Sample details: bfb1b51cbb7e33e07fa584f54de34193 --

Hashes
MD5: bfb1b51cbb7e33e07fa584f54de34193
SHA1: a756d28061ce607c68a47c5b0f6a0f490ffb9841
SHA256: c447ee4922708d0453f9480f27fa2163c01e96515f4011f5c63d87ba9c02b196
SSDEEP: 48:ZvtiCj1ntzb7WdzcbOQrFf6Kb6V+sMGYA2jzq6cf:Z1bfbVbOQxyLN2jzq6K
Details
File Type: PE32+
Added: 2019-10-09 11:59:51
Yara Hits
YRP/IsPE64 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/FASM | YRP/domain | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Strings
		!This program cannot be run in DOS mode.
`.data
.idata
?L^v/MT
L^^/MV
L^^/MV
L^^/MV
7L^v/MT5
/L^^/L
L^^/MV=
kernel32.dll
GetProcAddress
LoadLibraryA
VirtualAlloc