Sample details: a0a1289cff7b368bcb26e6d67a860351 --

Hashes
MD5: a0a1289cff7b368bcb26e6d67a860351
SHA1: c42494885c4c7831062d8edae9457fadde01a4c8
SHA256: 66b6c6dc0de2a5ed8db120bb9da64735d423e7fb4ec7a5231c5bc820617d1d51
SSDEEP: 6144:bpew6skYHh4a3U1xOs/PSKdY/oP0lz7YMw:b4w6skYHhN3ULOs/PrKl
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba |
Source
http://limedentsoffer.xyz/jetminitf76f7fiff67f7if76fi767ftrf976f7uiyf76f6d5dydtfo7totoofofo/INPUT.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
VisStliges
unkissed
D	e	TW;
;WT	e	D
~rQ}}Qr
hP&&Ph
CB##BC
canceler
Overbbore
Watered
sportsgren
Nemertine0
vKaz;4
65[~K2u
CiF-;0
me5=4B
9{@"(	
+8	gO;S
<!.__x
6%W:RF
8}cJ@hB,
wUlOft
N'HKK-
KzAj4E
jz,I$,
 c3K=V#
fg'3v0
|q\)GQ
\k$2H 
WKB^wi
&<Q*aV
$=b}^q
j%ws?N
3.}q T
7LL,<i
((T-6e
03z1SL
:EdO*D
t_Ualwf
.Mo:tO+|u
tqxca	
N_SU5i
g6rr4Ot
('~UtC#
?q+UFW@
JRB5]p
Q1xESk
_7Ap'b`
#f<p%j
}-^9b;
3Lyr4=
T(=zXI/
b;sbqE
]_Pd#-|
TD/~t 
g AJ6D
wg8W?=
D M_GB
h]qyc(
moOZ*f
(`[KT<
vCz35k
@iGa]u
:%*Kro8
aiX+	F"
9!4<Tq	
k1#yOg
91~>dO~
px/x>I
q2j[_h
K+SS2e
-@>dvo
r#vSCw=
GcmL^t)
0K8a1Hhfr
mFgTuZl
ZYh/.7R
2gc)YA3
nS:IQ!'
_y`1?%%,
Hq<*k\[n
#)Ho %j
)RBHqT
s6gfr5
w:\]*7/
xImAhS 
_U9Fhy
/A~N?De
p3wF	t
!!Zl79
y`?,7p
i2H)je
\#USe4
j'r<4E
d~Z	=l4%
p>T)qz
ATYz%P
!2\:5z}2~
`:1O"B]
nBm)hia
/^J2@;
7hapHb=k]
\A]X<X
bMC	Ly0
a<C"~E
i$l]Due
2?	j7~
A)0JP[
G]Q/^q
wX5yeT%W
2|1*vu7
=]pD5Z6I
aH]t$=[
QfN6hC
Y1o:fk
Efj}bl;
p|p"1W
ZA x~%
^s8X|j
fIdE*:	c
0@~T	;
PnjdW3'
C~!fB5
X<LZco
>[YjR\
"(*2IN
J},[[g
 sNIE(F
R?y7W1
Q'h&%[5
}/m!;C
ccymSZF
Fh~?,j
dI_P-T
D'XT{CG
rE=`54j
H=3Eb{
M_G-U9
zdRp_}
Mk7Od9
F'u-B!
{.F$X3
-Q(Hm0
"mr[sa
8%88m3.
iu_6M[-
b']h[	E
L(hfS>
5\	sct
b\`<[q
yW?_xo
t:N$N-
	nN~pO
K;4~jqJ+
O\h;@1
&S$=r&^0
rC7\i6!
qL-vc9
ke{v{w
TIVC3^
6bL;\@
w.IBTFtI
1AQ[OP
>uEm@e
A'=DnK
J.xHIs
 *^O>7-
N'QSiY
<)!Nc0
-6\?0nV
3,":@/
A^:U_2
q-hgTsQ
ns,;U}G
p4xoM<F
;7XIh,u
%]i9|4
T'i?Jo/
Ju}A.N
%Ldtx9
FD%5d%
65y!@}
p#m?kb
4XwYGB
zl$I[O<U0
zpfoS+
Pa0OH~i
E(_$yT
b4cua+
`X;v6T
jBtU7=
I8)%[UE
0`xvPkR
8}^WP3W~$ 
;~Ag/l
@bz~$W
AC[76O
XSPg	/
1dhiH"R
tk"I8-
FHzRZ-I
@G}FA rV
:iz+-:
,K8 piJ<
nb8%i?
