Sample details: dcbf39eb29cf625e9ff396768e045429

Hashes
MD5: dcbf39eb29cf625e9ff396768e045429
SHA1: 3947ff2f7323c46120640b1c97fe4c77f0161774
SHA256: 1a32fae4ae9f25a5874bac6430c055ef48b006e9ba92efbedfab6fe3eaaba8b1
SSDEEP: 12288:kxs7CHGJXz3vzdD+P1w7UfdQjrdqratnNoEquBR0Xt0SY+esTCmUZ9h:kxsum5z3bt4w7UKj3te912mUXh
Details
File Type: PE32
Yara Hits
YRP/ASProtect_v123_RC1 | YRP/ASProtect_v12x_New_Strain_additional | YRP/Microsoft_Visual_Basic_v50 | YRP/ASProtect_v12x_New_Strain | YRP/ASProtect_v11_BRS | YRP/ASProtect_V2X_Registered_Alexey_Solodovnikov | YRP/ASProtect_133_21_Registered_Alexey_Solodovnikov | YRP/VMProtect_1704_phpbb3 | YRP/ASProtect_v12_additional | YRP/ASProtect_123_RC4_130824_Solodovnikov_Alexey | YRP/ASProtect_133_21_Registered_Alexey_Solodovnikov_additional | YRP/ASProtectSKE21xexeAlexeySolodovnikov | YRP/ASProtect13321RegisteredAlexeySolodovnikov | YRP/ASProtectv12xNewStrain | YRP/ASProtectv123RC1 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/HasModified_DOS_Message | YRP/domain | YRP/contentis_base64 | YRP/keylogger | YRP/win_registry | YRP/Str_Win32_Winsock2_Library | YRP/suspicious_packer_section |
Source
http://translink.lk/images/6v.exe