Sample details: 88498a6b0d5488a3a4a819270ac6953a --

Hashes
MD5: 88498a6b0d5488a3a4a819270ac6953a
SHA1: 56d16325aefe33febd7f214c0dce5bd62ed47b8b
SHA256: 367eb81f83b89e654971d941f58066b587ba1ae3ddfc83119a2e4b1f22229c4a
SSDEEP: 6144:z6jUu0WJvhVowDy6PyeepgQ/ImwF6GYy+F+Pj3:CUZkVOe6/ImwAf67
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | YRP/SEH__vectored |
Source
http://www.centerweb.es/soporte/.eval/en/sys/aj5.exe
http://www.centerweb.es/soporte/.eval/en/sys/aj5.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Interpolity8
Saberbill6
Grundlovstale8
qG@|vF
qG@|vF
qGg|vf
(zlmGmmlllqz
mgghhhGGGmmll
zzp{llmhl(
G@@@@@@g
hhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsxGvB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvv|||+
@@glxx(A
|avvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qpppIF
vvvvvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG
(|vvvvvvAvvvvvvvGmvvvvv|@
mhh@llggq(
vGzpvvvv@
\\fF8Gqt\f\\
v|||v|wG
\\\\\FFFFvg5Gp
\\\\\fFFFFFF55
@lmvFF
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGvFFFFF\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttppqx
AAFFFFF
gGppqmpr
F\v5gmmhG(
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM
|rrf[co
yjyyyyjyyj
QQQQQQyQ
QQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'@'[
8X__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
oAAAA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
+-E8_d
%35Q/{
Grundlovstale8
Ascribable
Succesful8
Facadestenens8
Nonvicariously
Inirritably
Opsprtteknive3
Fastnaglede
$|Kg4&
o=?-Vb
/qibAX
HQXv'sD
2^k":F
$Mz=sB
@pEWtZw
`fV=%C<
\#YiO|
LQlaCE
hH+<4jl
MEa[FE
<FZ5Vqt
a#E ""*
NCH.{x
1^@0nV]Y
a=g_bp
RKWCNU)7'z;:
{;LL@W6
$wN:}(
/ G[uR#8
HXsF1V
%&&YEn;y
U<5,Uo
asw3A	#
EK0u+1Y
%L64`<Is
TMNq!{
zpd.lb
sn|t	#
[YT4m'
@5Mj$cH
QI#u"Zzf
gGB!(P
nK.7eT
s(zO~p
3si` %>O
s4)?H^N
-Mq57W
vf3[ev
k9OYd,D
vN~{ K
&v!m5E
n_}.3?
# k`s0
Qzo,	U
1XIoJI
b^s'X0
K	5qD~
TwCu {uOU
6T}Rll
("pvp9
C	uE6^0RfS
f-sIa	
]pM?!X
E9v"Pv
(*btd"
_5[r8,1
X	&p>q
nkZA(V3
V~7;Jy/
rc	:/p
i-wu]nsIS
in	0_-
_w?(6Qh
|~[Q90
H.A,L.
~VixL`
NtAL:1
(b:@gBM5
&J!./Y
O6|TzD
_NnA $
Dfj0Ky
)	j P#la
J6_8$,G
RC_'fO?
xyk%>U
MDqJYz?
rP[o]wx^
Sy,"qdU
TL*Lai2
teT(dr
\+&!/-p
)~114Q
gE|z<O
9YT(B*
)eP"9M'N
i]Y5oP
iRlc@XM
BEp	:Jl
A/!Cd0
;WTD_"
fpnP2|K2_
IuXCvA
8_Wg*8OES=
3>@`{-t
Y.X?.@
GHgIX!v
l'aEqA0kp
jM.b&9.EM-
k?pmHZ
Y_DPmY
%C	=F!
sK&j1r
J,V %-I
WW;?F 
7N/g~+
Cc-:-\
6-F{-A*K
etU`!g
.kE[2L
L3j24%
cB)ghe
/"YM\C
N&T6B::W?
b_<&%FS
F)6K+['^
E>U={}
[(bX(q
1vsc>"2
W;v?v[t
4DWR%d
PT0'.f
	?9+(Py
2t@.hc
=/#}rK
:jX:.=
$.XZZ;
xjev}q
 .+7}:e
 _4t~_5
(hYly%?
AB)>_U
4[z2Z!~
,d$X3`
Lhmn4=
$I\}|!
aj} G c
$QS|eV
Yp>(JE
H-/REq
0r*/NS
#bWg\"
,A_%si.
A]H,uX
SQjh 2uU
f,ENQ8
Ov xZO
*V/zqD
c=3{/!
8+5;N\q
M)A9jxxw
K^xtEg
6DvSD0
yg/2v#
E#v0!j
T3-tK(n
CnZ!JTHM
rmx,yFj
:UL|Np<
 ~-u+?1
,o:j I
P%YvS/
d/souO
uQ404m
k[sN2\O1
OC9m>n
oCA5SV	
7.+L]-
|#1n]eX
DJ2!(e
#).c6]
ff^vJj`
+Yc5rU
{WZj)B
cMysk,
<u]Yg[L
mS$+2{u
vgbM B
V2p?k 0
iia	L5
|"]MK$
d2\"Ts
 YHNHI&
lzGBn}
c.4@Zh
;K%". 
)w\SR#W
1Nw"-,
gt^:sx \=
.	hbe0#
c_d.Vb2
dt}_p+
jD@	Nu-
^6PWf!
r6\k8f=
E?l`e3
-DVr8c:\
NoQR-h?w2
B&{TM@0
ihZ:g&y3:
`o0Q0R
uwNRVP
6U-XF"
0D1	$i
yC]MkG
ai]~	u
OFQ"BX
M*Q=c}
Z+BFU.
MT&uK^
BxY6; q
M;LfOu
xs-k]l
/LowP.F
F?7M$S
4fu)@H}Nh
rbg&6 ]
/*{IG1
yKRwGf6
aL$!YU*k
hLnZ%e
gMUQs=
cgY,dt*
qv~"RD
kr=*p-
6<"ZU_
kk|3a	'
lzZ+uO
yYW39Zz
"y|af/
k|xr)8
//:h-R
![z@:n
#.:Aa`
P%t&Z-
bP4$^\-U~%
'gWzg/xP
is<3q'@\q
R78GvF
j(~&'B
[tzM;l
F>gLq.
/rn3g)
hQCuF)H
 k$U7,
t1{$)C
3@.3{&Y
MPx&!>
a,8R	$
23.>t-
y"Mq(*
^h,Q[D
LX'rR,=
Q3F~,y
B(M<8|
`GBH5y
IeY)[xP
$QLv#E23V
Q:[02c
CB%IDe
wtt6&H
&=PnXos
<Sfkq}
. 7a# 
gVTNC'b:A
fB^."b
Ef>|O&T \
*g,Kky
ax}I10
wqi;B/
||g+n(,y
{BzY7ac{
'['WAuf
r, ^mL
q,i~#q^I
k\~O/vdR
tUpu[g\
)hH:AT.
r,WiWa2X
&<I"Z3
b4	PY7
;Cu6y5
.Y\?g'c7
"^<vx{
$"ATa_
gssq|`#E
gcNt&7]
@V,\wa
SHELL32.DLL
Shell_NotifyIconW
PHeapAlloc
KERNEL32
"mECJ?
>D{I;2
Nejsiger
VB5!6&*
Blselamperne
Interpolity8
Interpolity8
Saberbill6
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Nonvicariously
Ascribable
Inirritably
Nejsiger
Succesful8
Fastnaglede
CreateDCA
kernel32
HeapCompact
user32
OffsetRect
WaitMessage
ADVAPI32.DLL
GetSecurityDescriptorOwner
FindResourceExA
GetTempFileNameA
winmm.dll
midiInGetDevCapsA
ExitWindowsEx
GetMetaRgn
SetConsoleActiveScreenBuffer
VBA6.DLL
GetSystemDirectoryA
imm32.dll
ImmGetCompositionWindow
SetServiceStatus
CascadeWindows
ActivateKeyboardLayout
LeaveCriticalSection
ClipCursor
AddVectoredExceptionHandler
CloseWindow
URLencode
__vbaErrorOverflow
__vbaBoolStr
__vbaSetSystemError
__vbaFreeObj
__vbaNew2
__vbaFreeStrList
__vbaHresultCheckObj
__vbaStrI2
__vbaStrCat
__vbaStrMove
__vbaStrCmp
__vbaFreeStr
MSVBVM60.DLL
__vbaStrI2
_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaBoolStr
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj
+-E8_d
%35Q/{
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
|rrf[co
yjyyyyjyyj
QQQQQQyQ
QQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'@'[
8X__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
oAAAA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
qG@|vF
qG@|vF
qGg|vf
(zlmGmmlllqz
mgghhhGGGmmll
zzp{llmhl(
G@@@@@@g
hhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsxGvB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvv|||+
@@glxx(A
|avvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qpppIF
vvvvvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG
(|vvvvvvAvvvvvvvGmvvvvv|@
mhh@llggq(
vGzpvvvv@
\\fF8Gqt\f\\
v|||v|wG
\\\\\FFFFvg5Gp
\\\\\fFFFFFF55
@lmvFF
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGvFFFFF\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttppqx
AAFFFFF
gGppqmpr
F\v5gmmhG(
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM