Sample details: 591e9c05f553dfd587847e86c1d75456 --

Hashes
MD5: 591e9c05f553dfd587847e86c1d75456
SHA1: 0acad903b87c7219447288a0004187d7eb92caf1
SHA256: 066683f360738cb53651d6ba97b8cafbe3a1d3dfe059ef4e7433b44b05204851
SSDEEP: 3072:5ac/+cG/5tCTx/558n+kPESTyjcIN7Jr4+8LZNvXYOWCT7BL+sEgwzuXxUDx:5bGGTxo+4ESTccIN7JrMLbvNREB7
Details
File Type: PE32
Added: 2018-02-27 12:48:06
Yara Hits
YRP/VC8_Microsoft_Corporation | YRP/Microsoft_Visual_Cpp_8 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/HasModified_DOS_Message | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/anti_dbg | YRP/win_files_operation |
Source
http://acpzsolucoes.com.br/blog/w/1080cp.exe
Strings
		program cannot be run in DOS mode.
}~@Rich
`.rdata
@.data
@.reloc
+$j9}mj
<at,<rt"<wt
HHtXHHt
?If90t
j@j ^V
URPQQhp9@
tWItHIt9It 
^SSSSS
t$<"u	3
< tK<	tG
Y;=H=A
tCHt(Ht 
v	N+D$
;t$,v-
UQPXY]Y[
	X 9} 
v	N+D$
t"SS9] u
<+t"<-t
+t HHt
PPPPPPPP
PPPPPPPP
zojazageyewitiwi pimugo tuweteniwovuvayahekolucoti
%s %f %c
wuwohuluvexotatasarusekosevoku.txt
bamaredenonabikabatibuselakahe
UTF-16LE
UNICODE
(null)
`h````
xpxxxx
CorExitProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
`h`hhh
xppwpp
_nextafter
_hypot
GetProcessWindowStation
GetUserObjectInformationW
GetLastActivePopup
GetActiveWindow
MessageBoxW
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
1#QNAN
1#SNAN
GetBinaryTypeW
DeleteTimerQueue
ScrollConsoleScreenBufferW
SetCurrentDirectoryW
VirtualProtect
WaitNamedPipeW
LocalAlloc
GetSystemPowerStatus
SetSystemPowerState
GlobalMemoryStatus
CopyFileA
lstrlenW
lstrlenA
KERNEL32.dll
DdeDisconnect
LookupIconIdFromDirectory
ToAscii
GetMenuState
ShowScrollBar
ReplyMessage
AttachThreadInput
USER32.dll
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
RtlUnwind
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
CloseHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
RaiseException
LoadLibraryW
HeapAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
SetEndOfFile
GetProcessHeap
ReadFile
LCMapStringW
GetStringTypeW
HeapSize
WriteConsoleW
CreateFileW
%XK/GE
                          
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
                          
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
bidevosujagejowikerubejivepeditepitakihakudojewobiburuzuvigimorulapesabufokunonamitahuhurarafekebayecitujodavacuzalotokolewiboyiyecavokexuzilitejotukacinarisagefolasomokadaligepacozunodepuvigeholamehuxidehumizofaherafaniwitipilayodururetekuverifacajokemepovotakokudiguzahulesasepubopojutafedavekezisafudidolotesahuboxutexayunebovopirikuledikoxusayamaturajakedarodafokategiyegocubolerexicorupemobametokoxogujunuhorefiwekajubehawegekejiyezizuzizipadomedojetabajapapowidibuvonopahicimojejisabisanesarohuxexigudivivifudozoposurocuvireyalihuracavagetizapezarotewabulefecevadokikonakokufexoyefowunucacazogudimilojaselirezezivuviwinikezudizetarexurixoloxeyocepikosebugexanedumafuzevigijiyevaxohunugunigasedoranalepigaxovocusuliberurutimeragofonacicucocudezafojofuzogigaruginohicukesamerakowunakokavovuhuyipacijumakosohesutanirijeyorujokuhixumesuxahuhuyasudavapitoteyezekonevutapayekusosagusaxikuyazacelaberawadojebibehefewubomabibaroxowezejupamokuvuvibuhivotolocodajafihohojotedabogagowicepakoluvuzotucicixokenilaruciconotoyopuhelaziyateloyukiloletojunewayukecajadawikecapucexewijusavehiguhuzixebagedepevikovoxoximifolipuvasosoxiginemumifofivovayafunazirebobagoxeyayutacibitococatefagabosirajiwekeloyotuvemojicufiwojapuvalovabuzecodukezeyaturuyexebixavecocavovoseduhubatikurirefusafikofunowifemamusegevelukurubusufowuxavayutupefuyaxivobovabuhoguvunabiregecavovepajuhakazopipomijilefejixarosirivakofoyikotayelizenagiloyikolubekaponenayebivocojokigotevumakicohunapipogemekiyexenikatujarotagimefavajozerokuhorutopurefihozivesucowosituragebayufuvozujijakorakijahominigugukevemiraveyafijowowucoxukezuwerapifojidevivibitugecihojatuyapabacetezexibubujuxulogokiceniyayojocujuzosasocupurunisadifivoyipihawevizarejihayonevegasulekacoruwomacogecixiwuyakonunalaneconekuxiluvobugepifusepisovimodokabahihamiferatuzogaduweyebasuzumehomociledopiwuyajopetoketomujinobegatezogohutudecinafecumuyelopukidurutolorafatowalosuyayalewecerojuwamonopizejitivekanigasivozajimihoyuwukukunawimudihewuribigetobodukefofepawovukasunagevaretunulebewibunoterajetovololeluyacenufujonedubefokijebekudifehusujutucubocukuwidulowoduyuvuyosupisuwupunujohemurilukiboluyosupitomesedobarisubowocifahizuvigevojamazutinoxawovukehijigivitofekomuxitolefoyegevoruhihujiyohasohinuzisimaxuhahesofufarisoxexebejuricuzivegesalobemalodohebijikadodayesaniwanitiwozazicemipanajawetamamesuxutijecukujujeyowadusoyorijulelelurewenixahijuliwafoduxewetefekuxagicicobebemokacesayugudebepotibosowejaxikahezarivupanumakipubekaxakunuzuvizewoyonadayijunuwoneherabapitogolejurehawedubirosisayumitaxuperugupemumuvepidacewuteledijinezicalejegevixecelefurudagiyefokejecazodinulemofuxuhujolidinijesomunowocomalayilayacutajaximucedadagevoxosulegurukuladeturunelivemogejabexehisolehotozotejaduzunucamijewegikidixucucayukelisemugiduwonexakubixojefohazogefibexecuhoposasisuyucukopenidocecuzitefolegasivemopezuhobomiwixucoyobaguhojufumilofakewodowidekixeyowasaponebapiwelijihajaceyusezuvubuyazavijutaxonuyunocasicopeyopinezalawuniruluhajuyijezumitekijasunajirawizoreporebonubulozivekazitosazosowecicebotatimamufosujuhevuduluweveteyefewixumayozalivoyuyatebihofesageyinimabocugodigubukatuyukukoligedurizazedurifuwiwetiludofuwevotazimupanidepihikurelarokikujidupefazegijikoretajuguwepotiwacizorifetalunirejupamicukizukamaduba
NdlgT{L
fXb}gu
cVsR?A
d^w4$1|
)Kj-	4-
Zf3i=e
SD.fTxY
T:ZL|P5
C#_qCW
Rkb"}R
KFnLAfZ@
i%w:v=|
Rx[Vbm4O
P}f#&v
 "C4<TT^
RGB[dKy
C1LW.	
:7G-&V
<mC"E@
2!Ocoj/>
JhpkmHP-
Z_!F5w
7=y~|6N
|c|;oz
X-kOIDc;;
<PM35G1
^9	|b>
%lBgqN
gF&OdX6o
mn@=T]
+b@2]^
@~@}$41
@\p:3v
MOkMic
<epC.n{Q
PJb_9&J
cPflF!G
Wk//KZWJd)ZxO
3ugRX>
^DZ&A6
=?P85`7fE
/O>?=(
E?#M1c
YjMvIg
K&ag+B
g5+v*j
Xne47Gf`
r+t@T~
-j1k("!
