Sample details: 39a16fd42851ca26c80a9aa2161e0382 --

Hashes
MD5: 39a16fd42851ca26c80a9aa2161e0382
SHA1: 9f25ab2a31c7c85ee3b82bae43afd2e21afc37d8
SHA256: 857ce11c82c93d202c2d34fbd444e68dace771b9da3d9fbc127dd99dccb2f9f5
SSDEEP: 12288:jhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4ajgmGU3qT53hSLh5:pRmJkcoQricOIQxiZY1iajgml3q5hSh5
Details
File Type: PE32
Yara Hits
YRP/VC8_Microsoft_Corporation | YRP/Microsoft_Visual_Cpp_8 | YRP/AutoIt_2 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/HasRichSignature | YRP/AutoIt | YRP/maldoc_getEIP_method_1 | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/AutoIT_compiled_script | YRP/anti_dbg | YRP/inject_thread | YRP/network_http | YRP/escalate_priv | YRP/screenshot | YRP/keylogger | YRP/win_registry | YRP/win_token | YRP/win_files_operation | YRP/CRC32_poly_Constant | YRP/CRC32_table | YRP/MD5_Constants | YRP/Str_Win32_Winsock2_Library | YRP/Str_Win32_Wininet_Library | YRP/Str_Win32_Internet_API | YRP/Str_Win32_Http_API |
Source
http://fbcom.review/f/0.exe
http://fbcom.review/f/0.exe