Sample details: 009decb1c5da81bce84bd74b11092736 --

Hashes
MD5: 009decb1c5da81bce84bd74b11092736
SHA1: 266842590eeeb4e777065b3d62f4fec9433f3fe4
SHA256: c9d26b5d65065e695baee48b3e3b281dfd02c678127f772e66ded1f49e9fe97d
SSDEEP: 96:NCvbiaR1+4EfaIJ+TCHrWZC3pd+lq3jzd:NKVXdmfrqC3pdlz5
Details
File Type: MS-DOS
Added: 2018-02-26 18:32:39
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/HasModified_DOS_Message | YRP/domain | YRP/contentis_base64 | YRP/suspicious_packer_section | FlorianRoth/DragonFly_APT_Sep17_3 |
Parent Files
6cab08cf8fa7773248f484cb2309a919
Strings
		KERNEL32.dll
LoadLibraryA
GetProcAddress
""""""/
"&fff""
"&fffff"/
&fffffff"
"ffffffffb/
&fffffffff"
"fffff
"fffff
"ffffo
"ffffo
"ffffo
"ffffo
"ffffo
fffffb/
"&fffffffff"/
&fffffffff"
"ffffffffb/
&fffffff"
"&fffff"/
"&fff""
""""""/
ltips_c
$(y"Dx
BB&*$_
(n$VSiq
u:Ja#hl0 
XGor 8n!u
oe)`nEL
BX8!$K
f\CYCd8W$r
rRxnFDiq
C$DEerPh
L32.dql
xitProceqs
>Wcitow
ajgzB<xP=r1m<Gn