Sample details: 04a9748ad4c2ae1af0f49778a3eba21a --

Hashes
MD5: 04a9748ad4c2ae1af0f49778a3eba21a
SHA1: 63e9eaf3da60a9b9f6e04fbba1d8eeff42807c3f
SHA256: 04f7c84ef6b130f25271562f2c24a84d3812081e08fa0e9ddce62e7fefa002e5
SSDEEP: 3072:SuIwgz85yPoSGs32r1nRpdSm1ZDJiKR5L1jnHUmoQRFMgq:Bb5wcJt1Z9iKR5L1jaQE
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/DebuggerHiding__Active | YRP/SEH__vba | YRP/anti_dbg | YRP/win_token |
Source
http://unifscon.com/R9_Sys.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Elektroteknikerens3
Reimpression6
Bildkket3
Bildkket3
Dambrikker3
Tabueringerne0
Setwise2
Unharmonizing1
Greenyard1
Basalten0
Aneurin2
Responding3
Antipharmic
Multitasking
Armkrfter
Bloomerism5
Lavkomiske
Chechako7
Relationsalgebraer
Momentos0
Lokalplanrammens2
Nonconfiscation
Resultatopgrelsens
Embrica3
Antipode
Annammelses
Klientportefljens4
Earthshine5
Bruneierne6
Nominatrix
Toastmistress
Sways3
Stodders
Hndelsernes4
Landbrugsjordernes8
Ubeskadigedes2
Kvarterer1
Runderedes0
Jernhrd
Overtalelses8
Ungashed
Prostrate3
Microbeless
Fraghan
Encroaching2
Cantrips7
Corymbed3
Levedygtigst8
Fllesflelser7
Talgkirtels3
Etapelbet4
Miticide8
Furciferine6
Forlbent6
Argenteum
Quadruplator0
Prospective6
Bordfyldt8
Futurologiskes
Centralization
Svaleurternes
Philippine8
Bankassistenten1
Brandt6
Nondeclaratory
Viselig7
Festtale
Bottlenose5
Charlenes7
Musketproof5
Mynterne8
Forureningstilstandens8
Fremtrden5
Vrdihfter0
Saltninger
Skftningens1
Dyscratic
Kreprvernes5
Halogenlygte1
Fjernlagerets
Udklasningernes0
Singulrt1
Efterflgelsen
Arpeggioed
Outgambling4
Panyar5
Overwords
Saprogen
Opreklameringer7
Presumptuousness
Gloriosa
Djvelens0
Svippedes
Sexisten
Adresseringsmetoden2
Mucosity1
Nedklippe
Irgrnne7
Hviskhedens
Ambitendency4
Accessit3
Foredragsrkkens
Tungetalens6
Precipitatedly
Supercommentator
Overmerriment
Epidemiologis
Effektiviseredes
Afvrgedagsordners2
Klippene
Arbejdsbesparelsens
Acrocarpous
Recontaminates6
Rummer8
Decurions5
Grobundes1
Ancipitous7
Thwarting5
Chlored7
Uhensigtsmaessig
Gennemproevet
Lystspillets
Intertriginous8
Jernstberierne5
v9zDJk
Je]BZz2
7SN!XM
_!)/C$6fp
A8Z=JL
SPg"dJ
t!Iy%U"
F4{2ZZo
DAz,a1T
}W}#<w
wq)&u?
<#FAiD
^cBEhK;k2)
8NS}zg
oj.fOa%B/r
@H#4!^ 
qIZNxS
C%Hgmt
`EZjaG
#EdW_Tk
`QEo#k%
oY78+:
}r3R'E
UNBW!$
Ft6+2(
r5TAs+r
]#`6_{
IG"?aj^
L5v`Q>|
^E+qXV
ZE\gm<
Qz}4m>1S
ey|5	g
Rug_yh
/w}-n 
NFx31Ad
sI%R%C
F6U!95+
P4opX+
..D['7
yY H>Fw
Z"?Rr^u
BCk^\dC
&T_b-]v!
&A_,  
>e6.t:
0U$<Zq
izuxtHbV
VVnl.p
eG.zr[
dZ1Z(szF
/%/2h$
.xnu#9
"Z_?lO
&Wc$Y1
;t;5b[
4+W}V\
<;	q:8
T$Aq8b
p_{mf:@
W>v$^3_
NXAMK2
{4;Vng
Kuw0	"p
AqWgO*)
wi@>s.
