Sample details: 4a8a0e41c3870a46df3db17bef5608c3

Hashes
MD5: 4a8a0e41c3870a46df3db17bef5608c3
SHA1: 648cd9c6db1e8a2867f59950d1fa12bdc1be5999
SHA256: 768736bb44d8d105ae2592162701182e1ac31950e65ed40f937fc6d963b3d213
SSDEEP: 6144:vqvDHt5GCCFwRY8PVfM+wmJB5dscJfbwSJ1To4dFS7F7KZuSxuF:yLHtrZRPwmb5dscJZkWc7wxS
Details
File Type: MS-DOS
Yara Hits
YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/Borland_Delphi_30_additional | YRP/Borland_Delphi_30_ | YRP/Borland_Delphi_v40_v50 | YRP/Borland_Delphi_v30 | YRP/Borland_Delphi_DLL | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasOverlay | YRP/HasModified_DOS_Message | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/DebuggerCheck__QueryInfo | YRP/ThreadControl__Context | YRP/inject_thread | YRP/network_http | YRP/network_tcp_socket | YRP/network_dns | YRP/network_dga | YRP/escalate_priv | YRP/screenshot | YRP/win_mutex | YRP/win_registry | YRP/win_token | YRP/win_files_operation | YRP/Advapi_Hash_API | YRP/Str_Win32_Winsock2_Library | YRP/Str_Win32_Wininet_Library | YRP/Str_Win32_Internet_API | YRP/Str_Win32_Http_API | YRP/Atmos_Packed_Malware |
Source
http://kzkoicaalumni.com/dile/us.exe