Sample details: 0bdedd87788d91a6150f0b18c355e181 --

Hashes
MD5: 0bdedd87788d91a6150f0b18c355e181
SHA1: cbb467dc82e9df055407f2d1e0bc1b9851764f46
SHA256: 5d9b5da90aa67f43c56cb94dc40342efa8074b05037e9bf4075423e2099ad350
SSDEEP: 6144:wL5FeiFWt2c7or5fle61iPtGRKtnwVaO/R2jxUFKjSL:Erzku73Qnmv/RZ
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | YRP/SEH__vectored |
Source
http://www.centerweb.es/soporte/.eval/en/sys/agr.exe
http://www.centerweb.es/soporte/.eval/en/sys/agr.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Inapropos
Solhjde2
qG@|vF
qG@|vF
qGg|vf
w(zlmGmmlllqzz
mgghhhGGGmmllqzzp{llmhl(
G@@@@@@gghhGGGmllqzt(Iv5gG
R|||||5
@@gghhGGllsxGvB@@G
@vvvvvv||||5
@@ghGGtw^R^`
Jvvvvvvvvvvv|||
@@glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qppplF
(gvvvvvvvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|TvvvvvvvvvvvvvGmvvvvv|@
mhh@llggq(
vGzpvvvv@
\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
\\\\\fFFFFFF5
@lmvFF
G\\\\\FAA
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGv
FFFF\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvl2tppqx
AAFFFFF
gGppqmpr
AFFFFF\v5gmmhG(
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM
|rrf[co
yjyyyyjyyj
QQQQQQyQ
vr[zvQ
ovbXvq[fvXM
]ooo'XXh
1!4__h_X'@'[
'X__;___@op
0X__;;;;;_
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
A2232S
UV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
%35Q/{
Solhjde2
Unbeautified
Jamming1
Bluecurls
Conglomerator6
Uvejsomhedens
Calesas
_]-U8>
o2))W.
ZHAD~J
4nqS*O
@OUa<v
%Z7j1x
2G;?@0
@gfAn/b
qyeS{`
#6iaU6
}D+\xc
2pL,J'
NO Ygk
\[i=Q]>
ymn8S}
#k*^Q 
8NuFs/
T4V4RZ:5
#~|be0
FA>_s}C
sO#Q sO
<b	!	fA>
wB\CJt
'r4v4T
K6*&em
LuWGF:
oz|TBv
s(&vVf
%|U"w*
$[Nmo,
;.1@	p
#PoH|*
NT"cF/
,>f)czao&
X{K,Vn
cBd=BI
*Eq[3?
j3c[0-4
]a1}qr
w~3Tz1
"q32CX
8_v-{U
pQh)wyx.
<(ZE~?
NZ.(Q+N
~-u	uJLg
B]c{ES
Im%MDy
U004'NEH
t1P/o7*t
GI^F4c
%]aj_{""VOA
C(M /[lEw_
?uV%+f
&D!lB1z
c.Br[f4a
84[Y\x
[~A}p\2j
r',-d9
(%F]"8
se~+/WD
Z)l|";
TadrIDZd
%AvvE'
	Z9Vc<
uO8)"M
QyFEsm
P2\*{7f
l)@NS[
	i2)?'VI
*2<3Xgy
$2;8e"
gH($u#Z
JI??dj
	"I#X6
HB$h&-
3b]Z{.
OP#pOO
-t{Hed
q\_EsV`<{
=x<Kr3
qQ$q]JI
sjnC0^
y<\|uC
x B/vv\V
*|5h	bz
x(]u)r
wGX1(%
{j#V!(
=C=7T 
=&JP;P
\nfAP:
`v`*e=N
*ocNm~k
1vBb4C
LYbao3
JkrH:`
6~iJ\F2
uXqO?}
f(x37|
GiP=i:+2
 |\],l
TbPLm~
M"q}Z)}V
_A,rEbvJ0:
OpYC6Oj7u
;	br1i
d*&hM?7@e
[h;SY{
~kN7js)
aU`}2'R
#VTLtv
l6QYsB
.w\;:/
7sW -<x}
't$=8U
8PG3dc
EF{--R
.:z34[
-Vt.O 6HV	cG
|AsX	^5
Afu-G[
-%:k5@
KIySgC2
cZ|U6O
fS;8jP
b]Xc5{
8}0X]a
eK^;nU&P
bKJs_k8
BPGf7'
_nhV?"Z2
teB6]1
 zR^jn
"S}n!a
nM}~;)4
I%"|$$
+b,6R7
c-\#\ n
lN#NZ-wn
je38]L
Dw3KK	
TC@hFv~
#]JrSX
7HHgc@!%
R?ZuJ`
M"oAHg
m:*$>=
_;oJ'#
Yzj?AU,
G!CmcDm
wpf}6;
PZ:Zi^H
GraLgl]
6t4Zm?
