Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: 1b02577f0addea32eb02a50d4a4cdd1e --

Hashes
MD5: 1b02577f0addea32eb02a50d4a4cdd1e
SHA1: 36f701ccec78a5d218fea23fd05351890f14cf7d
SHA256: 6ea525bface5467c1045c3708f339a4b92a3a273f70656e061c7f7322c56d667
SSDEEP: 384:cogoEvM/uFrR+X6QNn1pcJIrWocDGWct:cogoEvM0rgqQNn3
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/ImportTableIsBad | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Parent Files
714a658c266c2a4e644e42d4a983a500
Source
Strings
		!This program cannot be run in DOS mode.
Rich!4O
@.reloc
`stdoleWW
7DISPPARAMSWW
	8\ZEXCEPINFOWWW,
IUnknown
IDispatchWWW
IEnumVARIANTX
OLE_COLORWWW
UOLE_XPOS_PIXELSW 
OLE_YPOS_PIXELSW
OLE_XSIZE_PIXELS
OLE_YSIZE_PIXELSL
OLE_XPOS_HIMETRICWWW
OLE_YPOS_HIMETRICWWW
OLE_XSIZE_HIMETRICWWx
883OLE_YSIZE_HIMETRICWW
=OLE_XPOS_CONTAINERWW@
OLE_YPOS_CONTAINERWW
OLE_XSIZE_CONTAINERW
OLE_YSIZE_CONTAINERWl
8(oOLE_HANDLEWW
WOLE_OPTEXCLUSIVE4
2OLE_CANCELBOOLWW
9OLE_ENABLEDEFAULTBOOLWWW
OLE_TRISTATE`	
FONTNAME
FONTSIZE(
FONTBOLD
FONTITALICWW
NFONTUNDERSCOREWWT
FONTSTRIKETHROUGHWWW
IFontWWW
IFontDispWWW
}StdFontWH
IPicture
*PictureW
IPictureDispt
StdPictureWW
LoadPictureConstants<
-StdFunctions
FontEventsWW
IFontEventsDispW
@1Data1WWW
A1Data2WWW
B1Data3WWW
C1Data4WWWd
F}rgvargWWd
rgdispidNamedArgsWWWd
cArgsWWWd
cNamedArgsWW
wCodeWWW
wReservedWWW
XDbstrSourceWW
bstrDescriptionW
bstrHelpFile
dwHelpContextWWW
;dpvReservedWW
pfnDeferredFillInWWW
/scodeWWW,
QueryInterfaceWW
ppvObjWW,
AddRefWW,
oaReleaseW
dmGetTypeInfoCount
pctinfoW
gPGetTypeInfoW
SitinfoWW
pptinfoW
GetIDsOfNamesWWW
rgszNamesWWW
`-cNamesWW
rgdispid
InvokeWW
dispidMember
wFlagsWW
,pdispparamsW
OHpvarResultWW
pexcepinfoWW
puArgErr
rgvarWWW
pceltFetched
>ResetWWW
CloneWWW
ppenumWW
UncheckedWWW
CheckedW
pnameWWW
psizeWWW
pboldWWW
ItalicWW
pitalicW
UnderlineWWW
punderlineWW
StrikethroughWWW
hjpstrikethroughWW
WeightWW
pweightW
Q#CharsetW
pcharset
<hFontWWW
phfontWW
`ppfontWW
w'IsEqualW
pfontOtherWW
]'SetRatio
PcyLogicalWWW
cyHimetricWW
AddRefHfontW
L]ReleaseHfontH
HandleWW
phandleWH
ZphpalWWWH
ptypeWWWH
hNWidthWWW
pwidthWWH
HeightWW
WmpheightWH
2:RenderWW
_cxSrcWWW
cySrcWWW
|prcWBoundsWWH
CurDCWWW
fphdcOutWH
SelectPictureWWW
kphdcInWWW
phbmpOutH
PKeepOriginalFormatWW
SpfkeepWWH
wPictureChangedWWH
SaveAsFileWW
UfSaveMemCopy
pcbSizeWH
AttributesWW
pdwAttrWH
SetHdcWW
DefaultW
MonochromeWW
VgaColor
02FColorWWW<
LoadPictureW
filename
widthDesired
heightDesiredWWW
oflagsWWW
;retvalWW<
SavePictureW
#LFontChangedW
PropertyName
OLE Automation
Font ObjectWWW
Picture Object"
Functions for Standard OLE Objects#
Event interface for the Font objectWWW
Loads a picture from a fileWWW
oleaut32.dllWW
OleLoadPictureFileExWW
Saves a picture to a fileW
OleSavePictureFile