Sample details: 674513890b566e687841de8fe8833c52 --

Hashes
MD5: 674513890b566e687841de8fe8833c52
SHA1: 7e14d73217ed5d0a1065024b817171730eb1e617
SHA256: f015753aa6b947aab4e888b03ece3b3788c073896f1ad13febdc484090e8e180
SSDEEP: 12288:oD6UWwgdM2O8EHXbSv4IDMHvOaKHWRxWs35eYy4:MNWri8gSvoUHWrWOeYy4
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/maldoc_getEIP_method_1 | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba |
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Allocate3Mihavane
Allocate3Versemongery9
Allocate3aromatized
Allocate3aromatized
Timer3
Allocate3STATEPARK5
Allocate3STERILIZES5
Allocate3Pedagogically1
Allocate3ENMANCHE8
Allocate3SPECIMEN
Allocate3diamine1
Allocate3trader6
Allocate3Greedigut
Allocate3MALUU8
Allocate3doraville
Allocate3KNET10
Allocate3PSEUDOLIBERALLY10
Allocate3Microtomic
Allocate3Disembody
Allocate3preissuance
Allocate3PROMENADERS2
Allocate3antipapalist10
VB5!6&*
Allocate3subsemitone
Allocate3nongenealogically1
Allocate3Mihavane
Allocate3Mihavane
Allocate3Versemongery9
Allocate3merostomatous2
Allocate3DOMINY5
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Allocate3Disembody
Timer3
Allocate3diamine1
Allocate3STATEPARK5
Allocate3Greedigut
Allocate3ENMANCHE8
Allocate3STERILIZES5
Allocate3doraville
Allocate3PSEUDOLIBERALLY10
Allocate3PROMENADERS2
user32.dll
Allocate3BODICES3
Allocate3Versemongery90
Allocate3Versemongery91
Allocate3Versemongery92
Allocate3Versemongery93
VBA6.DLL
Allocate3DOMINY5
Allocate3GEARED
Allocate3GEARED
Allocate3merostomatous2
Allocate3Unsuccessive3
KSalH|
?uPUUp
`id*o{
.{S0aS
S3C*d6
v)SEr[-B
htf	jF:<
~ySy3B
	pXuxC
AF.wMY
g]jI"/?
8)^iF__
SINA2u~
Tvl8Z4
cG_oD(
q{Up=NK
uhn_e[!
a4hGJ+uS
W]qh5pJ,$
Z{WA~9W
//:u[^A
tUTfNC
.\QgY!
'c*"cW
?G%ILB
yN@As#s
^vh	^yA
P.Zn(rg
]@/v)-/
UaOWMF%
%{@CqJ
/pS&e`
5Lx?~A
CK2	(\6
I"-A^X
kK%g"h
xS:`J#
o(ZF!0]
CVo/#a
e4NbLs
+g^^BR
$6x7B8Tu
"&v#7:!
+q8&	gI
MFAsMD
KR*w/o]
Gh	W*Z
c`/*P&YM
'JB!&#
U;A_7EzSD
n5inxt
\Z(lS=
/S`[dA
>|mF8=
]="d?$.
zN:bE,i`+
(<p3wk
>C0uIR5ug
*C_3Z/
Vn&S '
,wJQghG
|O7yxP
#-jZZK
^1EKO_S
40YfQ#
8gR'VW9u
&UTd`2_
icH[@B
;5t+qY
CCJg'J
O]/_CG
_Sad/x
!dDq1v
mWz'zc
4U1]pk
W$&LH9
c8p3`!<
te0>B3
!{	^?a(
tMRnNc
)-9_j<s
C DTM2
]=MR>L?X%7
_43Bb~
s%%KVW
Z(^2L=
p@MUz/
wo5;~Ce4
s#u3*M
6e-7^u
3)q0%JIz
cz999FE
d`$ubZ
K~L@0j
+RPKpx
Xot~oP
91?`Qv'q
BgY_1f
a4.UAZ]2uv
A86hlQ]
&z	N1P
*95<h+v
wWrvF<
tt!;<'
c'T/N()
9 j>BO
qye,H,
'_-^/j:'
b{db{D
%{-=jg
`x[:8)
WTU},{g
dX1+0+
@*+VFy{
Y}b|l.q
PHFUE^e
L(+#<{
D.+#<yK
'|p=9Y
M5&?5H
qR H[eQ
&N9h$8$
T0fM!r,"Y
)W@yJ:
nf)Y/u<
K_0ITIX
,8NA!J%
${r'?^
,^!^R(T
%YDcB2
,Z$ITI;
UYQU)&
PW	(jW*
!]7Wap
%{5=UH
wgrV%l
7<uuFcY
'Bjh%<s
\GZbTJ
QUjQO-
IKBnHE
C	UL0oax
02^LE/{
92|(U{
k5WFf#4c
l-29&<B
j B6;We
n|uU+}
yjgj#)
'C"uk\
%;gFZd
g`V@ibR
<o^,\.
K<-]`K&P
a56fT/
D";uGE
Ar=ER+Z
E]G3]Q
$k4c%7,
{VB _V=
].HTU3
AiA*7}
McdDSH
dc)&[Z
!Xm,l\
e)sh n
$A$j[n
xJPj1kG
2B^hWG~
,Q8O>g
A-jm3b
k2*6E5#G
1u3Z`$
{pHTAY
`3#X_wvk<<
22D0[*
xVQ."xU
?a;.PB
hFjkOx
^JQCaQ
$cm+JL8+
oe,NmnR
M=1VBw
b`X(.t
&fEilNQ
A=y,T!
DkcrC/Y
N%`-( 
zyd,$X7QN
fj@FJh R
dLaKyu
ahm7cA
DdD$t.
V[/JzE
n0xtR6ST
{PPh2^
g`V@ibR
Iyo.6L
\cal~p
K<-]`K&1	
<JFhpX
)W@yJ:
cw-N$ZT
K_0ITIX
TSDt#2
P!"i(-
CRvKhvQ
rCAq~f
{VB _V=
uM 9[)
R$od}d_C
NI9:[D
x,F_xm
{_b/97
aG_R[p
F{Mk+*-R
7EMx/(SM1
ADgmw_$
'9:QS?92+)g5&
-*DZ|1PU
p}>>5B
L@ ~i!0V
{Tu36D
:7962Vl>g
/p,,FX
.E7|UD\Y
=^YRX@
y%{5`_
1S6kS1 
.]btLh
(|*#5R
|gjj2"
(r.h8H
Ry-sP\f
	0Y#yt
G4,f1y&[
iX2d:)
k&zalKJx7
e>"'7bLT
Uwa-4f
qGcF ^"m
S:LF%t{o
/v:oJh
jX%<xGp+
Y%{$T]k
p;AZQF
^03W,-
	0>\nGN
!`*,NI<
{pHTAYKsx
>iLEW_
o bbJ;
_!5ue~
JPa,c'h	,4
A`wP%v
F!+UWHz
hFjkOx
xjanH9
,gZ&(RP/
]r:R}i@
V#Tt>B
;F;.f3
%v.nA=7
MF'Qf"
{e'@WC
(0[.Qh
/YpKsA
 syN${
{t}gUs
X@9p*v
GW,xmk$d
|@Dn>b
0OyBBt
jG'tR#
a%%35S-uY_
at^{cH
*)[lXx
}9 4D]
w[U~H;
.$z-v$x
<Ic+{jg;W
wJ2:,	
Q3j%Be
~	.r}8
4WgU!G
v6|*M^G
L7{U7Nz
^X^,Os
n\3ZJlx
UX;]]o
{f<w(i
7B9[JU n
!h?h/]
Pm>`3p
m%(A4x
r&XqTN
`Oj0t<
-3Ad9f
a[2-KE,
6QedPB
#'lw19
M^pETS
2MkQo*
2(<#b{
%{U5@$sC
)#Bl&b
m&hpQL
&Z?y3CC
\d\:x>
("~6_?
ZtCr,ih
0bEJFm
 {~By\
Aa$C%3
`p!lWR
V`%iF7s~
UB9@b*
j[i~Rm
5,Sck>
}L[73X
Y2fTR_O
>m=V~%
v&t<VZ:
1GZ\;q
zLNE\>
$25fbD
L9;zrs
cufOF2
<n]3Cs&
8]$MDSE
~P")lgY0
5x]6j,n
:X__h.
q]f4q%
#G*F=iq
y~D[+Bx
-------
aa----------
aaaaaa-
-------
LLaLLLLaaaa--------
LLLOLLLLLLLaaa-------
ZLLLLLL-p8----
@2Oppp
7(```...
```..ug{
Nvv2|pp
`q1^^^^^^m>````
>'	GGz
````;3
>>>>>>>G	
X#|n--
	qq		!!!!!	zAq
>!!!!::::!)
!!!:::
!!:::::::AF
j		;;``..
:::***:
:*Z***
'''``..
%Je;;;``..
:::?444Rh>''`
!!!>>>
Allocate3Unsuccessive3
MSVBVM60.DLL
MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
-------
aa----------
aaaaaa-
-------
LLaLLLLaaaa--------
LLLOLLLLLLLaaa-------
ZLLLLLL-p8----
@2Oppp
7(```...
```..ug{
Nvv2|pp
`q1^^^^^^m>````
>'	GGz
````;3
>>>>>>>G	
X#|n--
	qq		!!!!!	zAq
>!!!!::::!)
!!!:::
!!:::::::AF
j		;;``..
:::***:
:*Z***
'''``..
%Je;;;``..
:::?444Rh>''`
!!!>>>