&"dDpo
61DNIt
@49a1z
@_ILf-
jV@{ih
`><!F\
Q9H>1=H
^1cr$	
5}*<:R;
4_#m~.
f+RugVtL
d|8g	N!
:F	7XK
w0oS~Ue
IsIb\5
N6w0Xi
]~L_eK
	LZpbb8
|1xq~MX
9YC{hK
U[DlYR
1o>C+B
VQ[\>|
VWx;S_
Iy@q.0
E*yE-{
<?b)aD
*~5|SCo
V\nK*Ew
Ci?k4]
FlwyWg
0Zv=>\Q
ppP'qZ
$,-5,Q
<#d f;
_B5]0{
B>>No*
lmuV[Vu
+T@aSRM1
K r5:3
AokVp6%*jR
I1rXVL
pc9	_z
\@]T1C
Sw.jS*
Mo6e"JO
(i;<OQ
T:C"//
FX)|~U[
.uq#2G
`%u_6a
!r2r*Q
noY%a<0
LPV;r`
>NGp4l
B	<06JZ)
8ueF<	
J!v?H`
FG)4]Zz
vZg,X]
45 Msif
m;.."x
C$QlH(@
Z%~c0[
,g*'4|
zy>`Ca
.L55MH
sRONsj
Bz%*Az
"XJN1e
"L?~'xImz
K<NBzl
Yp@h?e9
KM6/Na
)pdH{l
~acs"$
U*Q*l"
fsq9N3
<Fzu<t
-m.61q2
VG[O0o
xI65|D
)CbRcNv!
:7~8{@Z
g`AZ+m
St=wJ\
7~ &.4
dQBK_N
][ K+b
:&.L]k
bX*G"R
F.O!O7
83;4p`
:GZV/zB
1`;5_x
5`o%0q
3POk`;z0\I
^J0kbT2
"a>%Fq
H12+	k$
@b)=UA
moY.s%
`j@BG&
0(o6N]
<\k\J{
r+075{
520|k*
AWV#Z.i
Wj`@NB?T
:	4Fvl
b(FT7Av
xv$!7NU
CA<2k{
<#}n_>
:>KM'E
pc@)RW
)*T,TU
V)8hJoc@1VbD
hJO:6S]U
S{aQv&
B$Q~5:
yGC|JN
`c:Ob*
HGX*IQh
>VV<oa
\v[L-e
="$:'Pwe
;LDsd$RV
MapViewOfFileEx
CreateFileMappingA
WriteProfileStringW
kKERNEL32
5$Bbl|F
iFbs{F
i,tA<N
Gi;65&VL
5$6blfF
5$6b<fF
awB4}N
iFc7oF
MGU57>
AGCxmNH}
Tricrotous6
VB5!6&*
Brillens0
Libretti
Stliges
Stliges
unkissed
taleundervisninger
Overbbore
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
sportsgren
Nemertine0
user32
CharUpperA
KERNEL32
CreateRemoteThread
SetCurrentDirectoryA
WideCharToMultiByte
winmm.dll
midiOutClose
LocalFree
imm32.dll
ImmGetCompositionFontA
GetICMProfileA
MapVirtualKeyA
GetBoundsRect
ADVAPI32.DLL
SetSecurityDescriptorGroup
__vbaR8Str
GetRgnBox
GetUserObjectSecurity
PrivilegeCheck
CreateIoCompletionPort
AddFontResourceA
ReadConsoleOutputCharacterA
winspool.drv
ScheduleJob
SetCursor
TransactNamedPipe
GetSystemInfo
SetLocalTime
GetSystemPaletteEntries
AreAnyAccessesGranted
WaitForInputIdle
CountClipboardFormats
DeleteObject
DdeKeepStringHandle
GetGraphicsMode
WritePrivateProfileStringA
CreateMenu
CreateProcessA
MsgWaitForMultipleObjects
PolyPolyline
GetClassWord
GetSystemPowerStatus
EnumUILanguagesA
Form_Paint
VBA6.DLL
__vbaFreeObj
__vbaFreeStr
__vbaSetSystemError
__vbaR8IntI4
__vbaHresultCheckObj
__vbaNew2
__vbaStrMove
jPhpND
MSVBVM60.DLL
_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaNew2
__vbaR8Str
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
__vbaR8IntI4
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj