Sample details: 28e92427192f81f6f697f7af9e7d5d97 --

Hashes
MD5: 28e92427192f81f6f697f7af9e7d5d97
SHA1: 98a0a28b31ed8a4b894618e8e3876f5da3226bfb
SHA256: f637daa8d5e9039c8da74bca82a99260fde35ff92190ff1880b16a49fc2bfcdb
SSDEEP: 12288:iBKZ88tfC8sdbSL0jwjlPkjgD2KkJeLCFO9bjau48L:iBKZplCJdbG0jalcOdBbOuVL
Details
File Type: PE32
Yara Hits
YRP/UPX_v0896_v102_v105_v122_Delphi_stub_additional | YRP/UPX_v0896_v102_v105_v122_Delphi_stub_Laszlo_Markus | YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet | YRP/UPX_wwwupxsourceforgenet_additional | YRP/MSLRH_V031_emadicius | YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h | YRP/UPX_v0896_v102_v105_v122_Delphi_stub | YRP/UPX_wwwupxsourceforgenet | YRP/Borland | YRP/UPXv20MarkusLaszloReiser | YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser | YRP/UPXProtectorv10x2 | YRP/UPX20030XMarkusOberhumerLaszloMolnarJohnReiser | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/contentis_base64 | YRP/UPX | YRP/suspicious_packer_section |
Sub Files
544fb46a80f1ba90c9a60624fd40a4b3
Source
http://lead.bilisim2023.com/tk.exe
Strings