Q*7yy0O6
1bF^U_
)Cy/#2g
t2"`: 
XkYO,1
7rdU[G
G*i''3
L\5,6%
)0aLPEk
3h1.`YkZ
6Ti\[`
uvD306
^zv6_)
KG7a?7r?D
/y+fa^
jmO[i8
}:3/ls
O#mHt-
&PyASa
}|-	{^
Qo+bfR
e2&<~a
^l&LQ"
[~>+.-Q*
WcRN'D
WYpl\*c?
p5PqA{
7*v<NLzz7
m<CvT~
_,5kKT
{`fw^.2Fd
8E}]>u
A2jy<;
Ta#p)}
9:P#C4
kphqBe7C	
K-	(MP
;N{Sw6
5R"zkF
dz^vK	3
jqiuz.
Dfl=Sb2&
6g\"3~
Hs2Z)3=
)gxfWe
73$<bA9p#
K!)wLA
L-UBsi	
3.vm8'
%uKdB7/\
Y5Bs-f
dg]X%|.2
D	IrO{
3#H~4<
J[;i	D5z
jxJb3L
?LH,c|
fj([So
i:0?)u
ge"|AH
'qWc`=
*qe.Zt
G9@=M#
hfoW?+G(
3;/I"=
@~Vi/-
5<L^]@
:vgC_W_
~"v#js0
G4Mp(^$
B-RG|7
.?p[EE
vdbb:!
Q_&G|{k
grusd`
Qq<<J'
87#Aw&
lto>lkg
k%DWQ6
7TMjg7
<MIu\(
$^#<eUk
8Wj0gl^
G*$'d5
>**~>+
d_u[nW
Ek<WJ{
AD=})2M
	yEE/#
^[+9_2
An3+"B
(wZ)pCZ\
{~.l5o
z%X9pw
xkrggE
@ELO&I
HihLqm?
, K3RZ
h}!g<RQ
zF"n8\
Jqg4mZ
a`,Sau
fujoredobawawuvurokokubifemujimupasidowururaseverohozukecudalewosicifiyopogasilogetawegijaloxunatefoxedimavecidifudohetineboxoritipexutikibihejozobuwopapozujijumoteyevacosujapuyimitobovunugasirifapefayudenubeyefositaralemosacerahajexexavacewohecalelevufinurecubuvokacinegojecisozecusaxevuwibixunufibejocesorilegafuselugijoroxovutoyihoferobuleliwomomamiyokehozocinepopasavujidetusewozotunolibavifilovikagateyitipigixibaloholozujizananavapijasafajuhawojuyewejedujewumefodorawikayaxifeledehefenayuvoxazayekosimicaretofoserixagoyecatadovisuzesamapuyebilojatodojuvezazisizeyohogabuhuyutekewihabasecinuwocoduxevorixupopixuyatosowigudupocuzenodurerezomaxawidiheverulojitocobakehesicufitizagipoyorunogivakesepoxodikibiyutohaputamujomonawoguwicizipamejunuwisejupaholorapavuyojexusacigimecobeyezosufomacecogebepiwuwaroratiyihezujeyozizovapapusezabupalojayigavugisopazovawurisarasifujisedogojosoxamudemucisururogegixiniwokebepaneneboxamozupuvelesikegojuzotazuyahipufakuhikuxosivoyalenasomahowocuxiwesahivapugabacudiniluvuyulotebajoyoyitolamowoligayojemejuvohubicakuzehuvanehucodejunuvumajulalibamalixezahefepuxetoyerezumucasulatofetohoduyitovucoxagepenugirukolixadowifefiruwofobadanezubowasupodovojizafenodasopodidisavadesiluhacozacurajejuxokuzaseyehaguhutasofilicixiwepowiviyegevegorepukuyirogecexexelonididanuhatomenewobopogepudedarijatekozonibecapidazedobiwanogafuyarurecafujopexoruxokagicononogopupoxufobitexibozasexadutakosipamujulayifulemaditazakevezulujicawutepalakerujabitukemafokudixedesufubupasasomefecuvoyatulepocoticiporusalosuhimovuguwesipagusocohejiguherevovanodapovitifogarajegalolopimuboxumehobozesojohekafekabucapeverevakusalarapajafiveduvabavuzohunihivabuyuyuxedatitagijonewobanubupuharefafijacuxuzihepebulixeponejevajesolefikumedadefunetidevuyetalaxoporikidofuyinekakemunapelituwudehahevapokepilojokaguzumufoduwulipopusivateletalixuxolemogoyiliguwosusivudoditesixuxefajomojesecohegacobirurayixiyumavufuriwamoyexowikuxuyovedotuzonelofarutiduweyoyipalopamulodovexonafahalizayonerunarehefukugatuyewadijosimekacicupigumawamenavekuterizedudu(
]Y~]Y~]Y~]Y~
]Y~]Y~]Y~]Y~
]Y~]Y~]Y~]Y~
]Y~]Y~]Y~]Y~]Y~]Y~
]Y~]Y~]Y~]Y~]Y~]Y~
]Y~]Y~]Y~]Y~]Y~]Y~]Y~(
]Y~]Y~]Y~]Y~]Y~]Y~]Y~]Y~
]Y~]Y~]Y~]Y~]Y~]Y~]Y~(
]Y~]Y~]Y~]Y~]Y~]Y~]Y~(
]Y~]Y~]Y~]Y~]Y~]Y~]Y~(
]Y~]Y~]Y~]Y~]Y~]Y~(
]Y~]Y~]Y~]Y~]Y~(
]Y~]Y~]Y~(
"#t"#t
"#t"#t(
"#t"#t(
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo></assembly>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>
0!0'03090?0G0P0U0]0f0l0{0
1#1.171<1W1i1o1v1|1
1'292C2
3*303@3Z3b3g3u3
4"4*4X4^4d4p4
585?5K5
5*616(7
<!<%<+</<5<9<><D<H<N<R<X<\<b<f<
= =(=3=z=
=A>G>a>p>}>
?!?+?Q?
505S5f5
91:O:u:
5!5%5)5-51555H5n5t5
5F6P6{6
7E7h7n7
8D8U8b8i8y8
;#</<;<G<o<x<
= =,=5=>=
:$:,:8:A:F:L:V:_:j:v:{:
;$;+;M;
<*<4<J<U<o<z<
=3=:=e=
?"?S?p?
Z1g1p1
2E2P2Z2k2v264G4O4U4Z4`4
5b5n5}5
6&6,686>6K6U6[6e6
72787>7T7l7
8/898q8y8
9'909<9A9F9L9P9V9[9a9f9u9
: :D:P:`:
;!;X;a;m;
<5<;<M<`<
?$?8?>?G?Z?~?
7(7M7p7
;)<3<K<t<
2(212;2o2z2
465B5U5g5
616Z6k6
?$?+?3?8?<?@?i?
0 0$0(0,0
1I1P1T1X1\1`1d1h1l1
2n3z3J4a4
4=4D4H4L4P4T4X4\4`4
4"5-5H5O5T5X5\5}5
5F6L6P6T6X6o8j:
;(<1<7<
=N>q>|>
1-2\2b2q2
2l3r3~3
4^5~5n6
; <J<j<
=(>P>i>
?&?/?o?
616C6U6g6y6
<R=X=f=
6G:K:O:S:W:[:_:c:g:k:o:s:
:B;j;z;
8*8I8C<I<N<T<e<l<
t1x1|1
>$>,>4><>D>L>T>\>d>l>
>8>X>x>
?8?D?`?l?
0,000P0p0
101P1p1
080@00444
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<
=,=8=<=@=D=H=l=t=|=
>$>,>4><>D>L>