Sample details: 5aa624d82e98eba77053d2c2f279a289 --

Hashes
MD5: 5aa624d82e98eba77053d2c2f279a289
SHA1: 3890933d6103182f6fe368c20a49784cf4fc0f42
SHA256: 3fbb7565054967f514544c96d8e1061b0d9fdcfaf2ec2d43b8819515f37defe1
SSDEEP: 3072:Elg+isuVpo/tw/qhrakNvkJU4KiUP5vRR5MIHSrb3YA0jkkjtS:E7tw/qUkNMJtQRII0b3Yp
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba |
Source
http://flyaudoi.net/jpg/DT_outputF7EB14F.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
    = Tkkemanden2
Monochordist
&BMwpX
p<[2A?
N0|	eM
z$vqAB
H1.,gx
*;wRPo
Y}._jb
^kr&s -
"<mdc9,
]dNm.m
m{sf?l
L;~eAM
\uKR=	
mjL"%5
KK+J;/
CE50XrllK
z1~17q
.xwYT-)
d5d^+r
,A7kh@
Pb/VMB$"
?Q< ^8
ccy_&K
Bfm;M^
>y":5(,
#An;;1
Cl&p_Yj
{	oVsLMI
oM/Lj}"X
HT%X"8A
}9K?L?M
4i[VYaG
KO#%2k
S6J`kwX>y
ge0]7}
4%IiI+
|~;/c."
Kl8*,T
e^-6?#
g'RVih
1#A6KHNA
~A	 Ar^
1P8#MNu
EPzh%9
y+Yb:=
c]h:(.
{`0FyE
M/hXhd
(MP+-9
Ik^&	c
&T!>q<D
ejf=^d&
?-5MPSG
 $Hi	p
HDH8Sf
U#mU3s
Yd>]^jw:
n(#z!o/SO
TZAY`E
KiR_&48
,I}E`}{
(rDeTL
B=Rg=R
=Dk@/v
-9t-Wx
\1Z&mb
"@7#'V
c"MH\|
NV})@E\
VrYFza
*[vWU/Gh
CxpKl@
[Z]4JX
OO2KTG,
3m!L^Mx
{+A4E:
AOHJ>,
,E'AU;
g<om[o,
+urmrv
)kyP#\
rTWu|R
#c8=B5
6eoSc_
:0[[Xr
=:~p%~
i*-1xBdL
VALLz/F
\@Wu4Dw
(ZTwqzyr
&.,USUE
&/zi&O
o_hcnVL]
cunhX-
,e9dDo
[p!K%6
&uwbUk)
xTn34G`
gPKv=*
]*^&Dp
trF$3Jc
RU'YL17
:_mi'm
oJQ2SX
O151$i_>5
)}C!}_Cf
n2]X~QP=J
6@Bu:2
3LGcoDU
zaS2Ob
WTIpU+_R
L+^kam
fn[ya5
I9$o9z
E>0M;(>
5)<K%\*+F
D,PY"*
&}=H`:
fr=xiv~
`fXX.k6
{2J,y'(
KAb~m`R
l0s^9wuvz
wry^2s
<?OGKn
	(&T$p
YGWav@6p
9.1-X&K
w`j>< 
tcN2is}7lf3p
rkY#}y
""5NjZ-*
GNQ^=y
D<pEj,7
BFg/?m,
u7I;GZm
bCrzg0
,uu-7.Q
?sf~9u
;U%USq
dV|E[8
uTfu&;
g_r1y{
J+%3lAB
oS<DSZ
A{}pf|
a4GC-B
ne!@/&
RK!'h9
g1njF1
T"zr[@
mh`0*WQS
F,:Al]x
W/p**X
3&d;&Q
Xe)37d
$-ISN]
Ru94gY
}VaEKG
'DfZ@b4
e3X2q_
1X	_\~
+Id` 7
	H4)_tX
"Be?Y+
_n^!]!
 j}<kC
WzW{v?
Y7925C(l
?itnAW
SOaJq	
Wo)E6>h
&?+<_V!
Hrks|+
@{r/6A
Mm4TCsy
@hni0f
|E%i|``
-kernel32 
CreateFileMappingA
MapViewOfFileEx
SM&F[s
bua829
b+a829
`vfx7z6vwvbw"wrdg
ffgfx6p
ffggbf
YYYYYYYY
RRRRRRR}
i,YYYYY
----}k
RRRRYYYYYYY
RYYYYYY
RRYYYYY,N^
RRRYYYY=N^
RRRYYY
N()xQ*>>>
*>>>UF7
qq4x1P
mmmmm]
777776
RR,YYYYY
f---YYYYY
H&&&yBBO 
1}---YYY
>>>'-----YY
-----YYYYY
---RRRR
BBBBBBBh
>>d------YYY
E|>>e-----YYY
HHH&&&
]]+U>>
----YY
\\\\\\\\\\\\\
}----Y
\\\\\\\\\\\\\\\
>>M@----Y
GGGGGa
K-----
\\\\\\H
ggggggg
ggggggggg
\\\\nnHHH
gggggggggg
""""ggggg
"""""gggg
""""ggg
\\\\HH%%
\\\\\D
?D&&&33333
\\\\HH&&&&&333
\\\HH&&&&&&
\\\\\HH&&&
TTjjjjjjjj
jjjjjjjj
TTTTTW[
WjjjjjAAAA
ZZZZZ/
ZZZZZZ
ZZZZZZZZZZ
ZZZZZZZZZZ
Z''''ZZZZZ
''''''ZZZZ
'''''ZZZZ
dZZZZb
'''ZZZZbbK
tttttt
WWWWWWWW
WWvv**
\@%"^s>
fiw.-xT
///QQ//
ee{Fy|Bm
+CE?kj
$PqYA)2
I]e//-
n:>r5.oZe/gg
_4	1L!+
ccccc<KWuw
g}n   
P&${O(	
Q&j~P'
P&_~P%)
SHAKSMER
SHAKSMER
Shiverweed1
capernes
ichthyography
springavancementerne
VB5!6&*
kuriositeters
Udpenslendes
Tkkemanden2
Tkkemanden2
Monochordist
paalignede
[dDr+E
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
ichthyography
SHAKSMER
Shiverweed1
OFFTHERECORD-64.dll
Bremsespors4
OFFTHERECORD-32.dll
Mindstebelbenes0
USER32
CallWindowProcW
VBA6.DLL
__vbaHresultCheckObj
__vbaNew2
__vbaSetSystemError
__vbaFreeStr
__vbaI4Str
__vbaFreeVar
__vbaLateIdCallLd
__vbaI4Var
__vbaFreeObj
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaFreeVar
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
DllFunctionCall
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaI4Str
_adj_fdivr_m32
_adj_fdiv_r
__vbaI4Var
_CIatan
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
P&_~P%)
P&${O(	
Q&j~P'
///QQ//
ee{Fy|Bm
+CE?kj
$PqYA)2
I]e//-
n:>r5.oZe/gg
_4	1L!+
ccccc<KWuw
g}n   
tttttt
WWWWWWWW
WWvv**
\@%"^s>
fiw.-xT
TTjjjjjjjj
jjjjjjjj
TTTTTW[
WjjjjjAAAA
ZZZZZ/
ZZZZZZ
ZZZZZZZZZZ
ZZZZZZZZZZ
Z''''ZZZZZ
''''''ZZZZ
'''''ZZZZ
dZZZZb
'''ZZZZbbK
YYYYYYYY
RRRRRRR}
i,YYYYY
----}k
RRRRYYYYYYY
RYYYYYY
RRYYYYY,N^
RRRYYYY=N^
RRRYYY
N()xQ*>>>
*>>>UF7
qq4x1P
mmmmm]
777776
RR,YYYYY
f---YYYYY
H&&&yBBO 
1}---YYY
>>>'-----YY
-----YYYYY
---RRRR
BBBBBBBh
>>d------YYY
E|>>e-----YYY
HHH&&&
]]+U>>
----YY
\\\\\\\\\\\\\
}----Y
\\\\\\\\\\\\\\\
>>M@----Y
GGGGGa
K-----
\\\\\\H
ggggggg
ggggggggg
\\\\nnHHH
gggggggggg
""""ggggg
"""""gggg
""""ggg
\\\\HH%%
\\\\\D
?D&&&33333
\\\\HH&&&&&333
\\\HH&&&&&&
\\\\\HH&&&
`vfx7z6vwvbw"wrdg
ffgfx6p
ffggbf