Sample details: 632dbaea669c7cd5e865980c15f1ab3d --

Hashes
MD5: 632dbaea669c7cd5e865980c15f1ab3d
SHA1: f0360cfe68e5405f914083eeb7972dbc2ed29c89
SHA256: eedb2e5f1009f1ec7a450fe0d372b1bfc54ed9b521ff2cf7d35170cfface45a7
SSDEEP: 24:ZHGStUdaic0UrckeiR42OFfdo1WvvJZsOsyBKyoDa1KUJrTjn42vL61TRd0u/:ZvtqcxveT2qf66BKjORJzn42D2dt
Details
File Type: PE32
Added: 2019-10-09 09:59:56
Yara Hits
YRP/Microsoft_Visual_Basic_v50 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/FASM | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Strings
		!This program cannot be run in DOS mode.
.dasadccD
cdasxc
shell32.dll
ShellExecuteA
3rYt3J
sJu[`n
kernel32.dll
CreateFileA
GetComputerNameA
GetModuleFileNameA
GetProcAddress
GetShortPathNameA
LoadLibraryA
VirtualAlloc
lstrcatA
lstrlenA