Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: a2bd0b5ef0fefbc89225597dbc9b0d52 --

Hashes
MD5: a2bd0b5ef0fefbc89225597dbc9b0d52
SHA1: 3e744934e86de5661d3fd21ea322901acfc1bde9
SHA256: f9aba9cbc73dc8676e59cf245e8c31a048ff94ced96b298e00eb09501ac1b27b
SSDEEP: 384:uthxm0UDoGZY0wZcyEziiICfi+u2XvGJjT+fgQ/CV6K4W:x0UDoGS0wZcdi+h/GNqM7R
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsNET_DLL | YRP/IsDLL | YRP/IsConsole | YRP/domain | YRP/IP | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Parent Files
04f452bfd5824560f096fe8e2e214607
Strings
		!This program cannot be run in DOS mode.
.textxc
`.idata
@.reloc
B.rsrc
v2.0.50727
#Strings
ShockwaveFlashObjects.dll
ImportedFromTypeLibAttribute
System.Runtime.InteropServices
GuidAttribute
TypeLibVersionAttribute
TypeLibTypeAttribute
DispIdAttribute
InterfaceTypeAttribute
EXCEPINFO
stdole
ClassInterfaceAttribute
ComSourceInterfacesAttribute
Object
System
CoClassAttribute
ComEventInterfaceAttribute
ComVisibleAttribute
MulticastDelegate
DISPPARAMS
TypeLibTypeFlags
ClassInterfaceType
IDisposable
IConnectionPointContainer
System.Runtime.InteropServices.ComTypes
ArrayList
System.Collections
IConnectionPoint
Monitor
System.Threading
Delegate
Marshal
Exception
AttributeUsageAttribute
AttributeTargets
Attribute
String
<Module>
IShockwaveFlash
ShockwaveFlashObjects
ICanHandleException
_IShockwaveFlashEvents
ShockwaveFlash
_IShockwaveFlashEvents_Event
IFlashFactory
IFlashObjectInterface
IDispatchEx
IServiceProvider
FlashObjectInterface
IFlashObject
FlashObject
_IShockwaveFlashEvents_OnProgressEventHandler
_IShockwaveFlashEvents_FSCommandEventHandler
FlashObjectInterfaceClass
_IShockwaveFlashEvents_FlashCallEventHandler
ShockwaveFlashClass
FlashObjectClass
_IShockwaveFlashEvents_OnReadyStateChangeEventHandler
_IShockwaveFlashEvents_SinkHelper
_IShockwaveFlashEvents_EventProvider
x1110bdd110cdcea4
Xenocode.Postbuild.Inject.StringEncrypt
ProcessedByXenocode
Xenocode.Client.Attributes.AssemblyAttributes
m_OnReadyStateChangeDelegate
m_OnProgressDelegate
m_FSCommandDelegate
m_FlashCallDelegate
m_dwCookie
m_ConnectionPointContainer
m_aEventSinkHelpers
m_ConnectionPoint
get_ReadyState
get_TotalFrames
get_Playing
set_Playing
get_Quality
set_Quality
get_ScaleMode
set_ScaleMode
get_AlignMode
set_AlignMode
get_BackgroundColor
set_BackgroundColor
get_Loop
set_Loop
get_Movie
set_Movie
get_FrameNum
set_FrameNum
SetZoomRect
Forward
Rewind
StopPlay
GotoFrame
CurrentFrame
IsPlaying
PercentLoaded
FrameLoaded
FlashVersion
get_WMode
set_WMode
get_SAlign
set_SAlign
get_Menu
set_Menu
get_Base
set_Base
get_Scale
set_Scale
get_DeviceFont
set_DeviceFont
get_EmbedMovie
set_EmbedMovie
get_BGColor
set_BGColor
get_Quality2
set_Quality2
LoadMovie
TGotoFrame
TGotoLabel
TCurrentFrame
TCurrentLabel
TStopPlay
SetVariable
GetVariable
TSetProperty
TGetProperty
TCallFrame
TCallLabel
TSetPropertyNum
TGetPropertyNum
TGetPropertyAsNumber
get_SWRemote
set_SWRemote
get_FlashVars
set_FlashVars
get_AllowScriptAccess
set_AllowScriptAccess
get_MovieData
set_MovieData
get_InlineData
set_InlineData
get_SeamlessTabbing
set_SeamlessTabbing
EnforceLocalSecurity
get_Profile
set_Profile
get_ProfileAddress
set_ProfileAddress
get_ProfilePort
set_ProfilePort
CallFunction
SetReturnValue
DisableLocalSecurity
get_AllowNetworking
set_AllowNetworking
get_AllowFullScreen
set_AllowFullScreen
CanHandleException
OnReadyStateChange
OnProgress
FSCommand
FlashCall
add_OnReadyStateChange
remove_OnReadyStateChange
add_OnProgress
remove_OnProgress
add_FSCommand
remove_FSCommand
add_FlashCall
remove_FlashCall
GetDispID
RemoteInvokeEx
DeleteMemberByName
DeleteMemberByDispID
GetMemberProperties
GetMemberName
GetNextDispID
GetNameSpaceParent
RemoteQueryService
Invoke
Finalize
Dispose
_xaacba899487bce8c
bottom
factor
FrameNum
target
property
ppIUnknown
request
returnValue
pExcepInfo
newState
percentDone
command
bstrName
grfdex
dwFlags
pvarRes
pspCaller
cvarRefArg
rgiRefArg
rgvarRefArg
grfdexFetch
pgrfdex
pbstrName
guidService
ppvObject
x5e99b576d2530d13
x2710752c36f2d14b
FindConnectionPoint
Advise
get_Count
get_Item
Equals
RemoveAt
Unadvise
ReleaseComObject
SuppressFinalize
get_Length
get_Chars
Intern
ReadyState
TotalFrames
Playing
Quality
ScaleMode
AlignMode
BackgroundColor
SAlign
DeviceFont
EmbedMovie
BGColor
Quality2
SWRemote
FlashVars
AllowScriptAccess
MovieData
InlineData
SeamlessTabbing
Profile
ProfileAddress
ProfilePort
AllowNetworking
AllowFullScreen
Interop.ShockwaveFlashObjects
mscorlib
ShockwaveFlashObjects
$d27cdb6b-ae6d-11cf-96b8-444553540000
$D27CDB6C-AE6D-11CF-96B8-444553540000
$C5598E60-B307-11D1-B27D-006008C3FBFB
$D27CDB6D-AE6D-11CF-96B8-444553540000
)ShockwaveFlashObjects.ShockwaveFlashClass
-ShockwaveFlashObjects._IShockwaveFlashEvents
;ShockwaveFlashObjects._IShockwaveFlashEvents_EventProvider
$D27CDB70-AE6D-11CF-96B8-444553540000
$D27CDB72-AE6D-11CF-96B8-444553540000
$A6EF9860-C720-11D0-9337-00A0C90DCAA9
$6D5140C1-7436-11CE-8034-00AA006009FA
/ShockwaveFlashObjects.FlashObjectInterfaceClass
$86230738-D762-4C50-A2DE-A753E5B1686F
&ShockwaveFlashObjects.FlashObjectClass
$D27CDB71-AE6D-11CF-96B8-444553540000
$D27CDB6E-AE6D-11CF-96B8-444553540000
.ShockwaveFlashObjects._IShockwaveFlashEvents
$E0920E11-6B65-4D5D-9C58-B1FC5C07DC43
mscoree.dll
_CorDllMain