Sample details: c6c15d4a61170c896db5d8ead0531c95

Hashes
MD5: c6c15d4a61170c896db5d8ead0531c95
SHA1: d574ac17d54a084e22db08b8dab7568a63aaa83c
SHA256: 72a5196c50794d002cce1ba0e71c6f8130fce8255d7af661e9878f8f2f495b23
SSDEEP: 12288:rxdjeWXKvXVwA3jGz/daXi7UyVx8wGfbeqegi:tHKvpjwf7n8wGfjeB
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/Qemu_Detection |
Source
http://aboukangaz.com/ghost/PI.exe