Sample details: 3ea9d0c6cad2df4f6583efb879ea8fff

Hashes
MD5: 3ea9d0c6cad2df4f6583efb879ea8fff
SHA1: ca3aecf139a699dce83f43c8366079c986e09a34
SHA256: b1d44e5cb5491bfda8386a005f1306475edf1da302556b3af2b9f9746393fd3c
SSDEEP: 12288:zMlZ72eZSvPEC7gD/GEtnziljSob+qL6xI6wQRF+i9lm4zEZJV9YR6HZZSdU2miE:63+cC7UGEt0DiJIrQ/+p4YXrYWZ0dU2E
Details
File Type: PE32
Yara Hits
YRP/VC8_Microsoft_Corporation | YRP/Microsoft_Visual_Cpp_8 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/anti_dbg | YRP/escalate_priv | YRP/screenshot | YRP/win_token | YRP/win_files_operation | YRP/win_hook | YRP/Str_Win32_Winsock2_Library |
Source
http://telosbeauty.ru/files/news.exe
http://telosbeauty.ru/files/news.exe