Sample details: 46b1c0fa9417a374c84f0af13bafe83b --

Hashes
MD5: 46b1c0fa9417a374c84f0af13bafe83b
SHA1: 3275e023c31ff9865015750461e5c14be69acb6a
SHA256: e38ef860ca53c0a2c40cc3fac9acd03d53266dcc79f781765b5eb068c9e621a2
SSDEEP: 3072:R5+AqIBF0wK7JrA3732ZswFTnPmHsOrpRbB0iwt4o3HPJ6AD5:R0AXBSDi73ysw9BwLwnvoAD
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | YRP/SEH__vectored |
Source
http://www.centerweb.es/soporte/.eval/en/sys/aap2.exe
http://www.centerweb.es/soporte/.eval/en/sys/aap2.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
orderSRadiatory
	Capti
Snorkede
Gennemloeb
qGh|vF
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmmllqzzp{llmhl(
G@@@@@@gghhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsxGvB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv||I
@@glxx(A
|vvvvv
vvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qpppIF
(gvvvvvvvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvvvGmvvvvv|@
mhh@llggq(
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
\\\\\fFFFFFF55
@lmvFF
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGvFFFFF\v|vvmx
FFFFFFFFF\sttxtu
]<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttppqx
AAFFFFF
gGppqmpr
AFFFFF\v5gm
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM
|rrf[co
yjyyyyjyyj
0KQQQQQQyQ
QQQQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'@'[
'X__;___@op
0X__;;;;;_or
rvX^bY
o;;;;;^;;;_^`_XVYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sM
oAAAA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
rstuvVwxy
cdefghijklmn
WX_Z[\]^_`ab
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
+-E8_d
%35Q/{
Gennemloeb
Overbetalingen
Udblikkene
Childbed4
Hjnelserne4
Gengivelsers0
Krads8
Byplanlggerget8
Precinct
KCMJBI
e~.3;V
/pH!2x
{D]Ew4
K9L)5H4= 
co9}Fl
|%F-:(
&I^@S@i,-0SS
ky5zIw
2\%eOi
%u9Anq
8?M9i"
|Y~g&n
,PXqZ,
CFfCQc"8
>0;3J<X
/H3o.#k
k0D.Bc
BgPrvJ
Dh5y%Gy
p@H`bo
*Gn:1Q
,\!k= 
:;$O'vT
h(qI@q
`1>0uNW
C#@f	&
z*-!4^@J
!6NTjv
6siSDf
V<!E}w
a{[rGSu
s1$<x`
_ :Y3	3
L'j>6u7q
X2z,"e
"=R;l<
QZtFg+x	
uHzzj?
o)(5]fz
v=.q1U
a~<w0A
mFZ!N^
OyPzF%1I
|+h*Ru
#vzJL'
l6[:h0
Cg|*2f[=^,
u_	#:\
h!yQ)}
+39qRw
!93+M?
u #]o	
3Ieq9*
-qvFK:
Ed(7m,U
wU .+V
~s!t$7
URg\h[SE
rnZMXk<
W>5u?8t@
zrD$c_1
<s$mo$
?w+ym.
Wq#6KAC
+3NFla]
0OY7'd*
P|SWd2
jE$i)7
&H_h{D
@m=xVa
f51MCO
26yEU]Y
'y;jmK
Z8KF{g@
1N$H%FI
8]9*U@
?Y!a,t
agg%9_PR
a>_>9[
k@j.\A
zKr4i(
ltQ?N((
PW]t@j
bDK4Ke
ETAH^,(YVVr
|{T&t/
`S,E#o
Iz-Sj>v
V/EfcK
;+H@B~
6M#N%O#
-~lR>%
]KHlvl
WA&[gh6
_]aYH0
Wf[tUJ
>X~L>:
0uQi)B0z
EG!-U5
}8u; j
_pH,Q|V
 !a<n1
~PO~U7
^EZ$O9
 oyh	K
e\;*d)
H!d07sO
}MZ9)I
mjd(LC
ZtT\P70s
Si(z2_
bd	rtS
g|2jeG
whk$#P
=ND4=X
Y1!]&>
,##cRS/
E3	EI+BnY0
H'2QkT
Daf$Li=
*d=3r'
z2Q,$rX
,=bS(}
CkA*|B9
D)<0/Y
KK>euu
HXpSl}
)Gbfv"
x)ZC(U
hb:v\&
s{%'f&/
-Ky}hqP
h`S:sJ
fg?2BO
x]i>NR
,U6x8}
[}*coCp
\*0VJ!*
 $	/e>(
i1]'~y
A=fJN0
I$[`2^c
nwJZ?K
=Lz#sP
ns	_LR
O ~4jWO
N[bc8L
,$ZJ_L^
gFtl4T
\Axb7b
Fmn73@
qBL@d%)
F|xm'2
k8Sl(^
M{XJ:~n
!f;*Fu
E	:f)<L
}bQ'?+
Myn0*N
qF}%q0
|4ltFh
nidP}cZa)
.WTd(9
4=)^0@Q
7YIR>|"
N6pHG-
h4&.~ O7
Pf[i^C
| ncYF>
p~z?Uh
D|yxG,
`a:Sc;
>F.V<?
