Sample details: c31891cc7616bed10ed1d7ac6b1cafdc --

Hashes
MD5: c31891cc7616bed10ed1d7ac6b1cafdc
SHA1: 7a7b1db63072f7482920ed5ae16fe085f9466f7e
SHA256: 7b3d8681b27d5b349d5d6f550ab2262e9a94d05b0d89aa05abe1cd7e8374bd88
SSDEEP: 768:4LB5z0Pm15Jw9b1/DuiRutEU9QW12vO/lfPH3:4FTqdRRutkO/lH3
Details
File Type: PE32
Yara Hits
YRP/Visual_Cpp_2005_Release_Microsoft | YRP/VC8_Microsoft_Corporation | YRP/Microsoft_Visual_Cpp_8 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/anti_dbg | YRP/win_files_operation | YRP/Str_Win32_Wininet_Library | YRP/Str_Win32_Internet_API |
Strings
          	            !This program cannot be run in DOS mode.
`.rdata
@.data
h4(@Ph
tKjdjd
t%Vh:Q@
Invalid DateTime
Invalid DateTimeSpan
CMy222Doc
Invalid DateTime
Invalid DateTimeSpan
CMy222View
SysListView32
Invalid DateTime
Invalid DateTimeSpan
CLeftView
SysTreeView32
Invalid DateTime
Invalid DateTimeSpan
CMainFrame
Invalid DateTime
Invalid DateTimeSpan
GetProcAddress
KERNEL32.dll
Invalid DateTime
Invalid DateTimeSpan
Invalid DateTime
Invalid DateTimeSpan
Delete
NoRemove
ForceRemove
EnableWindow
SendMessageA
USER32.dll
??3@YAXPAX@Z
__CxxFrameHandler3
??2@YAPAXI@Z
memcpy
_CxxThrowException
memset
realloc
malloc
strlen
??_U@YAPAXI@Z
??_V@YAXPAX@Z
strcmp
strrchr
strcat
strcpy
strstr
MSVCR90.dll
_amsg_exit
__getmainargs
_cexit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
mfc90.dll
GetProcessHeap
VirtualProtect
VirtualFree
HeapFree
FreeLibrary
GetProcAddress
LoadLibraryA
CreateFileA
lstrcpyA
CreateThread
lstrlenA
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
KERNEL32.dll
MakeSureDirectoryPathExists
imagehlp.dll
_stricmp
.?AVCMy222Doc@@
.?AVCDocument@@
.?AVCCmdTarget@@
.?AVCObject@@
.?AVCMy222View@@
.?AVCListView@@
.?AVCCtrlView@@
.?AVCView@@
.?AVCWnd@@
.?AVCLeftView@@
.?AVCTreeView@@
.?AVCMainFrame@@
.?AVCFrameWnd@@
KERNEL32.dll
VirtualAlloc
KERNEL32.dll
LoadLibraryA
IsBadReadPtr
KERNEL32.dll
HeapAlloc
jK0(>Er
 `8s6@pzJ8
t2iu0x 
Ux?x.t7}
Wininet.dll
KERNEL32.dll
InternetCloseHandle
InternetReadFile
KERNEL32.dll
CloseHandle
ReadFile
GetFileSize
SetFilePointer
WININET.dll
127.0.0.1
YYYYYYYYYYYY
VirtualAlloc
KERNEL32.dll
CreateProcessA
KERNEL32.dll
WaitForSingleObject
.?AVtype_info@@
wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwtGwwwwwwwwwwwwwwwtDDDDw
wwwwwp
wtDwwwwwDGwwDGwwGp
wwGtwDwwwwwtDDDDw
pwwwwppwwwwwwwwwwttp
wwwwwwwwwww
wwGttwGwwwwt
wwwwwDDwwtGwwwwwDwwwDwwwGp
33330wp3
wwGttwGwwwwt
wwwwwGtwwwwwwwwwwwwwwwwwwwwwwwwwwwwp
wwtDtwGwp
wwwwwGtwwwwwwwwwwwwwwwwwGp
33330p333333
wwwttDwwp
pwwwwwGDwwwwwDGwwDGwwDGwwwwwwwwwwwww
wwwwpppp
wDGwwwwwGG
wwp0wwww
wwwwwwwwwwwwDwwwDwwwDwwwwwwwwwwwwww
wwp0wwww
OGp888888
ppwDDwwwwwwwwwwwwwwwwwwwwwGp
wwp0wwww
wwwppwwwp
wGtwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwp
p0wwww
DDGwp8
wwGtwwwwwtDwwwwwwDGwwDGwwDDDDDDDDwp
wwwwwwww
p0wwww
wwGDwwwwwttp
wwwwGG
wwwwwwwwwp
wwwwwwpwppp0wwww
wwDGwwwwwtGwwwwwwDwwwDwwwwp
wwwwwww
wwwwwww
wwwwwp
wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwp
HrCg@b	g 
SSbpS	
SSbpS:g
SSbpS	
SbpS;m
>f:yteu
ceQjR4
h>f:yy
h>f:yy
-N>f:yy
>f:y(W
S>e'Y0R
Rbc0RHQMR
OX[@b	g
Y0Rck8^'Y
HrCg@b	g 
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity type="win32" name="Microsoft.VC90.CRT" version="9.0.21022.8" processorArchitecture="x86" publicKeyToken="1fc8b3b9a1e18e3b"></assemblyIdentity>
    </dependentAssembly>
  </dependency>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity type="win32" name="Microsoft.VC90.MFC" version="9.0.21022.8" processorArchitecture="x86" publicKeyToken="1fc8b3b9a1e18e3b"></assemblyIdentity>
    </dependentAssembly>
  </dependency>
</assembly>PA
PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD