Sample details: 4ebc3e0f90d4aeff9e5c7a3461515e12

Hashes
MD5: 4ebc3e0f90d4aeff9e5c7a3461515e12
SHA1: 66c19b248b6c22f0d6f7496abcb85282094bef99
SHA256: 2e0fecb31852c1f176552e74bfc80f1071ac0cbc9f82b63cfea66e7bb84e64ac
SSDEEP: 3072:WwJ52Y7ZoH5XJa06Q6VJkvQ3FdHnpzB2MgUGrvQxeXS7tnHeo1zTV5ZPJ9Cx+ZZF:WwHys0b0JkCdHpl2HUUGeC7JdV5Z8y
Details
File Type: PE32
Yara Hits
YRP/Nullsoft_PiMP_Stub_SFX | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasOverlay | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/escalate_priv | YRP/screenshot | YRP/win_registry | YRP/win_token | YRP/win_private_profile | YRP/win_files_operation | YRP/CRC32_poly_Constant |
Source
http://securedownload2.duckdns.org:7373/docs/RFQ6.exe