Sample details: cef88187b396af7a9fe3d149b3466956 --

Hashes
MD5: cef88187b396af7a9fe3d149b3466956
SHA1: b21501305a2f42f3e191d873713a77096ef420e4
SHA256: 87a9c1055a48739702b94017b8d2b13fade019c6f8ea830f76e663de7da238b6
SSDEEP: 6144:WNaMq8dsPUIgcKxK2MijBrUB3m3O9lKrwRQzX1o:WaMzcKx95/4lKrwqzFo
Details
File Type: PE32
Yara Hits
YRP/PackerUPX_CompresorGratuito_wwwupxsourceforgenet | YRP/UPX_wwwupxsourceforgenet_additional | YRP/yodas_Protector_v1033_dllocx_Ashkbiz_Danehkar_h | YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay | YRP/UPX_v0896_v102_v105_v124_Markus_Laszlo_overlay_additional | YRP/UPX_wwwupxsourceforgenet | YRP/UPXv20MarkusLaszloReiser | YRP/UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasOverlay | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/Str_Win32_Winsock2_Library | YRP/UPX | YRP/suspicious_packer_section |
Source
http://fomoportugal.com/pato.exe
Strings