Sample details: 9d6953c614fd93e0fda50187ab429743 --

Hashes
MD5: 9d6953c614fd93e0fda50187ab429743
SHA1: 00e36a48c803594c4900d6ac2f9ad405bbba254a
SHA256: 96276faed9c375bfc8b66e57ee37d09e90bfc34d2c1ceefce098fba465d77bb3
SSDEEP: 6144:pFj6mRfJa2mUH6jIQrmPzbVVAAvBqy1f97NF+i65vcg:pFtKtUH6zozZVP/F+/5vJ
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba |
Source
http://109.169.89.4/zynova/zynova.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
kartoteksstrukturernefremkaldereinko
unglutinousnessproctoscopecabaretsdu
nationaliseprecombinationprmierdkspl
rr}xxxxx%%
`[}rrr
__j*:).0
_	/////
Fyyc`(
U#"'+*"
{{y|{wHl
~zvA;=<
Picture1
gimmoranesthetizerkrendesenergiminis
overfredningsnvneneadministrationalm
repeteredespladerustningsschellakker
dobbeltjobsinistringodtroendeschartr
hunligtskafningerskinchinmortfrenghi
acidophilusluepublicerendeskrotnings
velseterekrutsrucheplanchensstilling
floppilypalstaffsvovlplsbabstapaculo
mssigeexcitabilitysearingindsugendeu
merindkomstkokraftobjektiviserethazz
guddommagtbegrcaffeinismskopudsemask
tsedrengenesbespndingenkalontogasbis
jalousiskabebrusebadsfestucousfejrtv
alkenongranularneurectopiaaffriended
noncondensibilitybullhornsrehonemask
tankestregendeodorantvermiculitesswe
pelletizationditrichotomoustylastera
heglingautomatiserendesbekmpelsensaf
cardiashenzizbambus
thermopolymerizationsukketpottingdie
sheepbackscorbeillemolybehaviourists
stemningchartroomsripenseralligating
ufordjelighedblaakopiernelifewardulm
marmorealfylgjafldeisenudsendingenes
publicisedtastebudsfantaskoperationa
thongedomposteringerneacromyodicrams
sknnedeovertopsmemorizingdodecatylic
bjlkenspolymelystampublikumerstenoto
uterotubalrecorrectcichoriaceouserhv
puslerietskeeledvianderunpedestaling
mountinglybratticinggummernesrumster
fritidslivetsreprocessprincipalsskib
normannensaxiatebeboelsesejendomprim
fortakeplenarforsamlingernestotallev
slyishindenlandskesafrikanercourageo
yetatilrivendesiridotasissyconidchec
sistlebellowsmakingsoldaterssedangss
fringerplasticlommerneenlistsflunkey
helbredtescollegesatopicsvbelsebrnno
jagthundsamerikanerindernenyreligisi
	+)W5<
ixso!	
bxL0A$
M7WD8l
iwV@=s
~xU_TE<
Q	CP6eWg
RE_#p^
2{$x{JX)&
Oj:IFw
2Fa)<W
00z9wtr>D
FxV{[)3G
ItEXI	/
~{o(YQ
qF_$k!
Syrr|P
<G P~*!
q!$w s
g*^+a~
*8[@*M
3o0TOW{/
nk4'd0
]&z@SQq@
n)o~MQAu[{
w47`t[}F
+0E~^8%
yW!e;BM
[,vFrMa
u#swma
+DF@v,
}'mP+^
|tPf=rF
HH5C/%
uKN$db
^rm'})
MqqP=4
@$K~$D
t3.&cI
V(J)}y
JB9J0v
N;2T"d
!!'y|"5T
`?FHx	
z1W?IE
!c>6Y)g)
K7v_5[
n+"37Y
57MCyDg
W++Dx6
ns#Ut	
EuWxc+M
i}~RDG
MV%ZvL
0z+q3N
h)SM%:
]E~ltS
OI*6I=
wQt;7[
MO5#,;
pyTod6
1=_:Z=
?rZB&\
uz:7n{:
9Zx_4HN
 so=x<
^oe[A-
u_tW7[
@J^Y	0
b2=7V),
RR??!k
F%;|I<
>J``Cvb
XhLy@.
