Sample details: df3ab26df5676821215cec5a6ee97af7 --

Hashes
MD5: df3ab26df5676821215cec5a6ee97af7
SHA1: 96f972b5d8b2899cdfcfc496c7a392da92c69825
SHA256: 261dad51ed4a59f521700e8fde6e8cb10ca20c495693b1c76141a27763d0d53a
SSDEEP: 768:CI+zqnsBtI6MUCTtmVsoOLE3h4y7Xgzql/QjYtnHMxOKdK/N93JIJgtcxoY2j:CI+zqnsBtI6MUCTtWsoOLE3hfT4s2zxo
Details
File Type: PE32
Yara Hits
YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/maldoc_find_kernel32_base_method_1 | YRP/domain | YRP/contentis_base64 | YRP/keylogger |
Source
http://skyyoker.xyz/19-10/1.bin
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
@.rsrc
PQRSVW
O4Q+O4)
_^[ZYX
_ZYXPQR
ZZYXPQPR
)4$TTPV
QRSWVj
>W+>)<$
Z^_[ZY
V14$^j
N.t&66
N.t&66
													
							
													
								
									
													
												
											
									
							
BasepCheckWinSaferRestrictions
ExitProcess
GetACP
GetConsoleCP
GetLastError
GetModuleHandleA
GetProcAddress
LoadLibraryA
LoadResource
lstrlenA
OpenEventA
SetLastError
SetThreadAffinityMask
VerLanguageNameA
VirtualAlloc
VirtualFree
VirtualProtect
kernel32.dll
CheckDlgButton
GetIconInfo
GetKeyboardType
GetSysColorBrush
IsWindow
ReleaseCapture
SendMessageCallbackW
user32.dll
_TrackMouseEvent
DrawStatusText
DrawStatusTextA
DSA_GetItemPtr
ImageList_EndDrag
InitCommonControls
comctl32.dll
OleUIChangeSourceA
OleUIChangeSourceW
OleUIPromptUserA
OleUIPromptUserW
oledlg.dll
AlphaBlend
DllInitialize
TransparentBlt
vSetDdrawflag
msimg32.dll
ImageRvaToSection
SymFindFileInPath
imagehlp.dll
ChooseFontW
GetOpenFileNameW
ReplaceTextA
ReplaceTextW
comdlg32.dll
joyGetPos
joySetCapture
waveInGetPosition
winmm.dll
GdipCreateFontFamilyFromName
GdipDrawBezierI
GdipSetLineColors
GdipTestControl
GdipTranslateMatrix
gdiplus.dll
DosDateTimeToVariantTime
SysAllocStringLen
VarCyFromUI8
oleaut32.dll
AddAuditAccessAceEx
InitializeAcl
RegNotifyChangeKeyValue
advapi32.dll
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerFindFileW
VerQueryValueA
version.dll
AccessibleObjectFromPoint
AccessibleObjectFromWindow
GetOleaccVersionInfo
IID_IAccessible
LIBID_Accessibility
ObjectFromLresult
oleacc.dll
PickIconDlg
RealShellExecuteA
SHHelpShortcuts_RunDLLW
SHILCreateFromPath
StrRStrIW
shell32.dll
CreateRoundRectRgn
DdEntry14
EngCreateDeviceSurface
FONTOBJ_vGetInfo
GdiGetLocalBrush
ResetDCW
gdi32.dll
DeletePrinterDataExA
DeletePrinterDataW
EnumMonitorsW
GetDefaultPrinterA
IsValidDevmodeA
SetPrinterW
WaitForPrinterChange
winspool.drv
PathCreateFromUrlA
SHFreeShared
SHRegSetPathW
StrCatW
shlwapi.dll
HGLOBAL_UserMarshal
HMENU_UserUnmarshal
IsValidIid
OleCreateFromFile
OleCreateLinkFromDataEx
OleGetClipboard
OleSetAutoConvert
StgCreateDocfile
UtGetDvtd32Info
ole32.dll
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>PAPADDINGXXPADDING