Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: b76fb2590fc2ca6ffe0e0710ff6d438f --

Hashes
MD5: b76fb2590fc2ca6ffe0e0710ff6d438f
SHA1: 3f244cedcde2cfb5c82d1cfe6766785cc4b1da00
SHA256: 9baa68df4b910c7a0287a52ae00af6d4976225f9e43908501be9ec45ebc49b6c
SSDEEP: 48:ZvtwsYAh71g63iu6MjP2EKSiacmcY/gSq:Z1wYh71g63v6MKDrEgS
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/FASM | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Strings
		!This program cannot be run in DOS mode.
`.dacre
.das34fd
kernel32.dll
user32.dll
GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualAlloc
CreateWindowExA
DispatchMessageA
GetMessageA
LoadCursorA
LoadIconA
MoveWindow
RegisterClassA
ShowWindow
TranslateMessage