Sample details: 7611776a4693c2b77957cc213036345d --

Hashes
MD5: 7611776a4693c2b77957cc213036345d
SHA1: 6e176c3f6db12a08674633252085bd96eac3de17
SHA256: 572364a36ab856bf456d4bbe0c1e2727690bb7806a3311087e79e573cdb56854
SSDEEP: 1536:JNe4Qv6pcMyO+pl/TsX8VExHnFg6+qi+U+Q1hitL9qz:jDQHhO+pcHFf+TjR1hKs
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 |
Source
http://www.elosduvale.com.br/OUFW/
Strings
          	            !This program cannot be run in DOS mode.
`.rdata
@.CRT4
.pdata
D$0iL$T+G
1c+D$`
D$$5!?
D$`W*4R
D$ vI1
L$0=PE
D$T9D$@rN
L$P+D$\
L$T;D$0r
D$ {#c
D$lY<'
D$H<-o
D$X9D$8
q'H(.A
q~)F@2RM|
@fi#08
xTqH?@.yi+8L
84RUvN
HA>nS0p$
y4X;=@
z|pTq<
-t,N?:
`TyDd2
Tx|3=u
-'h'W`
)	n'g&_`
oVp|+B~Y
f!}q(R
6gmw!2
`hA=Ii+8
pp2>$4
z{pTx|#)p
yt-vt*O.Ywfgit.pdb
InterlockedDecrement
GetCurrentProcess
WaitForSingleObject
GetTimeZoneInformation
GetTickCount
GetUserDefaultLCID
GetCurrentProcessId
GetCommandLineA
ClosePrivateNamespace
GlobalAlloc
GetCommTimeouts
KERNEL32.dll
GetNamedSecurityInfoW
RegDisablePredefinedCache
CryptSetProvParam
ADVAPI32.dll
CharNextW
GetWindowLongA
WindowFromDC
GetDoubleClickTime
IsMenu
FlashWindow
RealChildWindowFromPoint
GetCaretPos
MapWindowPoints
USER32.dll
SetMapperFlags
GDI32.dll
SCardConnectW
WinSCard.dll
waveInStop
timeGetTime
WINMM.dll
memcpy
ntdll.dll
OLEAUT32.dll
CoFreeUnusedLibrariesEx
ole32.dll
,J@2RM|
Vl#K`@Ts
Vt#K`s|s
^xds0[
=?@&yi+8
$ai+%oU
(ai+1pU
ai+)rU
ai+ttU
ai+luU
?%lXk(
"ai+0uU
71;x =
B3;xaO
b4;xhX
Yf*7kl
*LpVqP
b@\8D<s
r}?=%v
=0~*k5
Za5|gU
NBMA/X
~3O0\4
L;dc,_
#M@[I;
sKow t-
16(Tk	+
FQ"ly7
S`,nYs
S`,nYs
>TQ!"<\
1!*'=N7U
]5r`MNSj
	i	9'Po
C@19+9
6h uo<b
FQ"ly7
fjsNm^2
FQ"ly7
tU5pG*#
H]O.OUg\
y=6^H8
F8"Z>O
78bv[5
Ap\eWn
C"Qpz1
zx3NW-
~x`^A%H
=M#&->
_%rm6m
#.qjL7b}F
^MO-nD
,uQ#Vz
|w6GxV_|
-]gvfz
AFQ"ly,.%
f.dVfAr
+"Ah{|#
.-MPj*g
_N?P~~k
W|O;et\
,~wDp.U
Z1uNw 
AQz[.t
"Q#1@'
W{O;]t8
K	]Gr^
-> 5	2
zcRm}K
K@5x0|
K]lHZP6
/j)UbW
81iD}o
(0/Z!y-
*k<,Jw
N`yZDak8
]/crf?
cBts:H|
FQ"ly7
8'v>92
'L'811s
vY}}CZ
!tgaYh
QZ	XS@5
Q:Y]Lt|
`aA&V0
hjzY_K
J'|RW6Cf
kM:C?4
?qj H%
S`,nYs
:4%`7_4
-+wdr_=
I%6EH!
<6@j3(
,u64N'
6)&}$]"z`UI
6vyWBG
qMuNO>
tNm`*\DSD
tLDis<
2{6Rr7
V-2KJ$^
s$>G}	
/L@=uz
=0~~k5
`_f&l^
i\|44N+
Vd-{k<
=0~~k5
PF?W%u
av+?'N
q.(2OR3
v^0;:@
0zMV*H6
IS]ocC
@AABACD@@CAA
99:99;9<=9=>?9
<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity
    processorArchitecture="X86"
    type="win32"
    name="iNFO"
    version="1.0.2.1" />
  <description></description>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity
        processorArchitecture="X86"
        type="win32"
        name="Microsoft.Windows.Common-Controls"
        version="6.0.0.0"
        publicKeyToken="6595b64144ccf1df"
        language="*" />
    </dependentAssembly>
  </dependency>
</assembly>