Sample details: abaa3988bca3a986cdfe1df1415d780b --

Hashes
MD5: abaa3988bca3a986cdfe1df1415d780b
SHA1: b0ac869fbea87967938ec8d15e814772d21789f6
SHA256: 939dc9f5456cf9d8f7c88e6a195f28f8cd2203ca2177346d7114ee9de3219887
SSDEEP: 3072:w+1MFbdIAir4ri/3qp7SkY0w/E3xwLgRtGFR+/2ezFwCNMxodNmp6909:w+1MF+P0SkYxCA+/9rPIV
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/HasModified_DOS_Message | YRP/domain | YRP/contentis_base64 |
Source
http://arcelectricnj.com/D
Strings
		nS beFC	
 ich@q RxSg
	 run in DOS
his progr
!Tcannotmmode.
@qnS@qnS@q
`.rdata
@.rsrc
@.reloc
T$|+L$|
ffffff.
D$T+t$X9
D$LI)Q^
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
,7j6)?m'xm
D$45$H
D$P%c`
D$(jc[m
JERWEGeR
BGeERGEE
EEGRBJWG
BWWeWJRJ
JJREWWJB
GeWEGeGJ
EERBEEWG
BEBeeJEe
JBREBBRW
JWeJWWeB
EEERJGWE
BWEEBGBJ
GBeeGEWE
GWEGEWeR
GBeEGJWG
WWEWGJWR
HWHWjwEHWRejWE#@
HWHgwegwe
BEGRREEJ
REJGReBB
BRWEeEEE
eBEWeEBJ
WRBRBEEG
WWGBeBEE
EWeEGWWJ
BBBGBEeW
EBeWJBJW
JRRWGJWE
EeJJGEEW
WWEWEWWB
JEERRWWW
GEJeBRWe
REEWWGWG
EWWGBEGR
JWeRGWEW
WBRRRWWR
BWBERJee
JeGBEJEE
eeEeBGRW
WeRJBBER
WGGJEWRW
BBBJEEJJ
eBJEWBGR
BBGEReBW
WeGGEEEG
JBBReEee
GWWGBWEE
GRJEJEJW
eGBEEJWG
eRWEEBeB
RRJWBEEW
JERBeJGG
WEWeBGeR
BEEWJBEE
BWJEJWGJ
eEeREGEB
GeJRREEE
BWRGJWEE
EWWGGEEW
EEEBEeWe
WBBeWWJE
EREBGBJG
EGEWeeJW
GJEWReWB
eeeWERWW
eRJBGEeJ
JWBBREWR
eBERWBEe
EWGJGWWE
GERWEWWG
BGeWWRWW
JWGEWWEW
EGRBJJER
WEREeBBE
EWGBBEEJ
EBBWWBRE
EeWWBEBW
EBeWGWJW
RBJRJEBJ
WBJGWBeW
EGGBBEWG
EWWWREGE
eRJWGEJE
WEEJWJGB
BWEEJJRe
JWREBWWB
BEJWWGWE
WWWRRWWR
eEWWWeJe
RWWeReBW
JGRRJWEB
WWeBJGWJ
EJeEEeRE
EeEWWeEE
WWJREGGR
RWWEEEWR
EEWeEEBW
RWEEERRe
EJGeEEWB
BRGEWEWe
eEEJeEBW
EJEEWJBJ
RWeWEGWG
EeWWeJEe
ERGGEWER
EWWWeWee
WJBBEGRR
EEEWEeER
EeeEJEWe
EGJWGJWR
JRWERRWJ
WEBWWEBG
WJReJeGE
EERRWWJJ
EeBEEWJR
REERGEGE
GRRWWJBE
JEWJREJW
GEREeeBR
JWEEREBW
EeEeWBRR
eEBeeERW
WeGeWGeW
eJGEEGGW
JGGEWJJG
GJEeWWJJ
WJGeGWBW
JBEEJGWe
eGGJEGWE
WReEReRE
BWGRWWBB
EJBGEGeJ
WWBEJWBW
BRRJJBRe
WJeeeEBW
GRBEWBEE
EWEeReEE
JWEGJEJe
WRWWWWEB
BEEBeBER
GGEWEeRE
JBEJeRWW
WWEWRBBW
WGWWEBEW
EJWRJGWJ
GJGEWRWG
eBWWWBWB
JBGBBBEB
ERGJJEEE
EEWWGJeW
EeWRGeWW
BWWEEGBW
RWBeeWEJ
EJeRJWEW
EERWEEEB
JEJWEeWe
WWEWGGJR
GRWWReER
WWWWEEBW
BEBREEJG
EWBEeEeW
JBWEJEEE
JJGJEWBG
EWBReWeB
EEEWEWWR
GEEeJRWR
GGeWWGRE
ERWRRWJW
WJRRERWR
BGEWEGRG
