Sample details: fd210c8aec9043c022ef3f9bb484625d --

Hashes
MD5: fd210c8aec9043c022ef3f9bb484625d
SHA1: fefab249a971a1cd5856df3ab60a072fb5d12519
SHA256: 398c2ca10bb9d1b6503827a931c5f17947007f63faaffe55847bcf87c7c430d5
SSDEEP: 3072:7Kvz2hEFJqWjKVYZ+cZqisAs+IW24olEW6ga:7+2cJq9Vv8qiPbEWg
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Cpp_v60_DLL_additional | YRP/Microsoft_Visual_Cpp | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 |
Source
http://aldrizzagno.com/qljZh/
http://jwyatt.ca/BCLGI2/
Strings
		!This program cannot be run in DOS mode.
`.data
.rdata
SWDnz38
GWeweEERqQWWEwCQRGWEghtehEWger\.rhkww\.pdb
D$,6/Gd
D$(1*D{
D$<;T$(
ffffff.
fffff.
D$T%A+
V6z+D$,
D$0JSC.
L$(+D$P
D$|ZdG
D$`EYP
D$8%q\
D$D;t$8
D$xqnqm
ffffff.
|$0#L$ 
D$0o-[`
L$+:L$7
L$D+D$P#D$0iL$D
D$dYT+<
RpcMgmtSetServerStackSize
RPCRT4.dll
ConnectNamedPipe
WaitForDebugEvent
SystemTimeToFileTime
WriteTapemark
GetLastError
GetCurrentConsoleFontEx
KERNEL32.dll
SetProcessDefaultLayout
CreateIconFromResource
GetDlgItem
UnloadKeyboardLayout
USER32.dll
CoFileTimeNow
ole32.dll
memset
msvcrt.dll
AddAccessAllowedObjectAce
ADVAPI32.dll
SHGetFileInfoA
SHELL32.dll
MprInfoBlockRemove
MPRAPI.dll
SCardListReadersA
WinSCard.dll
l1>!nUuq
mDC^DK
Q"ywC@
jlKH{(X
~^$[G&
OHrl#T
`xu#H{~
F/+o6;M
n.G3-7V
aLT~~l
4HJVhx
|N$	`x
|N'3`x
|N|J`x
=pa$jn
r7?!tHx
&9bxVx
u#0N6YL
VG"nT*V
W"F^1~
]%z&&c
3mbI?t_Gr
A0LN6YL
0bn$rv
K-?DsUxo
=fc&ux
3,GrvV
%I)K(	
`;Aw5|Z$
O<=G{a
),KzPm:[
)>YP\1
r9,]\.
#ok:yS
,V:hA5>
0(v/%\p
h<j	mT
-l mP;
ZB1x'`~
e)FC%lU
	~0ilf
YS~`YU
x|)M2'{
QObXSg}}\
WQcuou
p>$lt]7
|!n3a;:
]P	tcs
/{~~0ilv
jH*}~M
,\Eri 
ze@'pt
PToL'vm
XT;AMy
%@Mbg8^
w>+'KL
OL!mS$l
4u~i7)
9TqG~^
VSc<sy#-
/ns"AFO
	sPXuZ
^~D;`n
z_jPsQ
!o(/|F8x
GAa53lq
{qk ~sz
.##q4{
8v\UX@
k\Y*kT
nw)pkf
&#IE|(
dRAWX6
vM3\$h
\YeIa^U
t|NnOBU
pEt(hT
o/DPQI
4>f*F3m
=F$/wY
(!;EL0
O_FS	.
$KJk~&3
rJ<^7jc
.bgFwst
,7Ns!{A
,ou6Cyi
eVQg[S
KEu<oI&
jiF=s0
:.zlE&
5Ll0z>
]zq 9bO
!5*Z%f
-ZOU=n
`;Aw5|Z$
v<WxK}p%
w\ 8@o
+PNESl
S)=>0F