Sample details: 6a61a3b20065488d1ec9a5157adb5c52

Hashes
MD5: 6a61a3b20065488d1ec9a5157adb5c52
SHA1: 95d8b87390603404925f8a4e0f9e060a2bf1c93c
SHA256: 8885e090d10e36260544297872e092bd441769ff5a32551dfeb22edd3b0577a7
SSDEEP: 3072:VwJ52Y7ZoH5XJayrWRAvGoDR+V1QLt9SCJabFGBWpse72vrwOmseIAnOl9fufzLU:VwHyspX041Q/IbFNse72PAObfuLLBc0I
Details
File Type: PE32
Yara Hits
YRP/Nullsoft_PiMP_Stub_SFX | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasOverlay | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/escalate_priv | YRP/screenshot | YRP/win_registry | YRP/win_token | YRP/win_private_profile | YRP/win_files_operation | YRP/CRC32_poly_Constant |
Source
http://securedownload2.duckdns.org:7373/docs/RFQ5.exe