GRRJBGGG
RJREGWRR
WREGGGWJ
WRRERJeG
WGEWGWBe
eWWeeeWG
GWERBRWW
WJeJGRER
WRJGJEGG
eWGBBGBe
WeWeeJWG
EGRERRJW
EEBGEEEB
RWJWEEWe
GWJGJeEe
JGGEJEee
BJGWBWWW
eJEWGRWG
JWWWWJWE
REBJRBEB
eEEGEeWW
WEEeeGBe
GJRWeJGB
WWeEGREE
WeEeWRER
GWJWeBJR
GBEJEGWJ
BBWWeEBG
BRGeGWBe
EBEGEBBE
BGWWRREG
RBBEWEWE
WGRJRWWW
GERWeEWe
JWBGRBWE
JEWEEWBB
EWEJWWWE
eEWJRWRJ
RBRREWWW
GEERWJGE
GRBWEJEW
WRWRWeEe
EWEWEWBG
BWGBWWeW
EGeEWeeE
REJEeWJE
BReeWGWW
EBWJEGEB
WERJEGBe
GEBeJWEE
WJBWRGWJ
EEGWWWBG
WGWWEEWe
ERJEBGeJ
EJBeEeJe
JJEJBWRR
eEEWJeEW
WWJWWWJB
GBEeBEEE
BEEEBGJW
RJGEWGGW
REEJEERW
WWWEEGBE
RREEeJBE
GEWWBeWG
GEGBEGGE
RBJeBWEG
JWGWEeEE
EReEEWGE
GWREJGWe
WJRREJJe
eERJeeGE
ERWBeRGB
EBWBGREE
GWJWBGEe
GBEREReG
BWeWEWWW
REGGRJRJ
WeEEeGJR
GeJWEGeG
JJBGBeGJ
JRJReReG
EWEEBWEG
EBEGGeWe
WWBJBeBE
REEJBWWR
EBEBJEWe
GGEBGEBG
eeEBRWBW
REeWWRJR
EJEJWJWW
GBBEGEeE
BEGEEEJW
eeWEGBEB
WWRJJJEJ
JEWBGEEe
WJERWJWR
WEWWJRGB
eeEJEEGG
GREJGeEJ
eGEEWRBW
BRWEWGee
GJeWGeee
eeWEEWWE
EWEEGEJG
EBWBWEBW
WWGEWEeG
JBeeRWEW
GJJEEEWe
BWRBEGGW
JWRWJBJE
RREJWJRB
eeWWJeEE
EWeEEREG
EBJBEeWe
eWGRJJEe
RRREWWEG
GWRJJGBW
BWWBBWWG
JBeJeEWJ
JBWeeEEW
WRGWEBeE
EEBEeJBW
JeGBRBRE
JeJGJEJE
BGRRBWEJ
ReBGeWeR
EBEWWWEB
RRJWJWWR
JWWWRWJJ
EBRERWeE
WeWRRWEe
BEGJBJGB
EBeWJEJe
WBJGWWWE
RRJBJBBe
BEEWRJJW
EGeEBJBE
WJRGEEWJ
EJGEGGWE
WEBWEEEE
GRGGeEWG
EWBERGeB
EEEWGEee
GWEeWRWE
RBWGeeWJ
WWGBEEEW
WGRRJJWW
GJJeeEWW
eJGWGGJe
JeRGGGER
EWBJWGEE
JJGeEWWW
eEJEJWGW
EeJBGJRE
GeeBJWEB
WBWWEBee
EGEWGEGW
eEEBeGGG
JRRWEEWJ
REEWWJWB
JJEBEeWe
GEERRRBE
eGEEEGJe
JEeGWREe
JBWEGJEe
JRRBRWJJ
EBWeBRGe
BJREEJBR
BWeEGWeW
ReEeWEJW
eEGBGEEG
GEWWRWEB
GJEREBEW
EEWEGWeR
eEBJBJRR
WWJRGWeW
JEeRJeGE
WJBJJEJW
EWRWEERW
EJWWeRGB
WeEJBWBR
WReWWEBB
WBeRGEJR
GJWJEWWW
GJEJRWRR
EEWEGEEG
WJEWRReR
GRWRGJJB
WBBJWeGE
eEGBeJWR
EWeGJREW
EEWJBeeW
RERJWREE
EBWeJEeE
EWeGEEEB
EeJEBBJJ
WREeeJGB
RGGWEJBe
EWWEEBEe
BEEWWEWB
eRJBEWWR
BGWeBeEE
WGRBRWWR
JJWEeBJe
eGJERBRB
WJBeBWWR
WeBEEEEE
REGBREWG
WGBGEREE
EEGRWEJJ
GBEWGJWE
EGEWGJEG
WGRGRWeJ
JeGWJWWR
eRWEREBG
RBWEWeeW
BGJRBJRR
BeWReWJe
RWWJEJeE
eJEWEWEE
REEWeJRW
WJBeBWEG
BWeeJBEW
RGEGEWEB
GGWJWGBG
WGREJGJR
eRGEGEGW
EWEGBEWe
WWWEWWWJ
EGeRWeeR
RGReWJeB
JRBRGJRJ
EWREJBEE
WGBBWEeR
JWeGBJWW
eReEWWeE
JWRJEeWW
JJeeWBJe
BeRERWBE
GWWEeEJW
JJBEJWeE
RBWeWJWW
ReRWBJBJ
RWRBWRBE
BWEJEWWW
