Sample details: 3d2661fc93bd5ca807efe8ceef465e4b --

Hashes
MD5: 3d2661fc93bd5ca807efe8ceef465e4b
SHA1: 08e7309783f9bfe7daecb9219bd390cf481b4fcd
SHA256: f0fe4bbeb1514ccd24b7723441d9982a1b6c90e1699ae533ac02bf60f7b97756
SSDEEP: 768:c8tM8aXhaZnIRmqIMgqMdebwJQAe/MqE5T5Lk0RMkA6DPEnZS+72Tpi7D:cH8aIyxJkZeUj1k09NDE
Details
File Type: MS-DOS
Yara Hits
YRP/MPRESS_V200_V20X_MATCODE_Software_20090423 | YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h | YRP/mpress_2_xx_x86 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasModified_DOS_Message | YRP/maldoc_getEIP_method_1 | YRP/domain | YRP/contentis_base64 | YRP/Str_Win32_Winsock2_Library | YRP/suspicious_packer_section |
Strings
		!Win32 .EXE.
.MPRESS1
.MPRESS2`
:A/D'K
Z C\`	
A[G*/@
(F=N@/
	 YU8nYY
o6W5d5
~CWRb^
]YGI%*.
,:=-ket
83+~&@
(rR)8,
}A4?ruix
3xmAJN
4fa{cm
)%)i?E
&V<{!tg+k0?%Kv
HD0,~`]
 V[RzY
^B=JEF
2'Qu`(
)H&!x"$
qCRi,t#}
w<Fk!`Y;0
-t(@Px*
nU=Fe\,(
Jl/e]'
{`) xt
k{$A(l
BXC'v^a
qQ*4c?
Rz^DDP
`mz"!Al
>0*)s;[|
x&3M\II60
{_pbD|
*j<_m-
t{ZhLI
hP tT;W
RdlB?$.=
v:=< T
Ffst;=
a^c	,!
 b'^p4
	,1~&v
!P"%\Z
!9 y;@
@_{(Sp)
+0zUZ;
	10G2J
9LT7/J
	:R>Iv
Fqk;wmD=
0b?{rw
+W[J=Y
K 6rV9
HryG3"
}{?RS~e
C&Om&c0e
wNl\`o8
&m%Bk9
R Xg"Y
Q3OG9e
L8\1^x
1$	b57$
v{_:@9S{
6WB#V&	?7
v.]#2_
O zfoO
	)h4+!S(
"?ZL[D
P>_&:P:
7y[`9C
0F$^/	
CFjh%I?
`1.FKQ1,
\wF=eG
4^Q*~C
Y&_`x=
s;MM5/o>
&uB8Gz
 mu2I5
JZqe	0
)*D%#H
.sA.R|
d9MrXqg?
~;Op{^
byRw?+y
GetModuleHandleA
GetProcAddress
KERNEL32.DLL
WS2_32.dll
ole32.dll
CoInitialize
OLEAUT32.dll
t$t#t$l
D$t#D$h
D$t+D$\
.)D$H+
s`)L$4
D$t+D$\
9l$\w`