Sample details: bddd8d5f29b42339d86b2316cd60d629

Hashes
MD5: bddd8d5f29b42339d86b2316cd60d629
SHA1: c7291814852a433519f9f04abe77f556fdae7ee6
SHA256: 1314d86808f9eeb9076e06abc98cf2cc568f1a1ac35a66dc5bc83fcc3983946f
SSDEEP: 6144:A0S1IQftyFCj1Ui2iyvX77Sd6IUczhBYEwPh9OHSk2VbVOINYLOZALA:A0S1rGCj1UAISYRG/qmL2VpOIsOF
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/suspicious_packer_section |
Source
http://gg.usdipc.com/vnow.exe
http://gg.usdipc.com/vnow.exe