Sample details: 7657f340e9e4e4018d7ddab1ad4db942 --

Hashes
MD5: 7657f340e9e4e4018d7ddab1ad4db942
SHA1: 1fc4184b75853be598086e6a07cc3b18075ef290
SHA256: 51902d98686a80458238907ce124f74247f9702262fd67aba66e9ec67b778112
SSDEEP: 384:CzNKnJClbrv5UEjiKmdUsUFHShDj4NN1oyDJuXANrN:C4Cle2iKmdUTHShfWNHJPN
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | FlorianRoth/DragonFly_APT_Sep17_3 |
Parent Files
7066df5d021cbf6fb393029532c5f9a0
Source
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Ls1hMsbrMs
Js)uKs
Ls*aLs
Is$FKs
uMsfLKsk
LsEjKs
5=stLKs
LstjKs
Js0jKs
IsavMp20
mp20Form
SAV - Impressora de Or
amento
TahomaF
Tahoma0
Tahoma
Desligada
Tahoma
Gaveta
Gaveta_Opt
Gaveta Nivel 0
Gaveta_Opt
Gaveta Nivel 1
Docto_Opt
Com Docto
Docto_Opt
Sem Docto
Papel_Opt
Sem Papel
Papel_Opt
Com Papel
Em Linha
Tahoma
Paper Feed
Tahoma
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Courier New
Shape1
Porta Serial:
On Line
Tahoma
Paper Out
Tahoma
Tahoma
isavMp20
isav_mp20
IsavMp20
IsavMp20
mp20Form
modMp20
C:\Arquivos de programas\Microsoft Visual Studio\VB98\VB6.OLB
Gaveta_Opt
Docto_Opt
Papel_Opt
Gaveta
isavMp20.dll
mp20_Comunica
VBA6.DLL
__vbaErrorOverflow
__vbaObjSetAddref
__vbaStrFixstr
__vbaLsetFixstr
__vbaGenerateBoundsError
__vbaUI1Str
__vbaFreeStr
__vbaStrI2
__vbaStrMove
__vbaFreeStrList
__vbaR8Str
__vbaFreeVar
__vbaFreeObj
__vbaFreeObjList
__vbaObjSet
__vbaUI1I2
__vbaNew2
__vbaHresultCheckObj
__vbaFreeVarList
__vbaVarForNext
__vbaI2Var
__vbaLateIdSt
__vbaI4Var
__vbaVarForInit
__vbaRecAnsiToUni
__vbaSetSystemError
__vbaRecUniToAnsi
j\h()@
j\h()@
j\h()@
j\h()@
j\h()@
jTh8)@
j\h()@
j\h()@
j\h()@
j\h()@
j\h()@
jTh8)@
j\h()@
j\h()@
j\h()@
j\h()@
MSVBVM60.DLL
__vbaStrI2
_CIcos
_adj_fptan
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaVarForInit
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaStrFixstr
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
DllFunctionCall
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaI4Var
_CIatan
__vbaStrMove
__vbaUI1Str
_allmul
__vbaLateIdSt
_CItan
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr