Sample details: 06f6a0e923f4312442b9be7546c3a7a4 --

Hashes
MD5: 06f6a0e923f4312442b9be7546c3a7a4
SHA1: 1d92b9922ab14a87b0c82383547da67906cf531e
SHA256: 638cbe07f2c115073527ed092df472370280b169fff56e7cd098e784cd80e2a4
SSDEEP: 3072:5C8Ao7mQy314yB/kK/eP4o5H32XZ0s7H9kKv3ba3pZvKsyi8ud:EPQnfK/eg8H3K0s7H9kqrcpYsyid
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba |
Source
http://unifscon.com/R9_Sys.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Ostepulverne2
Bitte1
Hydrolysate
Hydrolysate
Mellemfristet3
Pygmalionism2
Adurent
Phytophaga5
Bepester
Mercatoria
Specialprogrammernes
Philippicize
Udglat2
Ruckus
Launderable
Bulldozer0
Brevicipitid
Diaskeuasis
Skomagerpottens
Shanghajer
Personalekantine4
Mrkesagers2
Northerly
Monostatic
Enthrallingly
Renommers
Taxikrselen
Supermaxilla3
Udadvendthed0
Ordklassenavnes3
Dvrgenes6
Ludderens
Vellyd7
Folkedanserparti2
Afflictively
Fdselsattester5
Asymptotically
Undervisningsfils6
Prohibiter3
Forsoegs3
Coiled8
Sanatoriet
Enflesh5
Bnkhager4
Blessed8
Necking1
Tropsvelsen
Bloddonorer8
Kingfishers7
Skinsyge2
Fattende5
Skakpartiet
Recepturernes7
Sestertia
Scotopia
Billiggre
Enetageshuses5
Monomerous
Talemden8
Siderites
Bltalers1
Preperception
Paladset
Relent
Ribstrikningens8
Nonmanufacturing8
Alkalin5
Fribladet
Udfrselstilladelsen
Bengnaverierne
Strygetlet1
Telefonnummer
Bidragsberettigedes
Bobbie6
Skler8
Mfikke1
Anstryg
Rundkastende
Brogh5
Vanskeliggjort
Forskrk
Porcelaneous
Tamtam
Isovaleric
Shaping4
Pedometres7
Gobelinvveri2
Semihiant5
Faldlemmes7
Pervalvar5
Cutleriales8
Trompeterende
Extracellularly3
Antiopiumite2
Medleying0
Nonfeelingly4
Unaloud1
Kommunikationsbranchen0
Miniator2
Amfibiebden
Konstituer
Rynkede4
Glaciologer
Psyken
Myelities3
Folingerne1
Chefstolene
Blennophthalmia
Brokket
Udsvvelser4
]c-A(.s
7GB	=m
&wwi3(
Q&\xE+
ek5m1F)-i
*bg3ks
(wM	.&
0L-rs8>
BHdWdB
HH`P\+
# <.&X
,Q7_?iF
/jWeGB
sT){J(*7
c(u	2Br
:+!>z8
d,KB,5
.%Sx%G}
?[KaEa
z}+EN$
M9B2MEje
p$jaOK
0+4JK))
IG,6a>
qsxI<-(
mCt6&Y6
Q:M:8I
7#L^'j_
`.9&GR
b$S)vr
1.UjHjG
n0xaDj
`4q}fX
Edf~=K@
B{9PnF
@|Pfwy
jeUfIy
z*%#si
etJ]lI
iG;[oTRK
TNcQ+q
WVe|WgcD
! :uFO;*{:7
O6.'[(
>3u@!0sD
m|kb'{
R2@we<
AOCt\!
CxeN`*
d\T{})
%zI'O{
	_l{63
5N|dJ.h
]c>DD)
b|g'RN
R%I8wR
[oBeT9l
2xni+x~
+r2`$S
oB8PtY
y,#P}g
9IA*1Au
J?8y1@
:G-C|N
Mm#Rog=
Kq\};Q
~Hoe>U9
i5gWK%
<W4m'K
*7!?}Y
K~ao@-
_+(k1A
{D[1SV
+<s7&>j:ev
mS@1^"
Wc"k2"
Is1<0I
&hx:y8
P*-"Z4
;~l3|m
=QJwJj
9Ndk1n
rrnnhx
1Ah-oC:I
+TW9\)
qq-0>Dc#
4-_UO&n
uKnmUa
yf/Z8?
8Ej."z
|'Isn|
JEqp9!
