Sample details: 2afa0d8b9349ba770f5c4e5e0cda5bd0 --

Hashes
MD5: 2afa0d8b9349ba770f5c4e5e0cda5bd0
SHA1: a1cd46219893137d02b305f94e3cec4b0777bac8
SHA256: 5ee4f7e9fcc0ef5a0887440ff8139d4c3bfb49a64f68592c56b62f53c1149bef
SSDEEP: 6144:ybsEo93GOOKon+dvQMYy8q2C/w8JPSVk107:DE4GOE+5Qf82kWk
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | YRP/SEH__vectored |
Source
http://www.centerweb.es/soporte/.eval/en/sys/adp2.exe
http://www.centerweb.es/soporte/.eval/en/sys/adp2.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Hjrnesparkene1
Bombay
Ritmesteren
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmmllqzzp{llmhl(
G@@@@@@gghhGGGmllqzt(Iv5gH
G|||||5
@@gghhGGllsxGvB@@G
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv|||
@@glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvv
vvvv||
qpppIF
(gvvvvvvvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvFvGmvvNvv|@
mhh@llggq(
vGzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
le\\\\\fFFFFFF55
@lmvFF
G\\\\\FAA{AAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGvFFFFF\
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty)
AAFFFFFFvlttppqx
AAFFFFF
gGppqmpr
FFF\v5gmmhG(
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM
|rrf[co
yjyyyyjyyj
QQQQQQyQ
QQQQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'@'[
'X__;___@op
0X__;;;;;_or_rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
AA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
rstuvVwxy
cdefghijklmn
[\]^_`ab
RJKSTU
BCDEFG
789:;<=
./012345
!"#$%b'(
+-E8_d
%35Q/{
Ritmesteren
Transmissionstider3
Indigena6
Teknologivurderingsprojekter0
Electromyogrammes
Lymphy0
Ilsebet
Pluralizer8
X}Lf&(gk
7"1pyc
Xh-sLq
-+Xd	)=
2y-z{hc
'}k&1e
wMvQM5^
\Bm=w(
<<3/pD|J
wPG x6
@0PBZS
 #'ed#Q
JzovOj
~XCwOY[g
h5$DQF
X_&8lM:k
 OIF9#
gCP>'6
&/y1)E
']4|k~
^ZKNNC
z~-)(0
0E/`G"
gMf&9/cy
Oa/1hwy
Bnc{FB%
(X9hD&BVw
Tk1,L,y
qrAUlv
Gn	a#I0
v0VzzdY
rdVF(wZ2[
AnBwe=
;:9(WT
)pZear
>P-bwf;
8>8n``
K0g"o3
GgTm<U
8`w	YJ
VA 0 $K
m<	\[uA
$-42~]
!=GI7PgO
i[$aq;
-J9rg~
{([0j'I
I(4&!g+
Zz~^)4
X)qMr`
L}x7; 
'?~!ch
l`B]G_
p:hb9q~
UL<{W{l
 !Khc:Vz\
4qN>x#
2fs>#[
TIn	H(
,f>wiY4|
b9Mi,qoK
._Y'O%U
'oNt.p
Bkg_6?C		
M-tAI)
?ZbwL.
LPDcW0
OYVR%b
_!$B^H
K?V_^&
DuzYl+'
"gM*qu.
BnrwLgL
Ow{`uA
Dn8Am,
sLu!Y+
sW1bGD
(&h EV
+=.E99B
uY&)(4{
KQdDh-p
Ehu'z 
`E6	j;
TQ	"@d
m*1E3D
yB2?b 	
vw2V ;y:
>bNbxt
$KZMhv
\58IW^g
V$`#P\Rz
WD x |
]YRc4&
q%_sU=DE
`@%HuyRs
ah=:9{t
g/#x8O=
! N"%T
Y"g*pb
Jemqk|
niZNn[
u=?(CL{
,J9_!"
P\Y4Te_
tF70"^
|oAhb&
q |h4A
69#!OV
B]%gbk
8/k1"<O
VvtXaE
ROW~M_
6oXUEw_
_yN/T]
)d\Gv;g
{P<O{7
\[O`t5t?
&oNSNL
b	c=I6
P,__>E
5<U|ko
+EBhV 
l!gL`Y
&58i-V
@EC]x6
(mKaU7
k"uY3Uk
!s\6HelBv
%]e}Tw
	dW6@$
cGidV&
6wCIn4T
s\[GvA
hv#\x#
-n@bNC
B W!Y]H.
