Sample details: 864ae9648b037a7769d79b59f5bab3f0 --

Hashes
MD5: 864ae9648b037a7769d79b59f5bab3f0
SHA1: 22a9fa75a4600b215af9a28e95cb95cbfd42eeed
SHA256: 54942bdeefb082c786e74454d3a146203c8c6a0f32558c5e14d571fea1f94d3a
SSDEEP: 6144:raBvVJmysXpuoQUCLM+vOaux4cjuivQBm:wNipuDUp+vOaulj6
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/maldoc_getEIP_method_1 | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | YRP/SEH__vectored |
Source
http://www.centerweb.es/soporte/.eval/en/sys/aap1.exe
http://www.centerweb.es/soporte/.eval/en/sys/aap1.exe
Strings
          	            !This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
	Jumper2
Uncontestedness
Trykluftsapparat
qG@|vF
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmmllqzzp{
@@@@@gghhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsxGvB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv|||
X@glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qpppIF
(gvvvvvvvvvvvvvvvv
vvv||qqqq
mlvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvvvGmvvvvv|@
mhh@llggq(
Gzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
\\\\\fFFFFFF55
@lmvFF.
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
z|FFFFv
Fv5glzzGvFFFFF\v|vvmx
?FFFFFFFF\sttxtu	
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttp
AAFFFFF
gGppqmpr
AFFFFF\v5gmmhG(
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM
|rrf[co
yjyyyyjyyj
QQQQQQyQ
QQQQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'@'[
'"__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
oAAAA2{32STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
+-E8_d
%35Q/{
Trykluftsapparat
Skalaer1
Spytkirtler3
Antichronical0
Steroedecks3
Cortez
Vaerd3
$tR"hxaF
p<n=@JK1I1
&sfk<T
C~2Y2L
`0bZrH2
MP9%6A@=b0
?	0Gyx
b7Dd)]fU
<!DXiU
a(IH7$
	Q=.:#
_aS)<)
TuB	hF
;S_Or`
ZPe\w!
	\TGRw
yz;^^M
qa}?YR8
,kN)yaJ
x6ugKB
fe[9pe
f)3~/0}'^
@:%%':
C;t]Fjl
}cfOk.;
qC`J2'
"q.j/n
Xo	ac/u
ySCE![
+Rht:8
f>	L?T
"Ddgy@
5,ToP0
*Ms'#:S]
{=`o`:R,e
?}w:u)
<=o3"$D
(p7@v7
`9	(V[
VIBzAx
X,z_;t
f|?p=(
}2O~@7
N0h\`o
j&arFRK
@vLw3r$
+2$yNO
^`\Xc6
QEcPJf
?5@PA#>|-
eOzrMW
N?;"-;
w4Z{[8
AbdDt(b
Gn8nJ_
0A&Vs=
?pg]Fntp
;lKu|U
%4JI3IY
"zP2C 
9aT[nOU
iBH	}c"p
ziGoJ7
r*tNZ1D[
0\U"3 c
{Dk"4uW;
,ysI0fb\
bs*h<`&
`M+%gwH7
v;}(Mg
=Lpmbw
qY,D?}n
%8.O}l
G%P-P(
O-.7sq
9pCU\s
z,un!^U
9N$Xc=
}/X<Na
~ChY4EjP
<-8k?a^
b<oC42H
Bp4[~=
b57H,2
-\PTX:
'lir9*Y
ot`9%E
uT[BD	
njXc&k
5J>*">Y
5,$Tkl
mZ*vWP
LHg0JV
Y,8Mg]z
cZ%{>z
9~o$(>
w>Ijzt
sqZ7%OM
i[kwbQj
r"+O]%
V]$a80]
}rKW<kUWu>
?Ls];ba
Xqi@ndhG
;H[cqv/
g	tiYDu@QWD
zHr3,/R
JNO.=S
!n 0;HO
o7)bax
~w2Z}K
C}Kj2Y
m`ta2P*q
$7&n%%
[o\A+w
dcO[\a
T:D=Ke
7sR=/)
001fBZ
+<kMxZ
;H<Oz.e
m'\dkV
f2F@j"
i.8U1g
{QSkm_Ts
ma{b~C
d]_5/,*
}R'K@'
4{fG'8
QD2Qk2
.4*=`a
kZd9JqUL
}PbU^&
b5 9,oDPc|
i!Fw:wr
WvJItQ
zD\YJ95
bhhl]C
e+Mit'
o77p[J{
u&j=CVM
@$Yr'wI
Qwt!0U
WsoRh	
sr!n9iG;
I^VU_-
7eY+6+
;'0-h4
	kXqB,vf
hPTS^!
,F#v5nqL	e&
+H7qo/
SHELL32.DLL
Shell_NotifyIconW
PHeapAlloc
KERNEL32
Fortrnelsens
VB5!6&*
Apparitionen0
Vejrforandringerne
Jumper2
Jumper2
Uncontestedness
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Skalaer1
Vaerd3
Steroedecks3
Spytkirtler3
Fortrnelsens
CreateDCA
kernel32
HeapCompact
user32
OffsetRect
WaitMessage
ADVAPI32.DLL
GetSecurityDescriptorOwner
FindResourceExA
GetTempFileNameA
winmm.dll
midiInGetDevCapsA
ExitWindowsEx
GetMetaRgn
SetConsoleActiveScreenBuffer
VBA6.DLL
GetSystemDirectoryA
imm32.dll
ImmGetCompositionWindow
SetServiceStatus
CascadeWindows
ActivateKeyboardLayout
LeaveCriticalSection
ClipCursor
AddVectoredExceptionHandler
CloseWindow
URLencode
__vbaErrorOverflow
__vbaBoolStr
__vbaSetSystemError
__vbaFreeObj
__vbaNew2
__vbaFreeStrList
__vbaHresultCheckObj
__vbaStrI2
__vbaStrCat
__vbaStrMove
__vbaStrCmp
__vbaFreeStr
MSVBVM60.DLL
__vbaStrI2
_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaBoolStr
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj
+-E8_d
%35Q/{
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
|rrf[co
yjyyyyjyyj
QQQQQQyQ
QQQQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'@'[
'"__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
oAAAA2{32STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
qG@|vF
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmmllqzzp{
@@@@@gghhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsxGvB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv|||
X@glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qpppIF
(gvvvvvvvvvvvvvvvv
vvv||qqqq
mlvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvvvGmvvvvv|@
mhh@llggq(
Gzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
\\\\\fFFFFFF55
@lmvFF.
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
z|FFFFv
Fv5glzzGvFFFFF\v|vvmx
?FFFFFFFF\sttxtu	
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttp
AAFFFFF
gGppqmpr
AFFFFF\v5gmmhG(
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM