Sample details: 3fdb044b93cb3de1d8622ee03af9fc65 --

Hashes
MD5: 3fdb044b93cb3de1d8622ee03af9fc65
SHA1: 9a1232f32e5f73cc01d8b39b4e4b957b66632b94
SHA256: 24f30c3a36f822f774a3fc9f19ad6b2a4452c2b2f187694a87592a874d5e735a
SSDEEP: 24:ZHGStt611hbw1jSULsMeiu6DhBJQnQWUiiOfsXYk8gKNnGsHPtqB0Au/:ZvttGbw1jYMe9CjcQWUXksX1BGZHK0B
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/FASM | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Strings
		!This program cannot be run in DOS mode.
carmapi
shell32.dll
ShellExecuteA
R|tyj>
R|wwj>
Uqu|FU
kernel32.dll
GetComputerNameA
GetModuleFileNameA
GetProcAddress
GetShortPathNameA
LoadLibraryA
VirtualAlloc
lstrcatA
lstrlenA