Suspicious
Suspect

AutoIt Compiled Script
MD5: baf9949e853bc2a3479b10e6335e1bd2
Size: 1.46 MB
application/x-dosexec

Get an AI-generated breakdown of this malware's behaviour, IOCs and recommendations.

AI analysis is available with Essential.
Unlock with Essential
MD5 baf9949e853bc2a3479b10e6335e1bd2
Sha1 33bc48636e242db9bf5efbaebb53ef64b5f10276
Sha256 6aaa12302d88ebf9486d546f7c8c5ea0930ae6e5db2b70cbe0552dc3f57ee2e2
Sha384 1cb85e6a7287d61c3247c2b992e3f2da15e00258796c364a880335198c116c3c0dce7b41f2d549c503354b84082a1186
Sha512 a5d705376cbec52d8d4ccce40803376870002d721bde052a1b917f0fa7b77a5a47bc7f0a09a9be31625bad52d7875e4d2471d3553cdde292b277b72e09fcc55b
SSDeep 24576:IVD15G5gV/Sk60C2Vf6ugOFhmWGCPguQh7Xz8AFYklnresL7c/YyU:IRG6V/SkI2l6ieCIRn8AFYiCsc1U
TLSH 966533D3456293A7DDA12876B4706B051FCF25247DC307BE479835783A33A909A1EB3E
PeID
Microsoft Visual C++ v6.0 DLLNullsoft PiMP Stub -> SFX
Overlay_656d32d2.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Name Value
Info
PE Detect: PeReader OK (file layout)
Info
Overlay extracted: Overlay_656d32d2.bin (1040661 bytes)
Overlay_656d32d2.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_MANIFEST
ID:0001
ID:1033
No malware configuration was found at this point.
You must be signed in to view YARA rules.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