Sample details: 7028f7db0794e5828c35378df491d1bc --

Hashes
MD5: 7028f7db0794e5828c35378df491d1bc
SHA1: 99d1c2e675397fce8c3fa0cda362c6cf9761fe58
SHA256: 8655fb0ba3e61b2285ec50145cb5f863c6af92482a6c939d63d62b9b1112c921
SSDEEP: 12288:JiQ1YJyv/Kd2DhqYGvgt5cJenPuRTpeh/I0FcLJT9ekZPNm2nxUuY:JiMi2DhV5Zun8ctT9eaPfxUuY
Details
File Type: PE32
Yara Hits
YRP/VC8_Microsoft_Corporation | YRP/Microsoft_Visual_Cpp_8 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/HasDigitalSignature | YRP/HasDebugData | YRP/HasRichSignature | YRP/maldoc_find_kernel32_base_method_1 | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/System_Tools | YRP/Dropper_Strings | YRP/WMI_strings | YRP/Misc_Suspicious_Strings | YRP/anti_dbg | YRP/antisb_threatExpert | YRP/create_service | YRP/network_tcp_listen | YRP/network_tcp_socket | YRP/network_dns | YRP/escalate_priv | YRP/screenshot | YRP/keylogger | YRP/migrate_apc | YRP/rat_rdp | YRP/win_mutex | YRP/win_registry | YRP/win_token | YRP/win_files_operation | YRP/CRC32_poly_Constant | YRP/CRC32_table | YRP/MD5_Constants | YRP/SHA1_Constants | YRP/BASE64_table | YRP/Str_Win32_Winsock2_Library | YRP/Ammyy_Admin_AA_v3 | YRP/GenerateTLSClientHelloPacket_Test |
Strings