Sample details: b02a5245af7d4b0bb9f04f92ef42c150 --

Hashes
MD5: b02a5245af7d4b0bb9f04f92ef42c150
SHA1: 554f830089747fccff83139144f38a42e2b8fc04
SHA256: 7c59a9d1822e874795925725cd6c24c568a489a4ffd8bb5d474cd31b92574ccf
SSDEEP: 48:6CDrfws5X4jZ9lc9NQCCvrsFVs4JBNZDEj4jTP3iJXA6aE2OsauliSC75q:fvXq9S/dFPjEj4TF7C
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_C_Basic_NET | YRP/NETDLLMicrosoft | YRP/IsPE32 | YRP/IsNET_DLL | YRP/IsDLL | YRP/IsConsole | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Source
http://103.68.190.250/Sources//ActiveMalwares/MCRYPT/obj/Debug/TempPE/Properties.Resources.Designer.cs.dll
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
<Module>
Properties.Resources.Designer.cs.dll
Resources
EladitosCrypter.Properties
mscorlib
System
Object
System.Resources
ResourceManager
resourceMan
System.Globalization
CultureInfo
resourceCulture
get_ResourceManager
get_Culture
set_Culture
get_Source1
get_stub
Culture
Source1
System.Runtime.CompilerServices
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
Properties.Resources.Designer.cs
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerNonUserCodeAttribute
CompilerGeneratedAttribute
ReferenceEquals
RuntimeTypeHandle
GetTypeFromHandle
System.Reflection
Assembly
get_Assembly
GetString
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
WrapNonExceptionThrows
_CorDllMain
mscoree.dll