Sample details: 2ae85324234dd99b418a578df2a3c594 --

Hashes
MD5: 2ae85324234dd99b418a578df2a3c594
SHA1: 67a33569e74a8a9a49c0aa242c77aa431c833303
SHA256: e36e64302515b1465d197e94c77409ae372467cfe6fa97788beb804b7485ea13
SSDEEP: 24576:44lavt0LkLL9IMixoEgeay6BJ4E5Yzq9MmCS:Pkwkn9IMHeay6BYaPCS
Details
File Type: PE32
Yara Hits
YRP/Str_Win32_Winsock2_Library | YRP/Str_Win32_Wininet_Library | YRP/Str_Win32_Internet_API | YRP/Str_Win32_Http_API | YRP/AutoIT_compiled_script | YRP/contentis_base64 | YRP/domain | YRP/IP | YRP/AutoIt_2 | YRP/VC8_Microsoft_Corporation | YRP/Microsoft_Visual_Cpp_8 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/AutoIt | YRP/anti_dbg | YRP/inject_thread | YRP/network_http | YRP/escalate_priv | YRP/screenshot | YRP/keylogger | YRP/win_registry | YRP/win_token | YRP/win_files_operation | YRP/CRC32_poly_Constant | YRP/CRC32_table |
Source
http://margivisualart.com/images/ziko.exe
http://margivisualart.com/images/ziko.exe