Sample details: a033c44c2d1cae1d6fc725de57788b82 --

Hashes
MD5: a033c44c2d1cae1d6fc725de57788b82
SHA1: 283abd37de96a1cb57f6b18efaffa3c83f80108f
SHA256: 6ec48720ad3ed342b482e59f04288b3e007eb5afd7c214cac174c3f3e5a057c5
SSDEEP: 192:b6YZ6hDSK1Vxw2eqqzqu8nzS8ARwSAD9yz6dmvEb:rZo91VC2mzqusNARw5D9yOdms
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | FlorianRoth/DragonFly_APT_Sep17_3 |
Parent Files
046c70a6583d4218e2d677abf5fb30f5
Strings
		!This program cannot be run in DOS mode.
Rich)-
`.data
MSVBVM60.DLL
plkmnbb
asdasd asdasd
plkmnbb
module
plkmnbb
kernel32
shell32.dll
ShellExecuteA
SetEnvironmentVariableA
VBA6.DLL
__vbaAryUnlock
__vbaNextEachVar
__vbaInStr
__vbaStrVarCopy
__vbaVarTstNe
__vbaFreeVar
__vbaFreeStr
__vbaVarZero
__vbaVarMove
__vbaForEachVar
__vbaStrVarMove
__vbaStrMove
__vbaHresultCheckObj
__vbaNew2
__vbaFreeVarList
__vbaFreeObj
__vbaFreeStrList
__vbaSetSystemError
__vbaVarCat
__vbaStrVarVal
__vbaStrToAnsi
__vbaObjSetAddref
__vbaVarDup
__vbaOnError
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaNextEachVar
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
__vbaVarZero
__vbaChkstk
DllFunctionCall
_adj_fpatan
_CIsqrt
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
__vbaVarCat
_CIlog
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaVarTstNe
__vbaVarDup
__vbaStrToAnsi
_CIatan
__vbaStrMove
__vbaForEachVar
__vbaStrVarCopy
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
   <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
      <security>
         <requestedPrivileges>
            <requestedExecutionLevel
               level="requireAdministrator"
               uiAccess="False"/>
         </requestedPrivileges>
      </security>
   </trustInfo>
</assembly>