WEEEeGWE
WBEWEWRe
^35|\V
uigjhghio.pdb
LZSeek
LZ32.dll
GetVolumePathNamesForVolumeNameW
lstrlenW
GlobalMemoryStatus
GetStringTypeExA
GetDriveTypeW
GetCommMask
FillConsoleOutputAttribute
GetBinaryTypeW
GetModuleHandleA
GetNamedPipeClientComputerNameW
GetUserDefaultLangID
GetTickCount
KERNEL32.dll
SetupDiDestroyDriverInfoList
SETUPAPI.dll
StrChrA
SHLWAPI.dll
RpcRevertToSelf
RPCRT4.dll
GetPriorityClipboardFormat
GetUpdateRect
GetFocus
InsertMenuA
CallMsgFilterA
DdeFreeStringHandle
PackDDElParam
USER32.dll
GetComputerObjectNameW
Secur32.dll
LineTo
GDI32.dll
"YWEC"
uiy"BpH
ey#BpH
$R5YE#
}"q?>(k
:c@]|fU
V.(\/%J
`ye-RVV
`ye/H^
{_:e]	|
7(BtH%P
lD'j,(
'Br`93^$
k,(7I"R
,wj,(7
(\:D0 
D(BgQ-
5	2tVK
`Iz/$w
#(%;(x
WApY!B
8$G{^5
#(%;(x
8$G{^5
#(%;(x
0^gMz@
uE<H=}
_L{^&c
R-LH=G
b QF@E
'2+lbV
"@4W=zs
6![ITa
CW8TD$
S?zs$"
^\$DR2*z
R?z@cH
g;c'Y+xg{
jQo0h5
*F+'zg
,0|UT\
AF}$Q)!d
Q7ao]Q%
q1WhJX
LK)e]v
)#`&Wr
[#^-7l_KV
Xto\]#
vE({$B
{vZ <SN
*>m^SD
ce;Kfp
tYCW	I
"+%;77Z9
S@z@sI
AH^+y|9
'F{ &/
]Lr|AkU
<\m)$b
]#J{^D
'}^5G*
GQ%;+?&
;i;sin:
 .DY6-
Td;cGW
">	6E?[
`{^&yBV
`x|!FzC
b|=7h2
`OXN<O
PdbA^W-
|xj'. D=
0";"Q/)
l00J{+
5:7nP@
I8/+Z0+S
`xT#FzM
SQ-sN3
j'n$D=
T^|(83-
0b?"Qo
/+n<Sd
j'V$D=
K0D8u1
L|( 3-
BSbo-iVp
@|(l/-
`xh Fzr
WK6-N~
XP!lXb
`w1xKT
|hZ0CR
!'h/O+d+H
*`xl"Fz
5	w4NY=
 &;(?[
H%dE37z2
x?c`{c
#:'5aZqKU
`xH#Fz
&(%;+>y
_?HWFM?x
T:3ZI~
I`vuPM
#TK~j(
C=2%-v	
j*-mH>
b~u7/2
`Qzf'$
<&?{BV
:'N{c:
#(%;(x
P%_|v6
).+A.~
7#G{nF
#,%;(x
8$G{^5
#(%;(x
>-7OP.&
2@^2p"R
cVy"'*
(9Rh]-
q7.St-
vIpyZci
-/A!.*
G i*lX
f@4;,W
gCo}[4
#GyWje8
m8`JGt#
sX;+GD8
J%E>KD
HBx~A#R
b>x[{U
#(%;(x
WAp) B
akD7P']
8$G{^5
#(%;(x
"OwmE{<//
M2I9ox
o5!n'Am
	s?3='B
> 1|"1h
9NAm6i
:3;K<V<
0/0B0U0
2F2%9,9
= =&=,=2=8=>=D=J=P=V=\=b=
0p2t2x2|2
2X4\4`4d4h4l4p4t4x4|4
4@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6
6(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8x8
: :$:(:,:0:4:8:<:@:D:H:L:P:T:X:`:
< <$<(<,<0<4<8<<<@<H<
> >$>(>0>
5h7l7p7t7x7|7
7P9T9X9\9`9d9h9l9p9t9x9|9
98;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
; =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=p=
? ?$?(?,?0?4?8?<?@?D?H?L?P?X?
1 1$1(1,1014181@1
:`<d<h<l<p<t<x<|<
<H>L>P>T>X>\>`>d>h>l>p>t>x>|>
004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0