Sample details: 913529b4ac99528e4b94d28cee1cf12d --

Hashes
MD5: 913529b4ac99528e4b94d28cee1cf12d
SHA1: 1b5c1c566874201e0811d5e8baabf276abcfc431
SHA256: 9c31274413fc5d197559d1c5e52afb7b7f4ad80042511d7b1a41c6433c814840
SSDEEP: 768:X4tkB3mJOlyGdPGyyzGRvzf4lddl/q19cpO:X3m8dPKKVzwl/Uap
Details
File Type: PE32
Added: 2019-09-10 19:49:15
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Strings
		!This program cannot be run in DOS mode.
;0Rich
.rdata
@.data
@.reloc
PVVVVVVWV
j\YjsZjtf
SVh^ @
hBrLCSWW
hBrLCSWU
9x v.S
@_^][YY
9x v3S
Configm
Delete
Delete file?
--help
NTDLL.DLL
ShowWindow
DialogBoxParamA
EndDialog
SetDlgItemTextA
SetTimer
SetWindowTextA
MessageBoxA
USER32.dll
StrStrIA
StrToIntA
SHLWAPI.dll
memset
MSVCRT.dll
GetStdHandle
GetCommandLineA
SetCurrentDirectoryW
ExitProcess
CreateProcessW
GetSystemDirectoryW
GetModuleHandleA
lstrcatW
AllocConsole
WriteConsoleA
GetNativeSystemInfo
GetModuleFileNameW
GetProcAddress
LoadLibraryA
HeapAlloc
HeapFree
GetProcessHeap
KERNEL32.dll
vhi],}
,"Icr3
HtCy^?m/
)/p]*I
8	@UbA
/U;r/R
rwj8]G
]x<b6/
!1*YPSR	&
3:`Cw:
ysI)}\
<l,]ew{
sK%@u,Q
)>6`x3
*v\lgxy
gg4w:a0B<
L"W'WhfKP
%U@4%w
[B' ;<
<%0L?H
K.on*\C
HV"wq4
=OEE);
br<a-V
WCbd"&[
",w_,Ph
|Pk-y[?
u|rE3	
o,,p97H
S_d[hyy
C|w6.:13
0$0,030:0B0L0S0^0d0
071B1Y1c1i1z1
2!2&242F2K2]2g2
3'3,3E3M3W3\3
4 4%474<4P4U4n4s4
5$565;5O5T5m5r5
;+=2=n=u=0?