1Ma&GP
Z4}9kd
)(UU K
C!i4w2
WxI:\Ts<
bQW&@97:
;2UO?:[
V9P	{m
uvQd@a
},l-MIx
[''S :
NR(PFh1
eP`jGS
f6d&St
<}MLkX?2
xsp#EdP
bu%H~I+
arYl> ,X
'd$x)M\MH
H::"Rv
6zF<N|=
K)TyS;
'~:{!I
NzCl-K
)*?||D
]X>VXo
s8o:0t
A]t?vKY+_
^{c/YS
/s1v}D_
rzEez5
+<0Sl\M
l}nb~G
~m%&D(+-
SmUz(@
?kR:v"+L
%M3#/q~xd
Aj.1Tw
I#Ir)QB
CG7Vruvr
KS=:F"
%+jIqaDu
na-}j<
cM-XlW1
_VzBzTZ"
Rc>nBtv
m(bv{=
!&iMN)
6_'OsL`
6-<-j7;
tM)Sd}3
R\Y'^y<
MeON\D
OpdUkU
 7%2|L
EN4Q$C
L%p`p/
c$W,f=
Ce C]x_
lR9V7y
S<	ON|
B>5U]v
PG=C=&E
sA*(ZHq_F:+
ky,OLFbP
gv^bwU),
$-Ia=o
\Yxkz6
3	%_?!
0~)8sFEg
4	5=e	
QGanBz
O'qJNb
{1)CM$
]thk}D
N[~^(r\
AIm!\u
M}~)4S
O\0gP#
qG`8yNkk'
!Yh[`r
3LR[G]I\c
+PWshd
t<	KA3
R6w,;t
=$bPH)
qj1p0zt6
ZCNe}[Y
?SW[>I
k;xa)vCiZ)
rJS`FIW
9==z8J
ewkU,&
$5;[C3
xD(6 @
S%AH8J
nqeNN{?#
i	Y)@an
lrnJ5O=
&O,[$?
jwnho~
eZ2pS~ky{HM
1'rl.>
uo<	/3
kC0VY 
e7@&2#
%d` (JTl
Sn	Kc*
|H,aHUdK
v|d#]H
:z#xN43K
p5| &@0
)to:1	r
xrdb+$
y(CwON
oD*q7[
	iEy\"U
h0W'*2
x87oZ3f!
T4q9>5
M*ISl|
kernel32.dll
KCj@@Hj
@H[KCKC
@HKCKC
@HKC@HA
CCreateFileMappingW
MapViewOfFile
hEWd;j
shell32
Shell_NotifyIconW
%Jk|'R
HA(RTxtb
Rasbora7
Ising2
Infimum
Pbudte
Cruzadoes8
Vandbrerens
Standardizations8
Dobbeltdkkerbus6
Bisonoksers2
Tripart
Falsendes8
Kompasskive1
Sphaeropsidales
Inkless
Uxorially
Propulsor5
Landbrugsvirksomheds
Drilleriet
Azerbaijanese7
Withsave
Tweedled
Continentalism7
Bandmaster2
Stillehavsflder8
Eskorteringerne8
Energized
VB5!6&*
Gadefejer2
Aiguen4
Ostepulverne2
Ostepulverne2
Bitte1
Udglat2
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Fdselsattester5
Ludderens
Specialprogrammernes
Ruckus
Forskrk
Mfikke1
Phytophaga5
Kingfishers7
Bidragsberettigedes
Brogh5
Shanghajer
Drilleriet
Paladset
Sphaeropsidales
Dvrgenes6
Tamtam
Recepturernes7
Infimum
Rynkede4
Continentalism7
Launderable
Coiled8
Renommers
Fattende5
Unaloud1
Asymptotically
Kommunikationsbranchen0
Folkedanserparti2
Monomerous
Eskorteringerne8
Pygmalionism2
Bisonoksers2
Skler8
Myelities3
Faldlemmes7
Relent
Udfrselstilladelsen
Tropsvelsen
Gobelinvveri2
Blessed8
Konstituer
Udsvvelser4
Chefstolene
Tripart
Prohibiter3
Medleying0
Shaping4
Necking1
Fribladet
Sestertia
Siderites
Mellemfristet3
Kompasskive1
Rundkastende
Bepester
Northerly
Monostatic
Glaciologer
Preperception
Semihiant5
Scotopia
Enetageshuses5
Skomagerpottens
Tweedled
Blennophthalmia
Enflesh5
Brevicipitid
Taxikrselen
Cutleriales8
Strygetlet1
Telefonnummer
Brokket
Personalekantine4
Miniator2
Extracellularly3
Udadvendthed0
kernel32
FreeConsole
VBA6.DLL
__vbaStrCopy
__vbaStrCmp
__vbaFreeObj
__vbaCastObj
__vbaObjSet
__vbaNew2
__vbaObjSetAddref
__vbaAryDestruct
__vbaFreeStr
__vbaFreeVarList
__vbaHresultCheckObj
__vbaInStr
__vbaFreeVar
__vbaVarDup
__vbaVarMove
__vbaAryConstruct2
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaAryConstruct2
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
_adj_fdivr_m32
_adj_fdiv_r
__vbaVarDup
_CIatan
__vbaCastObj
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj