Sample details: b3a4096a27184df6f25a14346b506853 --

Hashes
MD5: b3a4096a27184df6f25a14346b506853
SHA1: 4479838d391baea7346d35df29ffac607d649cbf
SHA256: b4ce14ab52083c95b907dbf514511eeec0c7aaf9270831b96a66449614e274fc
SSDEEP: 384:K0IZDyTeX/FtcKDj0S0c+gJlLRaxE81CKS:sDyKX3bDBP+gJ3axE
Details
File Type: PE32
Yara Hits
YRP/MingWin32_GCC_V3X | YRP/MingWin32_GCC_3x | YRP/MingWin32_v_h_additional | YRP/MinGW_GCC_3x_additional | YRP/MinGW_GCC_3x | YRP/MingWin32_GCC_3x_additional | YRP/MingWin32_v_h | YRP/MingWin32_v | YRP/MinGWGCC3x | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/MinGW_1 | YRP/domain | YRP/contentis_base64 | YRP/Misc_Suspicious_Strings | YRP/network_http | YRP/win_registry | YRP/MD5_Constants | YRP/BASE64_table | YRP/Str_Win32_Wininet_Library | YRP/Str_Win32_Internet_API | YRP/Str_Win32_Http_API | FlorianRoth/DragonFly_APT_Sep17_3 |
Strings
		!This program cannot be run in DOS mode.
`.data
.rdata
.idata
adode-update.com
p4ssw0rd
Identities
Default User ID
Software\Microsoft\Windows\CurrentVersion\Internet Settings
User Agent
Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Bits: %d
USERNAME
User: %s
COMPUTERNAME
Computer: %s
USERDOMAIN
Domain: %s
SOFTWARE\MICROSOFT\WINDOWS NT\CurrentVersion
ProductName
Version: %s
/cgi-bin/s2.cgi
StartJavaScript=
command: 
response:
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
system 
timeout 
fetch 
cmd.exe /c %s
Failed to create a pipe. GetLastError: 
Failed to CreateProcess(). GetLastError: 
Timeout set: from %d to %d
http://
%s%s%s
Cannot download: 
File %s%s (%d bytes) downloaded and saved to %s ok
Cannot open local file: 
-LIBGCCW32-EH-2-SJLJ-GTHR-MINGW32
w32_sharedptr->size == sizeof(W32_EH_SHARED)
%s:%u: failed assertion `%s'
../../gcc/gcc/config/i386/w32-shared-ptr.c
GetAtomNameA (atom, s, sizeof(s)) != 0
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
SetSecurityDescriptorDacl
AddAtomA
CloseHandle
CreatePipe
CreateProcessA
ExitProcess
FindAtomA
GetAtomNameA
GetCommandLineA
GetCurrentProcess
GetEnvironmentVariableA
GetExitCodeProcess
GetLastError
GetModuleHandleA
GetStartupInfoA
PeekNamedPipe
ReadFile
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_onexit
_setmode
_snprintf
atexit
fclose
fflush
fprintf
fwrite
malloc
memcpy
memset
printf
putchar
realloc
signal
sprintf
sscanf
strcat
strcpy
strlen
strncmp
strstr
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetReadFile
ADVAPI32.DLL
KERNEL32.dll
msvcrt.dll
WININET.DLL