NM\WmpQ
eb"os/
*H>dV_
qq^h	^a_
sA	?iC
es*zC^
nUU=&J
e>XMu{
gVxjj[:
Osg$voH
o#o4/n
M&QSSss
EHE&rR<
.Y.CW]
c_!7w#
D:A`o|
5~$-&4
COt^r[
5Lt_nr
Vr{y+c
9s`@9Z
sIKOKo
~&m-^n
MXec/!
6)4[Qit
07g!6]3
+[T4Sx
$VW88a
s.g-X8lF
8<k(;x
P&C?CBr
*G,<^^[K
I6eN5B
VT	hU]X3_
5JlN@U
Bq<N}A
npT)^V
2NnpR	
.0t`3]
QNF<b.
u!4F@H4
0#P9u"
&T"DHo
!7?T5XslAIp1
sZF$kP`
}|{>h?
f97^cPi
v^L	Rh
}Ux^"}n
miP@pM
K~h	k	
\/Y89Vq&^Y
<{s;kQR
p|U##?
%i5A{	
E	Vd+6
S< RC=}L
[}}BBu
 eHJWp
K*F_}W_Y
G`a&U2
maX}F^
!)J2'a2
L#27[&
/jO<a$
Gzv3!7q 
5t@uB?Zq
V-E\(f2_yZB
pvR-+a/
fk\8NU 
cm^m17
4Y^d!_
TR|{I{
^;%KL:9
DAieRh
_eht;K
.g+1\p
Aq'/6a
bC]J^~1jR
"+5xxZ
\SKZ^[
<O>$	z
 -VrHa{6[W
v,]"Gx
lX+~]8"
Fg!Un/
&_e/8%7
EfT^#A
%```B_
noo;V?
WhTU^x,Zz
uTiiCaY
\.a>2L
P8H_|>
&8&$5Gk
%?|TO"
"	h,*_0ll
~v.$4=\
OOtf?{
Q1)j4'
+?<RS&
N1<J~S
fdC%{!
ZAqq/hsCQ
a4GrNW~
FusDwT`
M|8@e4
}cp	Jp 
$+#,`O
kernel32.dll
s@H[KC
CCreateFileMappingW
MapViewOfFile
SKCSKCT
shell32
Shell_NotifyIconW
89K=m=
su2&nw=
8MK-b=
sugJ#z=
8-KB`=
|u=+6U
89K	`=
{}u=+6E
7}u=+6
}u=+6}W
6su=op
yu=KWc=
{u=J9z=
upd3tgK
Q9]'Q1
jtu=),!
{u=),I
su>%s}=
su>%s}=
()JD~=
su>=s}=
()J`~=
su>=s}=
xu=J/~=
su>5s}=
su=)2q
8`2u=+6!
pu=)6!
b[)9s[
u2'*w=
89Kr{=
"ru=),}
y"*gr=s
8qu=IA
$qu=).y
{6|"HuHV
sue"KtH
6su=K#
sueJ\t=
ru=K/s=
sek]&U
w[)g}[
+7~<d7~82
)3em+6
)7Q5)/Q9
=-)7Q)+?Q5+/Q9+
4lc3OO
=Jsu=JW
Osphromenidae
Ansvarsforsikringsselskab
Nannyberry3
Mirbane
Skorstens1
Headgears2
Deciderede1
Stereoisomeric1
Sphindus
Rubicundity
Buldoggens6
Nonanarchic7
Rescrutinized
Kikuyu
Cerebrosuria5
Lumpenproletariat5
Choose7
Walesbollens2
Hrgning5
Pejas6
Sierraleonernes
Animato
Aende2
Pontvolant4
Apothecal
VB5!6&*
Hotspur0
Elektroteknikerens3
Elektroteknikerens3
Reimpression6
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Brandt6
Etapelbet4
Unharmonizing1
Lavkomiske
Basalten0
Saltninger
Nondeclaratory
Acrocarpous
Toastmistress
Antipharmic
Arpeggioed
Philippine8
Epidemiologis
Pontvolant4
Svaleurternes
Buldoggens6
Jernhrd
Lumpenproletariat5
Skorstens1
Festtale
Grobundes1
Effektiviseredes
Gloriosa
Tabueringerne0
Argenteum
Quadruplator0
Ambitendency4
Jernstberierne5
Talgkirtels3
Microbeless
Klippene
Runderedes0
Irgrnne7
Relationsalgebraer
Tungetalens6
Recontaminates6
Armkrfter
Supercommentator
Gennemproevet
Nonconfiscation
Momentos0
Cantrips7
Ansvarsforsikringsselskab
Hviskhedens
Landbrugsjordernes8
Singulrt1
Adresseringsmetoden2
Halogenlygte1
Presumptuousness
Bottlenose5
Lystspillets
Stodders
Osphromenidae
Futurologiskes
Svippedes
Kikuyu
Furciferine6
Charlenes7
Ancipitous7
Prostrate3
Fremtrden5
Overtalelses8
Mynterne8
Mucosity1
Klientportefljens4
Aneurin2
Aende2
Embrica3
Pejas6
Decurions5
Levedygtigst8
Deciderede1
Accessit3
Bloomerism5
Bruneierne6
Fjernlagerets
Udklasningernes0
Chlored7
Antipode
Dyscratic
Ubeskadigedes2
Sphindus
Fraghan
Dambrikker3
Panyar5
Saprogen
kernel32
TerminateThread
CreatePolyPolygonRgn
user32
ShowWindowAsync
GetObjectA
GetProcessHeaps
LoadCursorA
CloseWindowStation
GetOverlappedResult
winmm.dll
mixerGetLineControlsA
ADVAPI32.DLL
EqualSid
LockWindowUpdate
midiInPrepareHeader
DebugActiveProcess
OpenProcessToken
GetCommMask
FileTimeToDosDateTime
IsBadCodePtr
SetPropA
PolyPolygon
GetCurrentProcess
GetClipboardViewer
GetDlgItemTextA
RestoreDC
midiOutSetVolume
SelectPalette
GetPolyFillMode
DescribePixelFormat
GetActiveWindow
HiliteMenuItem
BeginPath
timeSetEvent
CharToOemBuffA
SetCursorPos
GetKeyboardLayout
ReadFileEx
MulDiv
GetStringTypeW
TranslateAcceleratorA
GetQueueStatus
EndPagePrinter
AngleArc
GetUserNameA
FreeConsole
GetLastActivePopup
GetFileSize
GetAce
AllocateAndInitializeSid
SetSecurityDescriptorDacl
GetCommState
winspool.drv
AddPortA
ScrollWindow
GetNearestPaletteIndex
GetTextCharset
DestroyIcon
FindFirstPrinterChangeNotification
SetProcessWindowStation
WriteConsoleOutputAttribute
SetActiveWindow
MapDialogRect
MessageBoxA
GetSystemDefaultLCID
SetMenuContextHelpId
DdeQueryNextServer
GlobalGetAtomNameA
DeleteAtom
IsCharLowerA
GetAtomNameA
ExtSelectClipRgn
GetFontDataA
AddAce
GetEnvironmentVariableA
OpenBackupEventLogA
DefFrameProcA
lz32.dll
LZCopy
msvfw32.dll
DrawDibDraw
joySetCapture
GetMessageA
SetThreadDesktop
GetCursorPos
AdjustTokenGroups
ReplyMessage
mmioOpenA
LocalFileTimeToFileTime
shell32.dll
DoEnvironmentSubstA
CreatePalette
GetPixel
GetDeviceCaps
SetWindowsHookExA
RevertToSelf
timeGetDevCaps
ExitProcess
SetScrollPos
PdhCollectQueryData
midiInStart
SetAbortProc
CharLowerBuffA
IsDlgButtonChecked
GetSystemMenu
UpdateColors
AddPrinterA
GetNumberOfConsoleMouseButtons
PeekNamedPipe
EnumResourceTypesA
OutputDebugStringA
SetTapeParameters
GetScrollPos
WidenPath
SetupComm
mmioAscend
RegNotifyChangeKeyValue
SetMenu
WNetEnumResourceA
midiInClose
CloseClipboard
GetForegroundWindow
GetMailslotInfo
FlushInstructionCache
RedrawWindow
OpenPrinterA
waveOutSetPitch
WriteProfileStringA
imm32.dll
ImmGetCandidateListA
DefWindowProcA
LookupAccountSidA
UnrealizeObject
waveOutGetID
FindFirstFreeAce
CreateHalftonePalette
IsCharAlphaA
ReleaseSemaphore
EnumJobsA
SetLocalTime
EnumFontsA
version.dll
GetFileVersionInfoA
midiStreamPause
mpr.dll
OpenClipboard
WaitCommEvent
SetLastErrorEx
midiOutMessage
MsgWaitForMultipleObjects
GetLastError
CreateCaret
DebugBreak
VBA6.DLL
__vbaVarAdd
__vbaI4Var
__vbaCastObj
__vbaFreeVar
__vbaVarMove
__vbaFreeStr
__vbaHresultCheckObj
__vbaFreeObj
__vbaObjSet
__vbaNew2
__vbaObjSetAddref
__vbaFreeVarList
__vbaVarDup
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
__vbaI4Var
__vbaVarAdd
__vbaVarDup
_CIatan
__vbaCastObj
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr