Sample details: 5f6c30deb25d425d3575ec2c30f2c7fa --

Hashes
MD5: 5f6c30deb25d425d3575ec2c30f2c7fa
SHA1: 9a20969d990238a73bd4a9a16a8b7789732ccf26
SHA256: 3a8f97af61496b875341fff0e2eb8a77b63b5a50d10e8d521f82320abd91a37f
SSDEEP: 3072:Wxa8G/PePr4/KlxUN8kH+SspnDDcSfR2but9G4uduQQ1alX2oBvOolY1/rB:/8G+0/KTUKvcbY9Gqql1Hw
Details
File Type: PE32
Yara Hits
YRP/NETDLLMicrosoft | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/VMWare_Detection | YRP/DebuggerCheck__QueryInfo | YRP/DebuggerCheck__RemoteAPI | YRP/DebuggerHiding__Thread | YRP/Check_Dlls | YRP/anti_dbg | YRP/network_smtp_dotNet | YRP/keylogger | YRP/rat_webcam | YRP/win_mutex | YRP/win_registry | YRP/win_hook | YRP/Advapi_Hash_API |
Source
http://novomet.bg/templates/ag.exe
Strings