Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: ee207e35aea4d5df41d90221e1b66efa --

Hashes
MD5: ee207e35aea4d5df41d90221e1b66efa
SHA1: 757469cf9ad2f21f267bbe730560114fdf8a89a5
SHA256: cf64c95e9a2d02967efc22b00efb3736156b913a95231eb63c1df45d43475e64
SSDEEP: 768:SCndDb8sAGCMXZ7MnjT2SusEjyoGilYr:lNjNMjSS1EM
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/win_files_operation | YRP/CRC32_poly_Constant | YRP/CRC32_table | YRP/MD5_Constants | FlorianRoth/DragonFly_APT_Sep17_3 |
Parent Files
72714aa233ae715c83b568607e27876e
Source
Strings
		!This program cannot be run in DOS mode.
`.data
@.reloc
Qkkbal
-0123456789abcdef
mspatcha.pdb
t ;t$$t
VC20XC00U
;E(sMk
;E(s\k
;C t03
tG9C,t	
Ht,Ht$Ht
=.idau
@@NN+E
SWt@VVVj
t+VVVj
t$VVVj
t;j#Y+
t19uHu%
ET@;El
RtlUnwind
SetLastError
GetLastError
UnmapViewOfFile
SetFileTime
GetFileSize
GetFileTime
DeleteFileA
CloseHandle
CreateFileA
DeleteFileW
CreateFileW
MultiByteToWideChar
MapViewOfFile
CreateFileMappingA
SetEndOfFile
SetFilePointer
FlushViewOfFile
VirtualAlloc
VirtualFree
KERNEL32.dll
mspatcha.dll
ApplyPatchToFileA
ApplyPatchToFileByHandles
ApplyPatchToFileByHandlesEx
ApplyPatchToFileExA
ApplyPatchToFileExW
ApplyPatchToFileW
GetFilePatchSignatureA
GetFilePatchSignatureByHandle
GetFilePatchSignatureW
TestApplyPatchToFileA
TestApplyPatchToFileByHandles
TestApplyPatchToFileW
6L7%868g8
=O=f=o=z=
:-:6:]:f:t:}:
;S<\<j<
5 5,505<5@5L5P5X5\5d5h5p5t5|5