Sample details: e07ca9f773bd772a41a6698c6fd6e551 --

Hashes
MD5: e07ca9f773bd772a41a6698c6fd6e551
SHA1: bcf831adb7da755f5bd94796004956235da191ac
SHA256: 1fa633c329f814971afdf13ceea18f13a017a6b7aacf3f8c3ce02a8da4b09903
SSDEEP: 96:/ZPEkytTVuy/jsOyIR9RKIR9gCD8N5XzdU69rYOq/1YOq/Pq8qPU8:/ZPYYy/IkjRvjgCD8N1G69sOn
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/url | YRP/contentis_base64 | YRP/Str_Win32_Wininet_Library | YRP/Str_Win32_Internet_API | FlorianRoth/DragonFly_APT_Sep17_3 |
Source
http://updateinfo.servegame.org/jin2/jin2.exe
http://updateinfo.servegame.org/jin2/jin2.exe
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
@.reloc
??2@YAPAXI@Z
malloc
msvcrt.dll
_c_exit
_XcptFilter
_cexit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
UrlMkGetSessionOption
urlmon.dll
InternetOpenW
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetCheckConnectionW
WININET.dll
VirtualAllocEx
GetCurrentProcess
CreateThread
WaitForSingleObject
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
KERNEL32.dll
memcpy
memset
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwww
wwwwwwww
wwwwwwwwx
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwwwwwww
wwwwww
wwwwwwww
wwwwwwwwx
010^0d0l0t0
1/292?2E2K2S2Y2`2g2r2z2
2@3W3]3
4?4E4K4Q4W4]4d4k4r4y4
515=5E5M5Y5s5z5