Sample details: ae99103e5ce4607dceddd757d78538df --

Hashes
MD5: ae99103e5ce4607dceddd757d78538df
SHA1: 1bba604a228afa3acff5d06f3e2b4b1f9b833d85
SHA256: 93e98542a60cdc289195a75af47998995b83a01c880a9647d1171be104ab970b
SSDEEP: 6144:blRikI9uFJXo1hCoKJ3c9eWhWzlFF2Yl:JHI9ujXohCoWM9eoWz/FD
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | YRP/SEH__vectored |
Source
http://www.centerweb.es/soporte/.eval/en/sys/aaus.exe
http://www.centerweb.es/soporte/.eval/en/sys/aaus.exe
Strings
          	            !This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Undervisningssystemerne4
Skyderiet
Velsigne
qG@|vF
qG@|vF
qGg|3f
(zlmGmmlllqzz
mgghhhGGGmmllqzzp{llmhl(
G@@@@@@gghhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsx
vB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv|||
@@glxx(k
|vvvvvvvvvvvv
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qpppIF
(gvvvvvvvvvvvvvv
vvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvnvvvvvvGmvvvvv|@
mhh@llggq(
vGzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\FFFFvg5GphFFFB
\\\\\fFFFFFF55
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGvFFFFF\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttppq
gGppqmpr
AFFFFF\v5gmmhG(
ceAFFFF\fF
v5g&@t
/ULWVVYcnA
5JCLMNNNM
|rrf[co
yjyyyyjyyj
QQQQQQyQ
fQQQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'@'[
'X__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
oAAAA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
/012945
!"#$%&'()*+
+-E8_d
%35Q/{
Velsigne
Hmningens0
Tetranitroaniline
Lnregulering
Bortforpagtningens
Kartografisystemernes
Nejning6
Cobalticyanides
&NU4g,
aa":	$
DE=b?bU
%H&i)i
`WUz;Qf
:y#=|"
`KDvh :
'u@k>x&
Pr7@F!
C8EDe/~8N
D1"maw1Vzu
oYsT	Y3?
':4qqT@
U!,Y3p
)k\3ST
"n~SYF?
!,xofTt
QiwjFZoE
fh@w/iU
z$~43K
>9"?30
g)	 Ixk
{bu.iQb
Y$jGlv.
>nMz$"
!Ts6TI
B&Vn	U
v%=I:b$S
Tj#B|e
6B\9e7
%,np@T{aL
!Ve;+O6f
	;]3;s
%i2k}9jA
)>9fK)
qxczl%
0&::-@
F;-J.^
a<wqZq
0JyQwK:
HY[#?3y
K.nd$/
ub54)>]p#
g4z$-o
iEhja%'
9Dr	*-
dh$"F$O
[M<feP
<E@(dh
\R`:g3
(&T2^C
['W:<Iv
OwGVDnP
:z/JA{L
NIk]DL
z4ulMd
SqgZE%
tqL3c@
c]f4wj
;4io0<
MWp8Bw
 FO^)C
S]01$E
9;Z0ath
}$a6-A
~'|y;Y
Kni|M<
QtN[EoT
G&"1 B
uW!{LO6
8xFnr%
~12ykt
o#:wW$
Ft4|U;
KCOiJhq
3PMBNr
dz O4=
WCah;,Y
v=hkSl
W?]IMF
hOg-}^
 ,TmB?
o!svni
z4u	`Yf1
7#8ktO-
oZ8vsl
EcDB%b/
 uE<HC,
)W0N8H
+"hL_c
-V0XV+
ir.cKy
<sQVMJ
"dy5bh
3o<7	mA
mDRFOoK
<\SV?5
JJMEs\v
@rFdb#x 
[vHP<o
pLbq7]
=(&GZD
p}q~<#
lIk*JXX
!/"%[3
7exi|(
c6<hLf
Ne].rh
 tFL#DQ
(Jy[qDx
tF)B ZX-
?bCq8,lej
a{sa]r
Hg;-HD
I+U)X(
JP`N3P
V+lL[F=
OW 0wK
J@os,U
jSa2$!
kEA7iW
S~{2g;
i)~<!G
V1ubO:
76Fh$S
7gy$g#-Z
`Vk98v
?l8w#P
%76`3s
d-LPuqy
 9$>|d
\Mw^`6
jR]=0{u&
E;<^GiR
vXYe2G
L3!j::
ZfX:{v
y}Tmn3
ZCAiYL=
H`#L!)
0Y`pVE
(}L+#(
uQ%`S~xk
TwAu^?O
O>eMgV
H?~aCx
jf9kR9Wdglm5N
B!md4Y
/X1Q%In
|\Kz$y
9Z!jK(
kSM/*OX&
IO{kBR
I\,K%7
PT%PdjSb
RHL\7<
#O$wa&
$g2a^Se
84,t&>
S1s6]f
\cAZUq
bv0JmUd
-YOvZN>
 [S/1F
r$e7*_]
"R^<ZW
44e[Zk
}*`,6=7t
x^8'Cc
g)MV(;
P6#U*O^zJ>
s>>)*d
_$./+ 
xdw_hW
 t)t39~
^M$\\qF
*,3:kO
`+u&{M8
_eH5o46
f&,VaK
>oO%pBn
y0%ml=j
>W8&&B
JM!Y`qj
$1Nb(r}
[mB,x1
	"c9%nr
EHawqx
QHO@#e
gQ2v{,
,G5a%JE
e(pis|6
x8FB0UP
CR4N/g
)XNyx	9
B!3IsE
e+Txb%h
b]?2!|
(_pO~;
+*gv|b 
`3Mg*6
*q.'mc
HZZ0T*A
9+PnxYU
]hHMn)
VG[TnI
Pg[O'w
8W^[b1
5YWQtz
;q\q|%
2By`G7?Y
jHSI=Q
dBr2?>
KJ2p#V
l[]OEf
}yZ56V
@ui#D[9
`;Jttc
/aWbB}
?> XsM
ygYcZK|
8#wN0)mV
QlE+WQ,!5
W"am74
75KjHr
xwJ#0'
-,;.$G
qx>p6&n;
vwwE~|2
(`'	mk
sd`=Y,
Y/<s/Tl
#nP0mxVIj
%Zhx6P%
Dyys"z
W%^tlF
qb\HEZ
S^GI/r
nixd_=
>8?~tu
=*i#IH
y*2]Z>
Xu,6kX
'4s@	m*
1C\*?'76
s1u?6m`
(;h@&|yDm_	
*0zWa3
xuG^9*
2<Y\Bh={
c@/kFy@
bY{AD6
qahBy=
$	iE!(
\d|#;d
<13K=D
N*9Xq"[
*t"![s
9g7C}?
|7b+NO
zFW'u5
?vqGE+
|:,rF\
p-+vIS=
_	FFj8
<[InLc
N!yl{=H
3i7]`b
SHELL32.DLL
Shell_NotifyIconW
PHeapAlloc
KERNEL32
P|?e;z99m
Opdigtet7
Renlydens1
VB5!6&*
Afpolitiser
Reciprokvrdien
Undervisningssystemerne4
Undervisningssystemerne4
Skyderiet
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Hmningens0
Opdigtet7
Bortforpagtningens
Cobalticyanides
Lnregulering
Nejning6
CreateDCA
kernel32
HeapCompact
user32
OffsetRect
WaitMessage
ADVAPI32.DLL
GetSecurityDescriptorOwner
GetTempFileNameA
winmm.dll
midiInGetDevCapsA
ExitWindowsEx
GetMetaRgn
SetConsoleActiveScreenBuffer
ActivateKeyboardLayout
FindResourceExA
GetSystemDirectoryA
imm32.dll
ImmGetCompositionWindow
SetServiceStatus
CascadeWindows
LeaveCriticalSection
ClipCursor
AddVectoredExceptionHandler
CloseWindow
URLencode
VBA6.DLL
__vbaErrorOverflow
__vbaBoolStr
__vbaSetSystemError
__vbaFreeObj
__vbaNew2
__vbaFreeStrList
__vbaHresultCheckObj
__vbaStrI2
__vbaStrCat
__vbaStrMove
__vbaStrCmp
__vbaFreeStr
MSVBVM60.DLL
__vbaStrI2
_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaBoolStr
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj
+-E8_d
%35Q/{
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
/012945
!"#$%&'()*+
|rrf[co
yjyyyyjyyj
QQQQQQyQ
fQQQvr[zvQ
ovbXvq[fvXM
]ooo'XXh_
114__h_X'@'[
'X__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
oAAAA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
qG@|vF
qG@|vF
qGg|3f
(zlmGmmlllqzz
mgghhhGGGmmllqzzp{llmhl(
G@@@@@@gghhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsx
vB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv|||
@@glxx(k
|vvvvvvvvvvvv
@ptt(FG
vvvvvvvvvvvvvvvvvv||
qpppIF
(gvvvvvvvvvvvvvv
vvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvnvvvvvvGmvvvvv|@
mhh@llggq(
vGzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\FFFFvg5GphFFFB
\\\\\fFFFFFF55
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGvFFFFF\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttppq
gGppqmpr
AFFFFF\v5gmmhG(
ceAFFFF\fF
v5g&@t
/ULWVVYcnA
5JCLMNNNM