Sample details: 52461a6971614a79f31b24c0a9d686e2 --

Hashes
MD5: 52461a6971614a79f31b24c0a9d686e2
SHA1: 914c298247f250e779a1f50cc1a40ef45bef6d18
SHA256: c46480dc0e8d4a5cbc82d227265b428f384ded1c31a9e9161f2758140cd3599e
SSDEEP: 6144:CNrcDe1qFe2KrzKLkd9irjXKtp/zt1WOp7Yl8EvX:5eUUvKgAqsF
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba |
Source
http://utasarmsinc.ru/live/akun.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Selli1
VB5!6&*
Dravei
Selli1
Tummies1
Epitomize
Selli1
C:\Program Files\Microsoft Visual Studio\VB98\VB6.OLB
Label1
Check1
user32
GetClassNameA
FindWindowA
ShowWindow
PostMessageA
comdlg32.dll
ChooseColorA
KERNEL32.DLL
EnumUILanguagesA
VBA6.DLL
__vbaStrCopy
__vbaLenBstr
__vbaEnd
__vbaVarTstEq
__vbaErrorOverflow
__vbaFreeVarList
__vbaI4Var
__vbaInStrB
__vbaI2Var
__vbaNew2
__vbaVarSetObjAddref
__vbaVarTstNe
__vbaVarMove
__vbaFreeStrList
__vbaFreeVar
__vbaVarDup
__vbaFreeStr
__vbaStrToUnicode
__vbaSetSystemError
__vbaStrToAnsi
__vbaVarAdd
__vbaStrVarMove
__vbaStrMove
Tummies1
Neville0
jyGz(\
{VTeV/
(ZN8[.
>KW?3g
whvMCU
rWQcpY
tn0?*WG
z7V%q:
')P*8k
k\<__D
dof~|W
7V%q:F
">e/an
tQ uv_
v/$"ls
FQp!R.u
9{#cYg
qko2guy
knfE	ac
c9+&ki
#4qx7^k
z  @E8
B	j1zU
B	j1zU
?&~_Cv
Y/f.|W
o7-?n~F
1f	"`G
Ln2ks^
mqADIjq
w%k9`d
,9|z=o-'
WKRZnf
?~k'<P.
/X/f.|W
9%:@o2
zcf0^^d
wA.~R"
G8|GzfIS
`:B8S	
LZLU=2
 H&Wj]
r[Yi9(
9u"Y8jF
kP>+?kn
[PT'`qi
B3o^&X
rtpNY8S
\M@8.DHx
 rCmUpu
C!B^Wr
ZX)?zh
/30qrCA
jyG.(\
f'3;_Wl
7	e7]y
,>?k)}
g	eW]y
/T-iLQ
?k)u4W
 HTo6]
D2_f:|
9,t|cR
q@@q-W
]yGR(\
^@0B'2
c{sb>z
ypM>q0
&cy$~t
lu1;#le 
`3;_W`
jyG6(\
=kP(\*
>3#>v\c/
G%|OmV
]yGZ(\
q5!1 e
8e.WBQNC
!".IJc
9?kL*|U
JU:7VfC
In`;-n
x{sbIc
:5V%q2
5Rfl..
u	`I!O
syuu+%
^[7M7#
6V%voc
?1E(G#
W_ k<eW
$%dBiy
wG*en8
3;#le 
b^s=S-
wA.vfo
VPB xX
Y/f.|_
Vn7*cg
`@Ug(S
oz$7MEVb_2
3;#le 
:E 7"l
\'~N:{
oN%7Mv
\@8NLP
2??<eSJ
lL,:#l
nf~zW"
pdN0C}
"b]7M76
/~Wh24
+Z[bvM
&kVh%(
f_S.8%
9g~]E7
Kq!HrJ
Tz}qo"
_=H_ZZ\
x/!%yU
LH%*LH%*LPg
[f=:;f
[f=0qf
a.K=:=
IK=BE69
I+9v6/
IK=B 29
"8uIXA 
{IK=Bo
]CA=<<=>>B\^
B:658<AD^`bbaa`^DB?A
5<Dbq}}}qponopqxyy
:aC;9?
yxpnba`bcpy}PcB<>
xbB<;C
}xoba_acpy}o
xob__aoy}oA7>
}qc`_aoy}b;7\
~mP4.-1Lfz
}qb_`cy}_7<
								
}n`_bx
										
		`								#N
qa^`x}\
												
X`^ayy=5
												
o__c}c
}b__p}>
p__a}a
}a__pq7
n__cy>
q_^ayD
y`__x^
}a__q`
}a__p`
}a__p^
}a^_qD
ya^`q?
x`_aq9
}cabp:
ycabc8
}naac>
W(+GR3"Gv
}oaac@
|jUF)'Mu
yoaab?
{R4Oi~
xnab`<
ypbab\
ypcbb`>
}xpccnaA5
A58Bny
yxpnnon`?5
B75<\nx
}yxxqqpqpobC:
<559?\aoqyyyyyxxqpn`\>7
579;<>==;96
DB>9:86799;AC^
wwwlll
0jjj|||
aaaxxx
ddd~~~
qqqnnn
vvvkkk
mmmqqq
rrrhhh
qqqeee
dddkkk
uuuiii
}}}hhObbbsss
|||iii
ccciii
gggeee
vvv|||
Neville0
Check1
Check1
Label1
Label1
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
_adj_fdiv_m32
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaVarTstEq
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaVarTstNe
__vbaI4Var
__vbaVarAdd
__vbaInStrB
__vbaStrToAnsi
__vbaVarDup
__vbaVarSetObjAddref
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr