Sample details: 5261d0bd59b81140ed1d57dd5cfd0746 --

Hashes
MD5: 5261d0bd59b81140ed1d57dd5cfd0746
SHA1: 93cab949052dde804e8cb49d64e1a8f971385484
SHA256: d9c30ba0f958f975cf878769ca675f1a773b34993d25edd7ebb218a16520a318
SSDEEP: 192:/TdWjq9rZ145H3hM/NsjNPcyE3nBCAmdbDY3ET:/TkSN145H3q/i5Up3nAbDY3ET
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/url | YRP/contentis_base64 | YRP/SEH__vba | FlorianRoth/DragonFly_APT_Sep17_3 |
Parent Files
709728d25440f135ccba022b3ac3adde
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
-C000-Project1
046}#2.
Atualizar
Atualizar
ProgressBar1
MSComctlLib.ProgressBar
InetCtlsObjects.Inet
cmdDownload
ATUALIZAR
MS Sans Serif'
VB6ES.DLL
Atualizar
Project1
Project1
MSINET.OCX
InetCtlsObjects.Inet
MSCOMCTL.OCX
MSComctlLib.ProgressBar
ProgressBar
Atualizar
Project1
cmdDownload
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
C:\Windows\SysWow64\MSINET.oca
InetCtlsObjects
;CProgressBar1
|bC:\Windows\SysWow64\MSCOMCTL.oca
MSComctlLib
DownloadProgress
DownloadFile
KillApp
VBA6.DLL
__vbaErrorOverflow
__vbaAryDestruct
__vbaFileClose
__vbaFreeVarList
__vbaUbound
__vbaPutOwner3
__vbaVar2Vec
__vbaAryMove
__vbaFileOpen
__vbaFpI4
__vbaObjSetAddref
__vbaStrVarMove
__vbaLateIdCallLd
__vbaBoolVar
__vbaStrI4
__vbaStrMove
__vbaStrCat
__vbaLateIdCall
__vbaR4Str
__vbaFreeStr
__vbaEnd
__vbaFreeVar
__vbaVarDup
__vbaFreeStrList
__vbaStrCopy
__vbaObjSet
__vbaLateIdSt
__vbaFreeObj
__vbaI2I4
__vbaHresultCheckObj
__vbaNew2
intPercent
strURL
strDestination
appName
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaStrI4
__vbaFreeVar
__vbaAryMove
__vbaLateIdCall
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaBoolVar
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaPutOwner3
__vbaR4Str
__vbaI2I4
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaUbound
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
__vbaVar2Vec
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaVarDup
__vbaFpI4
_CIatan
__vbaStrMove
_allmul
__vbaLateIdSt
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr