Sample details: aca9506befd5d3cebd9744727c95f19f --

Hashes
MD5: aca9506befd5d3cebd9744727c95f19f
SHA1: b49ae32e4d165ce72965a1173717d23a8a68a16b
SHA256: fa808c78e722a6b3dc9702e455a296fd0b9ada3b049a8e2d5340ad76d3727f61
SSDEEP: 6144:CaJsnTdMmLSJ/ChJjNwHXGny6nKNyB2jkRq8efYbxF5Lt1J0:/GdMnJ/KKXKpnky2iHewF5Ld
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | YRP/SEH__vectored |
Source
http://www.centerweb.es/soporte/.eval/en/sys/adp1.exe
http://www.centerweb.es/soporte/.eval/en/sys/adp1.exe
Strings
          	            !This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Oxiderer
Pujunan8
Partook
qG@|vF
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmmllqzz
{llmhl(
G|@@@@@gghhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsxGvB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv|||
@@glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qpp$IF
(gvvvvvvvvvvvCvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvvvGmvvvvv|@
@llggq(
vGzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
@lmvFF
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzG
F\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttppqx
AAFFFFF
gGppqmpr
AFFFFF\v5gmmhG(
ceAFFFF\fF
/ULWVVYcnAAFFF
5JCLMNNNM
|rrf[co
yjyyyyjyyjT
QQQQQQyQ
QQQQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'8'[
'X__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQ
oAAAA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
+-E8_d
%35Q/{
Partook
Venters
Pedicellar
Chaparajos7
Duodesformaterne
pF5Hlc
xxL(K4
G\3`wP
	q-~mNb
HF %	_
[k?sL(
z{6XdVd
;jY'o*~5
Z/DFK?
b^LEl+h
NN\b{&
(<d-<j
I6m]_X
EG@jz?
?yLULr
@	ax>/
E~_W+^S
Rm"Z#xV%
5?);j(
:3Fh,SWT
.E(tR)KE
4}t4,W
Acx'$5
1T	O.O
Bo?wqo
"d6EzX
:Sj *@ip
"3&~?G
iL34(W
3SI`/i
}2T/iC
+ 6_nki
nahrw;
Vm!&F<[H
"ZX}1!]
)@qq9Y
z4b\d#
EJfh~ 
"k$lQQ
&/oXr_K:
oekzuN:	b
`	/$%mx
VJ\y@90A
wNV#(8
e(R}.l^
ueKlu}`
kt!fODf
*+,n|t<39
*e7U^MG~
26x2YJbG
'	CbxY
uPeXDI+
xn``YBlv
@%:5L#u
{%i<,R&
I4YSI`
QDEL_l
Qt={6V8
"4bQ8E
7w\n8Lx
yYU#~0
4,Cy/kd,J
\*O=j1X{Ci
PYe%K x
P	A9R3
iX	wn8
-FMl]/do
=hohV\
L	2-2F
u}/C_"
qh.qSD
CINKgR
8>	;(nq
Bs94}I
:y}'I^Di
x;(}im
Jws!clm
2"s+Od
:G|DqF
Qt23~Ea
ph9MDZ
yTFS:Z
KV1};j
;J P'H>
4IY't>y
?r	]\y#.
*w\FOH6g
$0jq:E
^^5%!9(z
Gz-)tM
%d|2:q
F_`!Fo
2dA&d&
FWy0QFs
PkD*m4K
4^bVOQ
7.e ]@3e>
#59>Dy
j&qqr:
p^GLroL
~p%%ZN
+6TtT~
0a	JpG
]C.?i>Ge/
67!>D"
&FG_N*F
iXsVL_$'
qZw>PV
KGC5$=
q$78hm
1S;]j4
G"HTr~
(4dKK&ju
DH45tx
aqw{>_}3
q>6B>M
C&PI.F
k Athg
`W],~3
0swYRlj'4
|>+V0~?
fb3@eX
Ba<'_J+n|
Y6	PD.
Yv."@)
PJAavt.
?BE:+cM
G=DpQi
am6'v}
6!AEc-
D<uhX@
Q+cep	
[^@e#MgT
sL-.9s
3|3b'q5NG
,)l8Oq
;r2TW7:
**~n(L
B;My6N"
\4	\	Iz
nyCKC$_Z
]W|PP\
oLOR}Q
k2ctb:"p
Jm[8j tz
Hj [^6
*nnOOgCH
&EVsoz?*
YGDz(V
~P7ZD	
ePZu\JQ
i5J/TIT
RX=xY 
d%vEC:
6>*zZ=s
#	8czTM
(it*L5
Ufs@VMd
0g-9q~D}
[q$g7r
RlO~|x
G*BJh 
WKs]B|
IP0ZhU7M
c7t(bJ
iP3skx
0f<IUe>
yMsv6N
w5e][o
HiIR6f
z7ciI6
@qQ\b"
@Y(Kac
'Hk`	B4
m	lh)d
1),(W/TT}
I'L5AT
zb-T/o
}@V;#}
G$?KiY!Q
h,yLI8
e`2)=v
WeU<9n8i
PMC=c5BzM]
KoxmJbl
<5>652~G
u1mu[J
Zp# Z*m
47L737
l6;FsH
jgRcEYd
wanIEYo
By_J*Wu
K)-N}X
}2(9>ka7
bjC8*`
s4 8=\Hq
hxIGr~e_
4z,M|c+L
TL^.({M
3s@s0R
Pbm)dE,
53[/ J9
tp@ .yk
e#P;$0
vmdm,%9
2+hYR.
5fJV+Lx
	&<] 2
Yy`sc5w
3;qJHnl
c+ufg[
~Kc887k
s&Cdy@
D-R5[q%GZ
lU1s;_
t=|e4viYZk
=FdbvD
UaPyK_
9V&>fW
=/{(Z$
,I;ZCCx0m&v
&<4p2x
gB!rTk
P"2+}l
Bf*T+Sp
8Zs8&`y
qZ@	#>
1*g+'K
%*SvjP
e+5};S@
BE`Aq:;y
|v|p94	
7F={Kc
\ Nnu2
|,9gFW
puCkZh
\#kT,D
80ChPJ
;P_n#-O
ph7TU,D
^&xGH>Z
Xa]S[8
	ESgxg
!/MAJF
_zsa_9
X^fcK}
@U!=\VU
s+$Z~) 
BNP~>\u
{~P{ZO3
g~/&(2
_w_lg<
SHELL32.DLL
Shell_NotifyIconW
PHeapAlloc
KERNEL32
o\G~fL
o\G~rS
F4MUo\
o\N~dW
o\G~zU
_R[i#x
Mi:xJi:t
Ji:xJi:t
JZPh~ZPh|ZPhzZPh|ZPh~
Distained
Siksakkurserne
Candyflossen
VB5!6&*
Ducking4
Melodism6
Oxiderer
Oxiderer
Pujunan8
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Distained
Chaparajos7
Duodesformaterne
Candyflossen
Pedicellar
Venters
CreateDCA
kernel32
HeapCompact
user32
OffsetRect
WaitMessage
ADVAPI32.DLL
GetSecurityDescriptorOwner
FindResourceExA
VBA6.DLL
GetTempFileNameA
winmm.dll
midiInGetDevCapsA
ExitWindowsEx
GetMetaRgn
SetConsoleActiveScreenBuffer
GetSystemDirectoryA
imm32.dll
ImmGetCompositionWindow
SetServiceStatus
CascadeWindows
ActivateKeyboardLayout
LeaveCriticalSection
ClipCursor
AddVectoredExceptionHandler
CloseWindow
URLencode
__vbaErrorOverflow
__vbaBoolStr
__vbaSetSystemError
__vbaFreeObj
__vbaNew2
__vbaFreeStrList
__vbaHresultCheckObj
__vbaStrI2
__vbaStrCat
__vbaStrMove
__vbaStrCmp
__vbaFreeStr
MSVBVM60.DLL
__vbaStrI2
_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaBoolStr
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj
+-E8_d
%35Q/{
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
|rrf[co
yjyyyyjyyjT
QQQQQQyQ
QQQQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'8'[
'X__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQ
oAAAA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
qG@|vF
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmmllqzz
{llmhl(
G|@@@@@gghhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsxGvB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv|||
@@glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qpp$IF
(gvvvvvvvvvvvCvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvvvGmvvvvv|@
@llggq(
vGzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
@lmvFF
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzG
F\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttppqx
AAFFFFF
gGppqmpr
AFFFFF\v5gmmhG(
ceAFFFF\fF
/ULWVVYcnAAFFF
5JCLMNNNM