Sample details: 7b3491e0028d443f11989efaeb0fbec2 --

Hashes
MD5: 7b3491e0028d443f11989efaeb0fbec2
SHA1: e2efe60cb8bd67840f9a8bf92b57ade97e406a88
SHA256: f9c67313230bfc45ba8ffe5e6abeb8b7dc2eddc99c9cebc111fcd7c50d11dc80
SSDEEP: 24576:6j5M2MNQTkxLYHdDPO/p5gzBs+nTgn0fZKscuEfao:S5tMNQqY9DPUussTgnwVcRfao
Details
File Type: PE32
Yara Hits
YRP/Nullsoft_PiMP_Stub_SFX | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasOverlay | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/escalate_priv | YRP/screenshot | YRP/win_registry | YRP/win_token | YRP/win_private_profile | YRP/win_files_operation | YRP/CRC32_poly_Constant |
Source
http://104.236.16.69/bprocess.exe
http://104.236.16.69/bprocess.exe