{G	~Dl
6bseh|
s1F([`4{
9wv8{*
_tKmkAb
/%&k<g
yKkV[BT=
l-wVD;
e<uHGl
BSQR%t+
HBU~$sqa
gFk2fX_
i7&Enk
eTv*cM
]CDg;r,-
b,QZ^5t
:r++BnS
EFm7`=}G
q'&}bXL3
.UhpFK
6R0Ph.l>r5,@J
VSP^mv
h*T9cQ
lHo.Wk
Zrtgma
06`511+
O 	@vk
7*!5V:
td\d|{^
8))K.T3l
.`l/=5
sq 'b?
1wc`7O!
f[g:ggm#
|#X|it
/Hco$%
"UzYTfA
TG/6sj
]ztAJ-9K
J+'dua
h<+ck@
?eW/x\
a4]Z	B
wh970w9
As>H#	
B`tG?NwI
3ry_pz
I9pxJ7
=6X~p&
+Sbxo\
HU7?8>
A@XNvfh[
sXn:aX
j@	^gP
\_\T]^+
5hI)RK
]L6efF.
P}M3w^
9X_yKu
oPvGI\+
nw[K_v1b 
nPS&n4
ezx:VB]D
^G	6*I
h^ihsM
52a:Li8}
^,kzT\m
4tRU-P
86eoPa
W.|7#&~/
L4%5-d
J%zSAp
LiX1Is
tIwB:.
Y]B8U5
]lNmd&
v`V8dwdk
W74kx?
xyx6KX[B
7n1~2t
H2K;v/
3K<48|
:."JWTn
/Knu\`
(I:gA 
{o_g0r
,17C>5l
d9<	#=
Y1_X->
o7|%E>
*PXB!"ie
/0_YKk`
n`~NLv
0e.oF6
:u=F:}c
i|/PF;dY}
pqHIm*
A%$aNF>M;
,!r!f`k
;_3[FMu'
T\BV>T
r)rjpg
y$?=\:KqY:8
NIg8|y
uOF`n}
Gtx{c.
\>q;u*
k2mQYt
r@.StX
<7WpuL
	[B|Lb
@bIsDc
IWDKx?=
Ujn7=^
en;m8a
t}r+`[
I0^eMg(
4`QQj 
qAS mV<
53VvWp
;1PsAky
%/15<`f
fp6ST 
,vvH^OpcUhQ
CaM9H\
uNkLMR
X&ssu!?0}
+|v{	y
gZHWf%
r,ef*Al
!V8.pL
u\e4zn{W
q!&z*u
P%1&gm-
F+.>vX
k@vso6
@'ss=0M
'ct;5j
70/"`*j
<lB@'#
ge|e/J
Kc5';9j
_	|mR^
ueUSn(R
6Z@J~Xu
ROse8>
%n7uX4<q1
,gW	3.{
u{MoujX
e~IU{h
5[LXc#
XJ@pG$[
7e+dY2
i_9\a!
09xG$C
\e:ea1
9BuVuDS
~py-1}-
8	-TW$
TvFZq]"
7x~://
p\1}'N^
)WPOt]
t,v:TM
(\J)y9j
z@lU9l
eEfZR{
W1y`ba%
RL?n;s
p &"*Of%
i[3KP5
5j)}/C
mq#fD:[J
?X7swF
&bViD?*
wwR2]!
LnuWb1
D#N/f8
;>t?iY~})!
/VC\PPH
RYAJd|
JS\;$A&Dc(o
>]`#8U
<HU+GU
_?DoS}1
$9hhSE
LO#>o r
+}[;W?
<yl'7p,
[>QV{!
oEI-:x[I
:+2 _E
V<t}jO
fY#DFm=0
;>mFO5
ln)`sg
u%tDy@D
(,/j3]
v1?"	P]
*opwvJ;W
Kq"cW= 
Z-jp_+
/b"4|dWd
)o\uA+
D&qg*_~
?$QK)p
`*}N<B
Ef_e"9
P=l;}[
x<.X;p
o@;!0v
O~rFyg
f3863:
O`x(ou
9 D2MCN
@$c@D  +
muv#8<*mcH
wLSB4u7
us11mW
}?~96*
>l*p+yS
_'z!.F
4iQ&Bd
|Ut5C:Uxi
Wc;g_Y
t30yvu
0@fzK(d
@,7cua
>AH6N'
I2YbVYlga
w3![ez
|-t)\G=
=jeNcI
>uYS%/
<d2JH[
hLrvlT
}aX0OT
sOF_hg
Os/2oc
BC%Oe$
shD0V+
4jf0]L
)9VP|7
z)lPu,
'we5@9
mSoLms
2`~\-e
uXnkFS
~0mF\C
6%1!3Y
=7Fw{+
.PQ]P}
sU@Z\]
~I$92]K
*n%@fH.
xAt6J[;
`BFj"7
9/\@zY
|dGQ+e
fVoH>\8f
cpW,/.!
kWW@ux
wToz4Cx	*
IcSQy'
oH*6w&
DIoDia
<+^6Q)
-pxTJl
p*W;4zl
a';8u4H
Yq. f~
T=7aPv
	fRIg1~~V
U~mYh2
[ \t6{
Q#4w52[
?<|`nJ
8'NkLo
>|r.lf
Umc<<W
AFJKHDFHLSFJHDJKLGHKJFJIDHGUISDHFUISDHFUISDHFUIHF78E45YT78WHJUIFERHFUHSDJKFHSDFJKFHSDF78FHUIFHSDUIFHSJKHSDFJKHGSDFUIOGHUIDFHGSUIDFHGUIFHGUIDFHUIGDFHUICreateFileMappingW
NFW_W_j
u0W_NFNF
W_NFNF
W_SNFSNFS
 MapViewOfFile
NFhm32
$hthel
Shell_NotifyIconW
UI6$U@
3UR66U[6?
">(S&G0#
hosteanfaldsnonsubstitutionutilbjeli
decernsroomfulskonversatietonsleksik
afgoerelsenebbmanhjemlensmiljadminis
lancetterlabiatehomotypicoutdatednes
gravigradapropitiatedspringledhellig
frakkekravesudsendingenesvolutaeufor
coostkartoffelmelsfabrikkertesmarmor
VB5!6&*
realignsforligkrematorieanlggetundis
scentercanonryindlemmelserneproducen
kartoteksstrukturernefremkaldereinko
kartoteksstrukturernefremkaldereinko
unglutinousnessproctoscopecabaretsdu
slyishindenlandskesafrikanercourageo
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
GetPriorityClass
bjlkenspolymelystampublikumerstenoto
uterotubalrecorrectcichoriaceouserhv
merindkomstkokraftobjektiviserethazz
gimmoranesthetizerkrendesenergiminis
noncondensibilitybullhornsrehonemask
Picture1
acidophilusluepublicerendeskrotnings
alkenongranularneurectopiaaffriended
normannensaxiatebeboelsesejendomprim
frakkekravesudsendingenesvolutaeufor
overfredningsnvneneadministrationalm
cardiashenzizbambus
afgoerelsenebbmanhjemlensmiljadminis
tsedrengenesbespndingenkalontogasbis
publicisedtastebudsfantaskoperationa
fringerplasticlommerneenlistsflunkey
hosteanfaldsnonsubstitutionutilbjeli
floppilypalstaffsvovlplsbabstapaculo
puslerietskeeledvianderunpedestaling
CloseHandle
jagthundsamerikanerindernenyreligisi
thongedomposteringerneacromyodicrams
fritidslivetsreprocessprincipalsskib
sheepbackscorbeillemolybehaviourists
dobbeltjobsinistringodtroendeschartr
yetatilrivendesiridotasissyconidchec
pelletizationditrichotomoustylastera
ufordjelighedblaakopiernelifewardulm
MYOCX2.OCX
uddannelsespolitiksbaggrundsopgavemi
ddssfgfdgf
SetThreadPriority
dsdxssdsd
SetPriorityClass
ddsfgsfdgf
GetThreadPriority
dsdxdsdsd
ddsfsgfdgf
GetCurrentThread
GetCurrentProcess
msxsvsvsfw32.dll
GetOpenFileNamePreview
msxsssvvfw32.dll
GetSaveFileNamePreviewA
ksexvsrnsel32
winspool.drv
OpenPrinterA
GetPrinterA
ClosePrinter
KERNEL32.DLL
RtlMovCCeMemory
IsBaCCdStringPtrA
advapi32
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetKeyValue
StringFromPointer
StartSysInfo
VBA6.DLL
__vbaExitProc
__vbaStrCmp
__vbaOnError
__vbaInStrVar
__vbaVarSub
__vbaStrVarVal
__vbaUI1I2
__vbaLenBstr
__vbaRecDestruct
__vbaAryDestruct
__vbaVarDup
__vbaVarMove
__vbaR8FixI4
__vbaR8Sgn
__vbaStrComp
__vbaObjSet
__vbaErrorOverflow
__vbaStrCopy
__vbaVarTstNe
__vbaI4Var
__vbaFreeVarList
__vbaStrVarMove
__vbaFreeStr
__vbaStrToUnicode
__vbaSetSystemError
__vbaStrToAnsi
__vbaFreeVar
__vbaFreeObjList
__vbaStrI2
__vbaVarLateMemSt
__vbaFreeStrList
__vbaStrCat
__vbaStrMove
__vbaFreeObj
__vbaObjSetAddref
__vbaNew2
__vbaHresultCheckObj
KeyRoot
KeyName
SubKeyRef
KeyVal
lpString
lMaxLength
MSVBVM60.DLL
__vbaR8FixI4
__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
__vbaR8Sgn
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
__vbaVarLateMemSt
_adj_fpatan
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaVarTstNe
__vbaI4Var
__vbaStrToAnsi
__vbaStrComp
__vbaVarDup
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
U#"'+*"
{{y|{wHl
~zvA;=<
rr}xxxxx%%
`[}rrr
__j*:).0
_	/////
Fyyc`(
# Project: Project1
# Makefile created by Dev-C++ 4.9.9.2
CPP  = g++.exe
CC   = gcc.exe
WINDRES = windres.exe
RES  = 
OBJ  = main.o $(RES)
LINKOBJ  = main.o $(RES)
LIBS =  -L"C:/Dev-Cpp/lib"  
INCS =  -I"C:/Dev-Cpp/include" 
CXXINCS =  -I"C:/Dev-Cpp/lib/gcc/mingw32/3.4.2/include"  -I"C:/Dev-Cpp/include/c++/3.4.2/backward"  -I"C:/Dev-Cpp/include/c++/3.4.2/mingw32"  -I"C:/Dev-Cpp/include/c++/3.4.2"  -I"C:/Dev-Cpp/include" 
BIN  = Project1.exe
CXXFLAGS = $(CXXINCS)  
CFLAGS = $(INCS)  
RM = rm -f
.PHONY: all all-before all-after clean clean-custom
all: all-before Project1.exe all-after
clean: clean-custom
	${RM} $(OBJ) $(BIN)
$(BIN): $(OBJ)
	$(CPP) $(LINKOBJ) -o "Project1.exe" $(LIBS)
main.o: main.cpp
	$(CPP) -c main.cpp -o main.o $(CXXFLAGS)