID:0002
ID:2057
ID:2057.exif
ID:2057-preview.png
RT_STRING
ID:0007
ID:2057
ID:0008
ID:2057
ID:0009
ID:2057
ID:000A
ID:2057
ID:000B
ID:2057
ID:000C
ID:2057
ID:0139
ID:2057
RT_RCDATA
ID:0000
ID:0
Executable
AutoIt
RT_GROUP_CURSOR4
ID:0063
ID:2057
ID:00A9
ID:2057
RT_VERSION
ID:0001
ID:2057
RT_MANIFEST
ID:0001
ID:2057
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded.
Reload
🗙