{2^apM
;2qI3B
SHELL32.DLL
Shell_NotifyIconW
PHeapAlloc
KERNEL32
>0 vj4
[sc6`3
[sc6aS
0s4B|w
>0 -e4
>D sd4
1sn!C|4
>s4@tk
2?s4@t[
>0 mg4
~?s4@t
1sn!+}4
{4v1s4
's4FtK
's4FtO
U s4Ft3
b s4Ft7
1slJ	s@
1sm6DK
=s4"")o
=s4BnG
9s4!yx4
1s4@yS
1sg6G{
1sPB<k4
>`B@O5
15>s4B|+
%s4B|w
~9s46Fw
s;L.p4
y1s4B~w
B6s46Fc
1sn!3t4
1seBf{
3s4B|w
0s4B|w
0s4Bvw1
1s	F1s
!s46Fw
a0s4@to
1s4Bq{
0BmW0BEW<
0s4A=|
s;LMr4
"s4 .u4
1sl!,r4
1%\I0s4J
1%c6d_c6d[
,A.3sI	sA<
-LB5W5
 6Dc`6
23s4FtkPh
9s4BiO5
qs4	E,
1sg!Ds4
9/u ^u4
[sb6Gw
uB%x~BuW0
!s4Bqc7
qDoRHJv
Squidge6
Encuirassed1
Aluminiumsfolie
VB5!6&*
Cyanephidrosis
Slickensided
Radiatory
Radiatory
Snorkede
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Encuirassed1
Childbed4
Overbetalingen
Squidge6
Byplanlggerget8
Precinct
Gengivelsers0
CreateDCA
kernel32
HeapCompact
user32
OffsetRect
WaitMessage
ADVAPI32.DLL
GetSecurityDescriptorOwner
GetTempFileNameA
winmm.dll
midiInGetDevCapsA
ExitWindowsEx
GetMetaRgn
SetConsoleActiveScreenBuffer
FindResourceExA
GetSystemDirectoryA
imm32.dll
ImmGetCompositionWindow
SetServiceStatus
CascadeWindows
ActivateKeyboardLayout
LeaveCriticalSection
ClipCursor
AddVectoredExceptionHandler
CloseWindow
URLencode
VBA6.DLL
__vbaErrorOverflow
__vbaBoolStr
__vbaSetSystemError
__vbaFreeObj
__vbaNew2
__vbaFreeStrList
__vbaHresultCheckObj
__vbaStrI2
__vbaStrCat
__vbaStrMove
__vbaStrCmp
__vbaFreeStr
MSVBVM60.DLL
__vbaStrI2
_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaBoolStr
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj
+-E8_d
%35Q/{
rstuvVwxy
cdefghijklmn
WX_Z[\]^_`ab
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
|rrf[co
yjyyyyjyyj
0KQQQQQQyQ
QQQQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'@'[
'X__;___@op
0X__;;;;;_or
rvX^bY
o;;;;;^;;;_^`_XVYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sM
oAAAA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
qGh|vF
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmmllqzzp{llmhl(
G@@@@@@gghhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsxGvB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv||I
@@glxx(A
|vvvvv
vvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qpppIF
(gvvvvvvvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvvvGmvvvvv|@
mhh@llggq(
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
\\\\\fFFFFFF55
@lmvFF
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGvFFFFF\v|vvmx
FFFFFFFFF\sttxtu
]<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttppqx
AAFFFFF
gGppqmpr
AFFFFF\v5gm
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM