Sample details: 8c1d9a2f6ca21dfc6b828a89efbfecb9 --

Hashes
MD5: 8c1d9a2f6ca21dfc6b828a89efbfecb9
SHA1: 596f835eb8dd8c6ea90a48b22925271b9cd99d09
SHA256: 0103b2b1db54c1781ae4dcbf7902d797eb1523841b43cc24f8179c070ec3c96b
SSDEEP: 24:ZHGStIewxGuYFbKU7tsi+H9gAu73iwCUTWXA/kUApC173JcRd0u/:ZvtoPYFbTtsTH9g5biZw/8o1+dt
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/FASM | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Strings
		!This program cannot be run in DOS mode.
.daxzcc
shell32.dll
ShellExecuteA
kernel32.dll
CreateFileA
GetComputerNameA
GetModuleFileNameA
GetProcAddress
GetShortPathNameA
LoadLibraryA
VirtualAlloc
lstrcatA
lstrlenA