Sample details: 904571bf04a1b908bbe7f68d77cda696 --

Hashes
MD5: 904571bf04a1b908bbe7f68d77cda696
SHA1: 758221172128a67ee5ef59d0624285d5a4cfe393
SHA256: e01e2be41f9456ad447d0159800e0da5f37662cf9fcfa0868956571c69ca67ba
SSDEEP: 768:d4tkBAJOlyGdPGyyzGRvzf4lddl/q19cpO:NA8dPKKVzwl/Uap
Details
File Type: PE32
Added: 2019-09-09 19:19:14
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Strings
		!This program cannot be run in DOS mode.
;0Rich
.rdata
@.data
@.reloc
PVVVVVVWV
j\YjsZjtf
SVh^ @
hBrLCSWW
hBrLCSWU
9x v.S
@_^][YY
9x v3S
$6Hi{/q
Configm
Delete
Delete file?
--help
NTDLL.DLL
ShowWindow
DialogBoxParamA
EndDialog
SetDlgItemTextA
SetTimer
SetWindowTextA
MessageBoxA
USER32.dll
StrStrIA
StrToIntA
SHLWAPI.dll
memset
MSVCRT.dll
GetStdHandle
GetCommandLineA
SetCurrentDirectoryW
ExitProcess
CreateProcessW
GetSystemDirectoryW
GetModuleHandleA
lstrcatW
AllocConsole
WriteConsoleA
GetNativeSystemInfo
GetModuleFileNameW
GetProcAddress
LoadLibraryA
HeapAlloc
HeapFree
GetProcessHeap
KERNEL32.dll
vhi],}
,"Icr3
HtCy^?m/
)/p]*I
8	@UbA
/U;r/R
rwj8]G
]x<b6/
!1*YPSR	&
3:`Cw:
ysI)}\
<l,]ew{
sK%@u,Q
)>6`x3
*v\lgxy
gg4w:a0B<
L"W'WhfKP
%U@4%w
[B' ;<
<%0L?H
K.on*\C
HV"wq4
=OEE);
br<a-V
WCbd"&[
",w_,Ph
|Pk-y[?
u|rE3	
o,,p97H
S_d[hyy
C|w6.:13
0$0,030:0B0L0S0^0d0
071B1Y1c1i1z1
2!2&242F2K2]2g2
3'3,3E3M3W3\3
4 4%474<4P4U4n4s4
5$565;5O5T5m5r5
;+=2=n=u=0?