Sample details: dc6c7b4d94dbb2afc9b829b481368e85 --

Hashes
MD5: dc6c7b4d94dbb2afc9b829b481368e85
SHA1: 8388ff1c7b17daebd9986cbc9baaed004cd83c90
SHA256: aca14fe89072c172e17bf354a2f6c487da92b5c0fb359335bd367fad2e18846e
SSDEEP: 48:Zvti1j1ntzb7WdzcbOQrFf6Kb6V+sMGYA2jzq6cf:Z1kfbVbOQxyLN2jzq6K
Details
File Type: PE32+
Added: 2019-10-09 21:20:31
Yara Hits
YRP/IsPE64 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/FASM | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Strings
		!This program cannot be run in DOS mode.
`.data
.idata
?L^v/MT
L^^/MV
L^^/MV
L^^/MV
7L^v/MT5
/L^^/L
L^^/MV=
kernel32.dll
GetProcAddress
LoadLibraryA
VirtualAlloc