I/Nj={>
@uDtj|
E!dSom
z4&yY'
s*W<hr
icW9&!w)C.2
j*SJWs
?)Tr:O
kpd<,t
/;Ov.|
kG5GLD#y
Z%J>#j
=c	P& z
yv3RAb
34upJP
(/<Lno
$qwqA\
"1o't}FD:
+WXeTW
57]A,T
`HH^SA8a
u/gO36
%6onZ:
zgun,c+A	
'8JPhoN
3GXc+u"1GZ
1k"4cQt
Dv&.]gjs
c315+u
mD1rQe
ty+?Vt
[T|i#6
Ax	]E]t
Z"`@X 
ZvY!Bx"
'"+QqZa8
1@QbJ$
	')m l
U^	0t}k
u!E/e@d)
+=&)?I
]NrXr7x
yJZF<f2
svn7Qb
U(@B't
$*s9dd
HjmHkJ	.4+
{p~525
PrK}<~
V3F<Wn
~&geXq
T8xRuw
ITap]N
M.3RkD
2/9pdIa
+|dX+c
NQi8a|
1tIp^dp
@;aJh=
 3\}$H+
jTXI2<
!Px$l5\
.`W*pc
=yv;	O	
!30c^v
_%Jqj_
N]$4so)
32nuFc
`Zc^8T
7A~n[P
R.MYb?
Od r-m^1
oU6X+(
QO{<Uxm
gPSN]c
|`4'BP1
@\]%LG~
3`?Y1IAg
TcvECn
P	o::<
^-ePUl
oj]LXRb
 y50\:MD
{{F)vg
d'AY=?
L5Iqa(
Nd!a_Oq
?Z}s9t
Xryv>Xh
2&2<R.GyxOWo^
H2" ,3
?YV.K>
:d.SsvYp<
emrN;o
Um`?Qh
09gk"k
R'"1H/
6I@RQ_
99Z|Hnp
Ykeq6a`z?
0oV!Mx}
'}<`BN
|VoJ[~
"ea}xXq
%e,J3P
N}>Ww 
o	f]U<
IXa-u,
IpzX[s!
me#zOY
x,< 2#
		[5K{|
v,5;Lh9\k@a
R*ov~1
Ksx=iGU
 #3W\(}b
gr0_frn[
yH<*Fw
,$@b %
Ve<0n 1
J3HFn"
rnv[Gq>]
sbu:Nf%x5
SG- 1<
?SWOG 
(l@JDP
ULhb{@1
5,6Puq
EGT::&
.hU3D3
8A*/Fhn
f*].49
eAQ23L
?GNT5upevl
BuC2_K
v|	WCV
J7]g7f
q:cO2=9JGr
"jxt['
;*fAjt)
zcgkD\
7H47Em
,\/^KL
<1\+7,/:a
uoeu*i
Hm/Doq
Q5'pn-
;D(cfc
u+q--L
uU2iv^
6CQL%Q
h"K7.f
neTj?F
}.UVsS
{ZA2+n
SHELL32.DLL
Shell_NotifyIconW
PHeapAlloc
KERNEL32
Engageringernes7
VB5!6&*
Kulmule8
Klbningens6
Hjrnesparkene1
Hjrnesparkene1
Bombay
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Pluralizer8
Transmissionstider3
Electromyogrammes
Lymphy0
CreateDCA
kernel32
HeapCompact
user32
OffsetRect
WaitMessage
ADVAPI32.DLL
GetSecurityDescriptorOwner
FindResourceExA
GetTempFileNameA
winmm.dll
midiInGetDevCapsA
ExitWindowsEx
GetMetaRgn
SetConsoleActiveScreenBuffer
VBA6.DLL
GetSystemDirectoryA
imm32.dll
ImmGetCompositionWindow
SetServiceStatus
CascadeWindows
ActivateKeyboardLayout
LeaveCriticalSection
ClipCursor
AddVectoredExceptionHandler
CloseWindow
URLencode
__vbaErrorOverflow
__vbaBoolStr
__vbaSetSystemError
__vbaFreeObj
__vbaNew2
__vbaFreeStrList
__vbaHresultCheckObj
__vbaStrI2
__vbaStrCat
__vbaStrMove
__vbaStrCmp
__vbaFreeStr
MSVBVM60.DLL
__vbaStrI2
_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaBoolStr
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj
+-E8_d
%35Q/{
rstuvVwxy
cdefghijklmn
[\]^_`ab
RJKSTU
BCDEFG
789:;<=
./012345
!"#$%b'(
|rrf[co
yjyyyyjyyj
QQQQQQyQ
QQQQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'@'[
'X__;___@op
0X__;;;;;_or_rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
AA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmmllqzzp{llmhl(
G@@@@@@gghhGGGmllqzt(Iv5gH
G|||||5
@@gghhGGllsxGvB@@G
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv|||
@@glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvv
vvvv||
qpppIF
(gvvvvvvvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvFvGmvvNvv|@
mhh@llggq(
vGzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
le\\\\\fFFFFFF55
@lmvFF
G\\\\\FAA{AAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGvFFFFF\
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty)
AAFFFFFFvlttppqx
AAFFFFF
gGppqmpr
FFF\v5gmmhG(
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM