Suspicious
Suspect

Share on LinkedIn
Print
AutoIt Compiled Script
MD5: baf9949e853bc2a3479b10e6335e1bd2
Size: 1.46 MB
application/x-dosexec

Get an AI-generated breakdown of this malware's behaviour, IOCs and recommendations.

AI analysis is available with Essential.
Unlock with Essential
MD5 baf9949e853bc2a3479b10e6335e1bd2
Sha1 33bc48636e242db9bf5efbaebb53ef64b5f10276
Sha256 6aaa12302d88ebf9486d546f7c8c5ea0930ae6e5db2b70cbe0552dc3f57ee2e2
Sha384 1cb85e6a7287d61c3247c2b992e3f2da15e00258796c364a880335198c116c3c0dce7b41f2d549c503354b84082a1186
Sha512 a5d705376cbec52d8d4ccce40803376870002d721bde052a1b917f0fa7b77a5a47bc7f0a09a9be31625bad52d7875e4d2471d3553cdde292b277b72e09fcc55b
SSDeep 24576:IVD15G5gV/Sk60C2Vf6ugOFhmWGCPguQh7Xz8AFYklnresL7c/YyU:IRG6V/SkI2l6ieCIRn8AFYiCsc1U
TLSH 966533D3456293A7DDA12876B4706B051FCF25247DC307BE479835783A33A909A1EB3E
PeID
Microsoft Visual C++ v6.0 DLLNullsoft PiMP Stub -> SFX
Overlay_656d32d2.bin
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.ndata
.rsrc
Resources
RT_ICON
ID:0001
ID:1033
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
RT_DIALOG
ID:0069
ID:1033
ID:006A
ID:1033
ID:006F
ID:1033
RT_GROUP_CURSOR4
ID:0067
ID:1033
RT_MANIFEST
ID:0001
ID:1033
Name Value
Info
PE Detect: PeReader OK (file layout)
Info
Overlay extracted: Overlay_656d32d2.bin (1040661 bytes)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