Xcitium Cloud Verdict

File Name: AutoKey.exe.malware

File Type: PE32 executable (console) Intel 80386, for MS Windows

SHA1: 83555e4d225b6c2f74ea4661cefd9f9e9b22970d

MD5: 4a537d90e7f0ffb3a331c6d885e54a79

Download Kill Chain Report

CREATED / DROPPED FILES

File Path	Type and Hashes

MATCH YARA RULES

Match Rules

STATIC FILE INFO

File Name:	AutoKey.exe.malware
File Type:	PE32 executable (console) Intel 80386, for MS Windows
SHA1:	83555e4d225b6c2f74ea4661cefd9f9e9b22970d
MD5:	4a537d90e7f0ffb3a331c6d885e54a79
First Seen Date:	2023-06-24 09:17:50.840095 ( 2023-06-24 09:17:50.840095 )
Number of Clients Seen:	3
Last Analysis Date:	2023-06-24 14:05:21.486252 ( 2023-06-24 14:05:21.486252 )
Human Expert Analysis Date:	2023-06-25 14:57:44.878255 ( 2023-06-25 14:57:44.878255 )
Human Expert Analysis Result:	Malware

ADDITIONAL FILE INFORMATION

PE Headers

Property	Value
magic literal enum	1
file type enum	6
debug artifacts	[]
number of sections	11
trid	[]
compilation time stamp	0x6495A4FB [Fri Jun 23 13:58:19 2023 UTC]
entry point	0x44b1ef (.text)
machine type	Intel 386 or later - 32Bit
file size	1174968
ssdeep
sha256	b8e5c688ae452cb32081a9d049f7c7a7532f330df35e87d72ab8ac96f9153feb
exifinfo	[]
mime type	application/x-dosexec
imphash

File Paths

File Path on Client	Seen Count
83555e4d225b6c2f74ea4661cefd9f9e9b22970d	1

PE Sections

Name	Virtual Address	Virtual Size	Raw Size	Entropy	MD5
.textbss	0x1000	0x49532	0x0	0.0	d41d8cd98f00b204e9800998ecf8427e
.text	0x4b000	0xa7839	0xa7a00	5.73813197992	75ee95bc69ffe22444dd20598f40f9aa
.rdata	0xf3000	0x1afa2	0x1b000	4.09784659054	72d7ffb41a60905d8d5edbfae53f83c8
.data	0x10e000	0x4da0	0x3000	3.71813935214	dc954b9395bf37b8ffe8055a0d232ab7
.idata	0x113000	0x1474	0x1600	4.62231358499	be4093ec2ff9940650a1b931f9166787
.bss	0x115000	0x3ef6d	0x3f000	6.12213633467	f0a9cca51fa2463ee02b56a33afb694c
.xsbss	0x154000	0x116	0x200	0.0	bf619eac0cdf3f68d496ea9344137e8b
.tls	0x155000	0x309	0x400	0.0111738187212	c573bd7cea296a9c5d230ca6b5aee1a6
.00cfg	0x156000	0x10e	0x200	0.110557131259	3d41ec9475fa1e437dc48bd5b0376e2b
.reloc	0x157000	0x5f81	0x6000	5.97136918245	235bd02debd0b91decf65e56aedc3df4
.rsrc	0x15d000	0x50e	0x600	4.72602877122	1cfcfeee338e96cbf0438e87eb7a60f0

PE Resources

{u'lang': u'LANG_ENGLISH', u'name': u'RT_MANIFEST', u'offset': 1429592, u'sha256': u'a43ab388e18d22dc45574c702b2e9ca1a873f3be65e81869f2902892c37b4695', u'type': u'XML 1.0 document, ASCII text, with CRLF line terminators', u'size': 1206}

CERTIFICATE VALIDATION

Loading...