Sample details: a879ec46fe21bf3bca5cd5d40e56a743 --

Hashes
MD5: a879ec46fe21bf3bca5cd5d40e56a743
SHA1: 535f4894ed7728370efda9fe812cd6aab9d14f22
SHA256: 26658fc13b8586525199139c4174987e07ffa3b9482038c5bea6a79cc8515775
SSDEEP: 768:eBldkKhHJg0bAhdTFEYRMnE932HgTAQYbDdLX7h1SsJ7D9v/SPLk1ZO:eBlRJg04dhEnRMArbDT1S+agO
Details
File Type: MS-DOS
Added: 2018-11-15 03:16:29
Yara Hits
YRP/MPRESS_V200_V20X_MATCODE_Software_20090423 | YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h | YRP/mpress_2_xx_x86 | YRP/IsPE32 | YRP/IsConsole | YRP/IsPacked | YRP/HasModified_DOS_Message | YRP/maldoc_getEIP_method_1 | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/screenshot | YRP/suspicious_packer_section |
Strings
		!Win32 .EXE.
.MPRESS1
.MPRESS2Q
v2.17F
bPl%AV
\&>BiQ=
@Uho9I
L58WRDJ
[)W{	+
E[Uwh]
xD/U G
tg$N%TF
/Nuc_g'
9e#Xh8
b%hD/1
Ps5S<}
on:7$(
%1M%#`h
k*$|3fF
MSlC{g
ImC!}V
Z\@f,j
5%!0nV
!I&}T_
#MG#W$
Lgd2So
|5UhTgt
i0mD#O;
>d/{3s
di[vzR
SDd8n&
Pu	4M7u.
fw.N`[6
N*OI(#
joVDILn
J.dlK=h]-
-\Peu[#
'|#{"U
EIsG&y
Nnv5!Az
zM@>9m
~'XwHf
()sM=Z$'
?h8\u[
>iQZ@l
Yk[$rH
GetModuleHandleA
GetProcAddress
KERNEL32.DLL
MSVCRT.dll
COMCTL32.DLL
InitCommonControls
USER32.DLL
IsChild
GDI32.DLL
BitBlt
OLE32.DLL
CoInitialize
SHELL32.DLL
ShellExecuteExA
SHLWAPI.DLL
PathQuoteSpacesA
t$t#t$l
D$t#D$h
D$t+D$\
.)D$H+
s`)L$4
D$t+D$\
9l$\w`
PPPJZZZ
ccc+kkk
ooo/www
yyys)))
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity
    version="1.0.0.0"
    processorArchitecture="X86"
    name="CompanyName.ProductName.YourApp"
    type="win32" />
  <description></description>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity
        type="win32"
        name="Microsoft.Windows.Common-Controls"
        version="6.0.0.0"
        processorArchitecture="X86"
        publicKeyToken="6595b64144ccf1df"
        language="*" />
    </dependentAssembly>
  </dependency>
</assembly>