Sample details: 94725c2932f10e95831e537055afea74 --

Hashes
MD5: 94725c2932f10e95831e537055afea74
SHA1: b63670cf721736ba105937c41d8e3447892ec828
SHA256: 6c5fa9b58d2e3bfaad7963129fb2958bdd3aef5f110b54bd815bb8bd8ea07215
SSDEEP: 1536:XkKbR2F0e6fBaco9tYUnPgm8K5nXqfMnbB+qEsWmtByrL1mu6f:X5AUfB4nHh6fKhQgu6
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/HasModified_DOS_Message | YRP/domain | YRP/contentis_base64 | YRP/Str_Win32_Winsock2_Library |
Source
http://zavierdesign.com/0mRP/
Strings
		e run prog
ram must b under Win32
`.Gl9Gp
@.rsrc
fffff.
bLf#L$Bf
t$,#t$H
|$0"pO3
T$X;D$D
D$,=ur
T$L5A+*
^P+D$`;D$(
L$T9D$@
D$@#T$@
4?]x X
,hz,%2{8
Y^%Z$.
 HY8E_]
\r$+}+
hz,%2m
RuG1q~
,,4l/.
MZS,	=
$v#!hg
{/-'57
%a;6M7
t1xvF]
i>qN4,
x{JsQ*
>-;#>Wd
@{v2}=
43,y{f
A;T8/o
+SJYZr
+PLYZx
iZw$iB
9E>W3M
~{^RwZ
+~{fbD
D\sC"7
;v'",{e?
D\;S97
G]\x!A
g@7dB25
[/*b5*(
tf	=%t
%91mm4
5>Ar}9
te	<%s
'BI%#5
k&g0%_&
0n2[r?
 ('IzC
WaD!fpm
KqLk>I
0|8mA_
sSr{hLX
'IzCv*p
[7(6K	
zN?OF$.
h&+}?,
/x5x`<"
J(6,OF
(uP/tQ8
=/cTV`KUI
)WLB1O*2&
PHD	uM
*!U7+	A
j\K:0s
G(. OF
OLtnec
A2#_@^
t^(& OF
:UNi_P`
tOnpL?Q
"y!QLx
+RA<wP
A_)oz}
D=.V'1
:QLp%[
:]Zs"X
i}48/?
VeTR_3
SJ*"A{\
Tm:\L"
2Qw(.,
$K	VYE
d9?w('a
s0Jny? )^
[<]nX-
4ny? )
D)Dy{:
)8;=pq
8LU4  8v
>S$z7|
4ny? )
?SvsNf
^JJEM@
)*)@^v"
.=a)!o
4J(~.=-
4np? )
Sr[iLX
?-A:PI
W%cG.7
	:`Hnec
kKFp[F
<1mhPL
._0g2q
4BpD?7
HwWEG$%2
HwGew#
WHWEHewHW#$
HGwHWgw
WHW23#%HR
WHe#ewG
HREHWWE@
HWRhwh
HWRHWEG
WHERHWGWE
hwhWGWEhW
HWEWEevewE
HWewGWE
WHewvwegewEW
WHWEWEvwevwEVW
WHEWEH
ewgWEW
fweegw
USER32.dll
GetMenu
CreateAcceleratorTableW
ShowScrollBar
LoadAcceleratorsA
RSDS,c
|1}eyv
WHEew.pdb
auxGetNumDevs
midiInUnprepareHeader
midiStreamRestart
WINMM.dll
DsGetDcNameW
NETAPI32.dll
SHDeleteKeyW
SHLWAPI.dll
FreePrinterNotifyInfo
GetPrinterDriverDirectoryA
WINSPOOL.DRV
CryptEncodeObject
CRYPT32.dll
CoTaskMemAlloc
ole32.dll
EnumServicesStatusW
ADVAPI32.dll
WriteProfileSectionA
EnumSystemLocalesA
FlsFree
CreateSymbolicLinkA
LocalAlloc
LocalFree
GetProcAddress
FreeLibrary
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException
KERNEL32.dll
CryptCATPutMemberInfo
WINTRUST.dll
SetupDiGetClassDevsExW
SETUPAPI.dll
WS2_32.dll
DeleteEnhMetaFile
SetBoundsRect
GDI32.dll
wwwwwwwwww
wwwwwwwwwwwpp
wwwwwpp
wwwwww;
wwwwwwws
wwwwwwwww?
wwwwwwwwww
wwwwwwwwwwwL
wwwwwwwwwwwpt
wwww;0
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<!-- Copyright (c) Microsoft Corporation -->
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity
    name="Microsoft.Windows.Shell.write"
    processorArchitecture="x86"
    version="5.1.0.0"
    type="win32"/>
<description>Windows Shell</description>
<dependency>
    <dependentAssembly>
        <assemblyIdentity
            type="win32"
            name="Microsoft.Windows.Common-Controls"
            version="6.0.0.0"
            processorArchitecture="*"
            publicKeyToken="6595b64144ccf1df"
            language="*"
        />
    </dependentAssembly>
</dependency>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
        <requestedPrivileges>
            <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
        </requestedPrivileges>
    </security>
</trustInfo>
<application xmlns="urn:schemas-microsoft-com:asm.v3">
    <windowsSettings>
        <dpiAware  xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware>
    </windowsSettings>
</application>
</assembly>