Sample details: af207a19fbe313e3f7e123b6b2acffd4

Hashes
MD5: af207a19fbe313e3f7e123b6b2acffd4
SHA1: c7527273bd86429c2f45298b64df5353d9943659
SHA256: 3246d1272191ea0c72dee7fa252b905085570e649f433c3ccbe7f308bc6cfc53
SSDEEP: 24576:CBkVXyEY13Z9UhEXX8yX8ItX6oIK/LquC8t4lZxCuRawzFkG5:CBkVCEGn8ctX5lTnC8t4lZxCuYwzGG5
Details
File Type: PE32
Yara Hits
YRP/Borland | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasOverlay | YRP/borland_delphi | YRP/domain | YRP/contentis_base64 | YRP/screenshot | YRP/keylogger | YRP/win_registry | YRP/win_files_operation | YRP/win_hook | YRP/Delphi_FormShow | YRP/Delphi_CompareCall | YRP/Delphi_Copy | YRP/Delphi_StrToInt |
Source
http://cervamus.cf/download/attachments-21-11-2017.exe
http://cervamus.cf/download/attachments-21-11-2017.exe