Sample details: 2f9bc6d9f1bfeca136d191539ee54bbc --

Hashes
MD5: 2f9bc6d9f1bfeca136d191539ee54bbc
SHA1: 29d3a9c6aa16494c099b15d852b244bdc8e1e4ba
SHA256: 465d57b329f117e8e437c7ec03edddd18c2ed212bc607f6635c3ab29ac35b13e
SSDEEP: 768:SCIqdH/k1ZVcT194jp4XKTJ8lS9zE5TkaK7LBlehBaqQxR2djKdlmxQCEC:SNqaLV8a6R2E9kaKZ8hdOXmaU
Details
File Type: PE32
Yara Hits
YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet | YRP/UPX_wwwupxsourceforgenet_additional | YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h | YRP/Netopsystems_FEAD_Optimizer_1 | YRP/UPX_290_LZMA | YRP/UPX_290_LZMA_Markus_Oberhumer_Laszlo_Molnar_John_Reiser | YRP/UPX_290_LZMA_additional | YRP/UPX_wwwupxsourceforgenet | YRP/UPX290LZMAMarkusOberhumerLaszloMolnarJohnReiser | YRP/upx_3 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasOverlay | YRP/domain | YRP/contentis_base64 | YRP/win_registry | YRP/Str_Win32_Winsock2_Library | YRP/UPX | YRP/suspicious_packer_section |
Sub Files
d718b6502abebc760f6e72b7c0187397
Strings
		!This program cannot be run in DOS mode.
4|tld\
IEFrame
ATH_Note
rctrl_renwn
c:\sDec
Sep3ug
/%s, %u
Kazaa L
W0RAR.v.3Z.
d.key#
comhdeRe$t
dnsapi
cabu'mas
vGubm{l
crosoftd
gold-Uk;s
foG+lc-
rrsf.)OW
og3gnu
USERPROFILE
\c$Yf/j
<$t>?Pl,e%p>0|Bc
(`r[a<b
Ve-DAE
<("P"C"8
&!Vo<SDj=
tQ"K O
ABCDEFGHIJK
LMNOPQRSTUVWXYZ c
jklmFpq
23456789+/
 6.00.26
3IMEO,4P
uTBy@Mf
r="R"s
p}appmI/
] KlhJ
c|pLh$;x
crosofi
it\Win
Curren
ion\RuH
I2\CSW
iiniGn
et.dll[
K?GOGSU~m3
0^]8PU
_t$@SDI
W*Xp0,
<<@t?(T
S;1YU2
vAa+qYDW
j2.`h 
Mp6l:p
`	djk7&s
\Micro
,sof\W,
,AB\WA
ile Na
btN<db7
75<w_u
V=TemF
(ht!h`
}d4H1A|(}.
hXPkWPQ
,>kA&5
~E< r8<=t4<+t0<
Lv7GR<Y
@&o4,;
bFO><:t9.5
ao8:ua
=+(~.*%8
|#eXrk
p&hh.`
3B@$`W
^xW0vv
lOPuDH
wu)P/xA
y@*-&@'
)>7`03V4i
G]%Djd
( G;(|
PGtop&0=
YWWh>x
,TempF
MGlobalAl
ViewOf
deChl4M
_um{@0s
wwwwwww
KERNEL32.DLL
ADVAPI32.dll
MSVCRT.dll
USER32.dll
WS2_32.dll
LoadLibraryA
GetProcAddress
ExitProcess
RegCloseKey
wsprintfA
Ym]EhZ
dywCbxe
ZA@{*?
*?/fEv
p	WB);T
#3(BD6
YN f)P
 ?_12Ajx
vEKDo*
f#*@[%
z3E\8N