Sample details: a0a56b1f4037d0c6e8fa4814b3dfefa3

Hashes
MD5: a0a56b1f4037d0c6e8fa4814b3dfefa3
SHA1: 2a48fe492fb75c9909f1157c74754ff188a0a31a
SHA256: 4c04b6dd6fb61905c2c5e59fcd3f14f76479a5a810b3c4b58ea0bb5274607793
SSDEEP: 24576:g9bnp6KVuOvEYFNbYxC8ikOqKJP5EsC1fK8oiZ6XBIogtRd3NUxWp:K6K+iN8ikOhvY1fGK6XBIogLd3+Wp
Details
File Type: PE32
Yara Hits
YRP/VC8_Microsoft_Corporation | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/HasDigitalSignature | YRP/HasDebugData | YRP/HasRichSignature | YRP/maldoc_getEIP_method_1 | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/Browsers | YRP/VM_Generic_Detection | YRP/WMI_strings | YRP/ThreadControl__Context | YRP/anti_dbg | YRP/antisb_threatExpert | YRP/antivm_vmware | YRP/network_tcp_listen | YRP/network_smtp_raw | YRP/network_tcp_socket | YRP/network_dns | YRP/screenshot | YRP/keylogger | YRP/win_mutex | YRP/win_registry | YRP/win_private_profile | YRP/win_files_operation | YRP/Advapi_Hash_API | YRP/CRC32_poly_Constant | YRP/CRC32_table | YRP/MD5_Constants | YRP/BASE64_table | YRP/Str_Win32_Winsock2_Library | YRP/Str_Win32_Http_API | YRP/suspicious_packer_section |
Source
http://18231.url.222bz.com/
http://18231.url.tudown.com/