Sample details: 59423723dd74cf15a62e7d61bc1f3a23 --

Hashes
MD5: 59423723dd74cf15a62e7d61bc1f3a23
SHA1: b46da11ad84dbeebcaa2b0982306ad3d325abfbd
SHA256: 185034877a50f14a158eb3eb9fc2230f9a66eb2fbae7f91803fe7f8e3b167399
SSDEEP: 24:ZHGStSJ1DVw1jSULsMei2Fbzl5aLUIBs71A8hd/Ps/gilAYBWI69BBBoMWK5ou/:Zvtyw1jYMeNF15pSsxPd3GYbBoMWK55
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/FASM | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Strings
		!This program cannot be run in DOS mode.
shell32.dll
ShellExecuteA
fBv?wl
kernel32.dll
GetComputerNameA
GetModuleFileNameA
GetProcAddress
GetShortPathNameA
LoadLibraryA
VirtualAlloc
lstrcatA
lstrlenA