m`Ur-2h
>4qG,U
T'%uUI
J(>.&-
C+:Qf6
QBH{a"
[MCi.o
B4j\we8
"O	'`9
>m1s#P
ecHMj>
_)+L5 
CTq@iV
/PqC^K
>5m?bm
HC^|@>
@WQ]((8^b,p
}f}b*Jh
o=.%/xg;
	>|a~H
"-!v*|]
zSq>ka
XZK&1'C
cZ"(Q-q
k	,.xO
>R}4Dk"jTW
ya_>8%
a8EDIZ
zKcj^${
#i=& w
q%SIn^
z%POe}
z,-YBy
E1}>_	
xDZ7%6`
JlE_fz:
<Y+x3-
:S/$|2LD
s@Q6up
s5q:mW
g_V$4Ng
()y'#a
a[kOXY
p{1I3's
nxinDf
rD7aTs
t	Ai9`7,
V35sdJ]
L'>*'F
'WHb*)
Q_^]]\
4euKYl
NC{+``
C!$nGE
)9'6Wp
JO\aBt[
^*h6}qh
jOoX#G
cn?wHB .
;(3SM4zO
BlAP6j
sZ\.K*f
ZY'q^/
#q$aT$
#!LlUJom&
TT1d-A
P3M|iJ
i	$ [w	
ey':*/
2b:%$$
\)@Rcu
y,$>LK
Or a.?
?&+T#C
DJ=k57rT{
[J%"rcA
D=eBEf
3a.[I[O
v^di&-
qc"Xu+
tO%05/
NRr^}k
>ZzcO$^T
Wb[j`0
-aeWi{k
&1l)0E
F+s%bj
m'uz|r
m>i0	`
fE)ezU
*LJ?ZF
{44ih-
 5_hOh
Lqw)_$C
3ipP3F
>i/_I8
G~Ckbe1!x
L?F-P>
YbM[0/
8 zXe>|
[Z"}v+
w.ue`"l
Jo6cvY
f3gmkR
(cv4|d#+
EcGb@fgJ9$kM
vZ 9dJ
XAZViZ"
 }v4Ev
FR`857
8c	<^XQ
+:r.JN
{6pq0.
Z;i"e?!$
y}]f'~]bC
NX50f%R
xd$iU6
L#I;vZ
(RLT5(
2M37)d
[Z[/L_r
eL-%lEjuE
=QXQp"<
bX&,M<
OX[n#U
\KVc>4
\OE[>S7q@
X:ZCC[h
x&/*l|
2~cb`0
xc\mjg1_
P^,Ip}
*^FZih'e
Bf_)p<
{dSXMc
bCgl<j
SHELL32.DLL
Shell_NotifyIconW
PHeapAlloc
KERNEL32
L>&"Hr
'frDfh
O}N!WM
Misapplying
Demoraliseres6
Overblindly8
VB5!6&*
Benches
Korrektr
Inapropos
Inapropos
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Calesas
Bluecurls
Uvejsomhedens
Demoraliseres6
Unbeautified
Jamming1
CreateDCA
kernel32
HeapCompact
user32
OffsetRect
WaitMessage
ADVAPI32.DLL
GetSecurityDescriptorOwner
VBA6.DLL
GetTempFileNameA
winmm.dll
midiInGetDevCapsA
ExitWindowsEx
GetMetaRgn
SetConsoleActiveScreenBuffer
FindResourceExA
GetSystemDirectoryA
imm32.dll
ImmGetCompositionWindow
SetServiceStatus
CascadeWindows
ActivateKeyboardLayout
LeaveCriticalSection
ClipCursor
AddVectoredExceptionHandler
CloseWindow
URLencode
__vbaErrorOverflow
__vbaBoolStr
__vbaSetSystemError
__vbaFreeObj
__vbaNew2
__vbaFreeStrList
__vbaHresultCheckObj
__vbaStrI2
__vbaStrCat
__vbaStrMove
__vbaStrCmp
__vbaFreeStr
MSVBVM60.DLL
__vbaStrI2
_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaBoolStr
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj
%35Q/{
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
|rrf[co
yjyyyyjyyj
QQQQQQyQ
vr[zvQ
ovbXvq[fvXM
]ooo'XXh
1!4__h_X'@'[
'X__;___@op
0X__;;;;;_
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
A2232S
UV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
qG@|vF
qG@|vF
qGg|vf
w(zlmGmmlllqzz
mgghhhGGGmmllqzzp{llmhl(
G@@@@@@gghhGGGmllqzt(Iv5gG
R|||||5
@@gghhGGllsxGvB@@G
@vvvvvv||||5
@@ghGGtw^R^`
Jvvvvvvvvvvv|||
@@glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qppplF
(gvvvvvvvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|TvvvvvvvvvvvvvGmvvvvv|@
mhh@llggq(
vGzpvvvv@
\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
\\\\\fFFFFFF5
@lmvFF
G\\\\\FAA
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGv
FFFF\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvl2tppqx
AAFFFFF
gGppqmpr
AFFFFF\v5gmmhG(
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM