Sample details: ba190b08f443fc52460e5fc919e63a92 --

Hashes
MD5: ba190b08f443fc52460e5fc919e63a92
SHA1: e0ea42179a0285b5433e6343a3621138988ce2be
SHA256: eeac03f3bf2917ae9e2af87af84ce2f9425afb7a084556ecacc96ca8133ff588
SSDEEP: 384:TZI2SUCoQIX4jHyJNvUqhOUvBO06hgHho3s8k0mRvR6JZlbw8hqIusZzZAVa:TuNmnrbhOyRpcnuTa
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/Dropper_Strings | YRP/Misc_Suspicious_Strings | YRP/disable_dep | YRP/keylogger | YRP/Big_Numbers1 | YRP/Njrat | YRP/njrat1 | FlorianRoth/DragonFly_APT_Sep17_3 | BAMFDetect/njrat |
Strings