MalShare

Sample details: 1960f95c4f8c84bddf829e48ca6fefc3 --

Hashes
MD5: 1960f95c4f8c84bddf829e48ca6fefc3
SHA1: a8830e3f81a0399a0bf83a0974e368acc684a826
SHA256: 873e39a70741db63d2c096450eb5db78bdc8fb04b4bb91f2ea13e8537b71eb53
SSDEEP: 1536:/sk280aSMzS5SrUBujWUUTz6Yb3FtcYm4r3p7RzWe:/s/80apIlBumiYR24r3ppV

Details
File Type: PE32

Yara Hits
YRP/IsPE32 \| YRP/IsWindowsGUI \| YRP/IsPacked \| YRP/HasDebugData \| YRP/HasRichSignature \| YRP/domain \| YRP/IP \| YRP/contentis_base64 \| YRP/anti_dbg \|

Source
http://mekizmir.com/mrjqKa/

Strings
!This program cannot be run in DOS mode. `.pdata @.data t$P+T$l;T$P T$0+L$l D$49D$Lt 0,"$;L$ atE+D$$ 9L$@rJ D$\iL$@ D$\iL$@ L$t5v1 L$D9D$` D$,;D$ ffffff. D$XFGGl D$P5E}1 T$\=0! D$D9D$P I(W+D$T9D$0 D$xNga \|$p t< CIXDV2 prP43f RSDSZ a xb4PfjG48nfkqt.pdb lstrcmpW GetDiskFreeSpaceExA IsDebuggerPresent lstrcmpiW OpenThread GetThreadPriority CloseHandle CreateFileW GetFileType GetFileSize GetModuleFileNameW lstrlenW VirtualQuery GetCurrentThread KERNEL32.dll NdrConformantArrayUnmarshall RPCRT4.dll CryptCATAdminAddCatalog WINTRUST.dll PathIsPrefixW PathGetArgsW StrCatBuffW PathIsRelativeW SHLWAPI.dll memcpy ntdll.dll GetInputState GetFocus EnumDisplaySettingsA GetClipCursor GetCaretBlinkTime RegisterClassW USER32.dll J;J)C ?MGwB Z8~Ef( WP1RfO f6,pol fn,poW fI,poE @`%Ixf A/~?,7 %\CA7Od\(i XG-=)0. X/H@&~ 6\\|J,G e`yX I+ 7JDAe xr0qotU h!K549 (ms"a1( 3C]hmK C7a)y y~BqA3 =F$Zgbo cA+o;u @G.fu3v {pA$? O]r+!" B0f?Zt k:7d.oU#G Vna mE#=F E=k]ZG H^Tdwc Vd7#!s O >1JyL QBg?53 S1L{JE 4;KDbB ~oX57z }o9\8lw I,O=L!"Y OijO NF cNk(IF 7#gg3k \|j$D(o p ;<Ti7> lc:gqG 4h;>Vte 8oD(z` gkY;t-Z kK\zXp A/4fQZI eiz4I7 'ITXq+q/ L!$qi" }N>{$kR H-vnV j~!4DP Yzc5 M@P-HOx `:0V]R dULhN). ~#"V-4z r9:/ P #1k1mV *pjGbZ 'Wg._A YP`6dk4 4UV7{Z >+_.];

Strings

		!This program cannot be run in DOS mode.
`.pdata
@.data
t$P+T$l;T$P
T$0+L$l
D$49D$Lt
0,"$;L$
atE+D$$
9L$@rJ
D$\iL$@
D$\iL$@
L$t5v1
L$D9D$`
D$,;D$
ffffff.
D$XFGGl
D$P5E}1
T$\=0!
D$D9D$P
I(W+D$T9D$0
D$xNga
|$p t<
CIXDV2
prP43f
RSDSZ a
xb4PfjG48nfkqt.pdb
lstrcmpW
GetDiskFreeSpaceExA
IsDebuggerPresent
lstrcmpiW
OpenThread
GetThreadPriority
CloseHandle
CreateFileW
GetFileType
GetFileSize
GetModuleFileNameW
lstrlenW
VirtualQuery
GetCurrentThread
KERNEL32.dll
NdrConformantArrayUnmarshall
RPCRT4.dll
CryptCATAdminAddCatalog
WINTRUST.dll
PathIsPrefixW
PathGetArgsW
StrCatBuffW
PathIsRelativeW
SHLWAPI.dll
memcpy
ntdll.dll
GetInputState
GetFocus
EnumDisplaySettingsA
GetClipCursor
GetCaretBlinkTime
RegisterClassW
USER32.dll
J;J*)C
?*MGwB
Z8~Ef(
WP1RfO
f6,pol
fn,poW
fI,poE
@`*%Ixf
A/~?,7
%\CA7Od\(i
XG-=)0.
X/H@&~
6\|J,G
e`yX I+
7JDAe 
xr0qotU
h!K549
(ms"a1(
3C]hmK
	C7a)y
y~BqA3
=F$Zgbo
cA+o;u
@G.fu3v
{pA$?	
O]r+!"
B0f?Zt
k:7d.oU#G
Vna	mE#=F
E=k]ZG
H^Tdwc
Vd7#!s
O	>1JyL
QBg?53
S1L{JE
4;KDbB
~oX57z
}o9\8lw
I,O=L!"Y
OijO	NF
cNk(IF
7#gg3k
|j$D(o	p
;<Ti7>
lc:gqG
4h;>Vte
8oD(z`
gkY;t-Z
kK\zXp
A/4fQZI
eiz4I7
'ITXq+q/
L!$qi"
}N>{$kR
H*-vnV
j~!4DP
Yz*c5*
M@P-HOx
`:0V]R
dULhN).
~#"V-4z
r9:/	P
#1k1mV
*pjGbZ
'Wg._A
YP`6dk4
4UV7{Z
>+_.];