Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: feaea2955b2d3b3dae66a380ec3b83c2 --

Hashes
MD5: feaea2955b2d3b3dae66a380ec3b83c2
SHA1: d740af6f7e67feecb3a2b4834dc669ecd6dc5f26
SHA256: c41f2087ce604a61c2386984f871bd1308e50b28721d553a978223e9e76eeb84
SSDEEP: 384:WXFeZCGwdjmJKWnTJkNWr7ipHr/T/zGjtJY1Ueio0j5vC6CB+IAPaSQl:MOIdOAV3GjtJY+eioSyBzt
Details
File Type: PE32+
Yara Hits
YRP/Microsoft_Visual_Cpp_80_DLL | YRP/IsPE64 | YRP/IsDLL | YRP/IsConsole | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Parent Files
086f641cf7b8d90ff4ea93ae758b867a
Strings
		!This program cannot be run in DOS mode.
`.data
.pdata
@.rsrc
@.reloc
WritePrinter
CommandCallback
Compression
DevMode
DiableDriver
DisablePDEV
DownloadCharGlyph
DownloadFontHeader
DriverDMS
EnableDriver
EnablePDEV
FilterGraphics
GetInfo
HalftonePattern
ImageProcessing
MemoryUsage
OutputCharStr
SendFontCmd
ResetPDEV
TextOutAsBitmap
TTDownloadMethod
TTYGetInfo
LANDSCAPE_CC270
PORTRAIT
Orientation
 ATRUE
Rotation
?Resolution
gdiplus.dll
e:\fxps_unidriver\64drv\src\amd64\FXULG002.pdb
L$(A D
T$Hfff
G(L9g(t0
|$pQuDH
EEEEEE
 EEE!"#$E%EEEEEEEEE&EEEEEEEEE'EEEEEEEEEEEEEEEEEEEEEEEEEEEEE()*+,-./0123456789:;<=>?@ABCD
L$pu)H
t#HcG<H
H;x0u	K
GdipDisposeImage
GdipSaveImageToFile
GdipSetImagePalette
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusShutdown
GdiplusStartup
memset
memcpy
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
malloc
_initterm
msvcrt.dll
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ntdll.dll
GlobalAlloc
GlobalFree
GlobalReAlloc
SetLastError
GetVersionExW
ReadFile
CloseHandle
GetFileSize
DeleteFileW
CreateFileW
GetTempFileNameW
GetTempPathW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
KERNEL32.dll
ImpersonatePrinterClient
RevertToPrinterSelf
SPOOLSS.DLL
LocalAlloc
GetProcAddress
FreeLibrary
GetLastError
LoadLibraryA
RaiseException
FXULG002.dll
DllCanUnloadNow
DllGetClassObject
fxcmp_CompressBitmap
fxcmp_FinishBitmap
fxcmp_FreeCompress
fxcmp_GetBitmap
fxcmp_InitBitmap
fxcmp_LoadCompress