Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: cb62143489ab189f7dd1c99492a3f1e8 --

Hashes
MD5: cb62143489ab189f7dd1c99492a3f1e8
SHA1: b97ba087509b85025be0665bcf743956132a7169
SHA256: 0fe06ad223e07acdeb28d28a37e974156e4f0e3bafc7a801457b090e09a6dabb
SSDEEP: 3072:7qbcMkGPmXubll50ll8jOEYCV2Hy5EIK560Tpa6lGO+szaktwJo7DitI/G:mAsmXuH5I8iNYqAK59pa6ll9VDV/
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/DebuggerHiding__Active | YRP/screenshot | YRP/win_registry |
Source
https://b.coka.la/pD1Kk5.jpg
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
 Long,Uranographer
criminalistic
Welcome
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNrr}xxxxx%%
NNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNN
`[}rrrNNNNNNNNNNNNR
__j*:).0
NNNNNNNNNNN
_	/////
NNNNNNNNN
NNNNNNNN
rrNNNNNNN
NNNNNN
NNNNNB,M
rrNNNNi
rrNNNNi
rrNNNNK
Fyyc`(
%NNNNNN
CP%NNNNNNN~
PPNNNNNNNN8
RRNNNNNNNNN3
9RNNNNNNNNNNN
55NNNNNNNNNNNN
NNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNN388
NNNNNNNNNNNNNNNNNNNNNN
KKiiNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
Okkuperingerne
Signet
Oksestegens
Corrado6
Fremragende
Campsites6
VB5!6&*
Perpendikulr
TEST_23
Uranographer
Uranographer
criminalistic
Indbetalingsystem5
Skyggelivets
skvadrede
Alchemise4
Polytheistically1
endegyldige
Lejekasernes8
skrinlgningerne
cebalrai
Campsites6
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Fremragende
Signet
Oksestegens
ADVAPI32.DLL
OpenPrsocessTo1ken
winmm.dll
midiIsnClo1se
user32
CopysIma1ge
SendMessageCallbackW
DdeSetUserHandle
kernel32
WritePrivateProfileSectionA
WriteConsoleA
VirtualProtect
MulDiv
VBA6.DLL
__vbaR8Sgn
__vbaVarDup
__vbaFreeVarList
__vbaI2Var
__vbaStrMove
__vbaStrCopy
__vbaFreeObj
__vbaFreeStr
__vbaStrCmp
__vbaVarMove
__vbaNew2
__vbaEnd
__vbaFreeVar
Skredene2
__vbaErrorOverflow
__vbaAryDestruct
__vbaHresultCheckObj
__vbaGenerateBoundsError
__vbaAryConstruct2
__vbaSetSystemError
sexisyllabic
Khanjee1
afstress
Spoonerisms
configurating
brnelokkere
Stercorarious6
Reckvelser
Weena8
ausform
Galopperede7
valgmenigheds
Misaccent
Fasedreje
leprotic
Prescott8
Deadlinesses
Securable
Ulvetid5
pompholyx
A5QU<l
paleohistology
Bortfiltrerede5
nombles
Ordenspolitiet5
colpeurysis
Lyster
Acrologic1
Forslow5
Vanetnkninger
formelles
highth
skeptisk
stningsstykkets
Curably2
loyalty
Spatterware3
Botaniseringen
Contrivedly2
kasinoer
rematriculate
Bestand
Stoplys8
Misery6
Tallotteriers1
Triumfering
Conqueror
dichasial
Opkoebt1
Magnanimousness
enneads
Mikrodatamaters
garwood
Fejltrinets
Superannuitant6
Residualoliers
talebearers
slibningens
Droner
anonymiseres
Krydsordsopgavens
Belnningssystemers3
Samvittighedsnagets
Standsforskel6
Benzen
blanketweed
Reslash2
Forldremderne
Deltalfirma
Snappily
katodestraale
assemblerprogrammerings
foreskrive
Productidae7
Kidnaping0
gnomonia
Disrespectfully
Sdefdselens
iodothyronines
Skriftefaderen8
Bagvejens2
Metallically
prequote
aspersion
Binyrebarkhormonets
Finansloven3
Linear1
Sportiges3
Landstingsmedlemmerne3
Turcykel
Olaminerende
Forgrundsfigur
unvindictive
Smrfedt
Abnormal6
Ingelenes
noninhabitance
Railwaydom7
slidsomste
blrehalsen
uefterretteligt
hyttefadet
BeginDeferWindowPos
OpenDesktopA
WaitMessage
WaitForSingleObject
WaitForSingleObjectEx
FreeConsole
DdeAddDataA
DrvGetModuleHandle
winspool.drv
EnumJobsA
MoveFileA
RegGetKeySecurity
CharPrevA
SetPrinterA
AnimatePaletteA
SetAbortProc
FoldStringA
SetServiceStatus
SetColorAdjustment
GetRgnBox
GetJobA
BeginUpdateResourceA
CloseDriver
ScrollWindow
SetStdHandle
LoadBitmapA
DdeDisconnectList
StretchDIBits
RegEnumValueA
CopyFileA
ReadConsoleOutputCharacterA
AddPrintProvidorA
ScheduleJob
ReplyMessage
WritePrivateProfileStringA
LocalReAlloc
DdeAbandonTransaction
AdjustWindowRectEx
SetROP2
GetBinaryTypeA
CreateSolidBrush
CreateWindowExA
imm32.dll
ImmGetCompositionWindow
Escape
RegisterClassExA
CreateMDIWindowA
PrivilegedServiceAuditAlarmA
DrawIconEx
timeEndPeriod
EndDeferWindowPos
ImmGetDescriptionA
waveOutGetVolume
SetScrollInfo
GetDIBColorTable
LoadAcceleratorsA
CloseFigure
SetParent
RegQueryValueExA
GetDoubleClickTime
HeapUnlock
waveOutGetPosition
MapViewOfFile
OutputDebugStr
CreateRemoteThread
GetSidSubAuthority
InitiateSystemShutdownA
ScreenToClient
GlobalFree
SelectClipPath
GetBrushOrgEx
GetDefaultCommConfigA
GetOEMCP
StartServiceA
DeregisterEventSource
waveOutSetPlaybackRate
IsValidSid
GetPrivateProfileIntA
DdeNameService
EnumDesktopsA
LZDone
GetSidLengthRequired
ScrollDC
SetActiveWindow
sndPlaySoundA
Rectangle
ReleaseDC
shell32
CommandLineToArgvW
mpr.dll
WNetAddConnection2A
SetConsoleActiveScreenBuffer
GetCommModemStatus
SetForegroundWindow
GetPrintProcessorDirectoryA
ExtCreateRegion
GetSidSubAuthorityCount
DdeConnectList
SetTapePosition
RegEnumKeyExA
ReuseDDElParam
VkKeyScanExA
GetClassLongA
EnumResourceNamesA
SetMenuContextHelpId
ObjectOpenAuditAlarmA
GetNumberOfConsoleMouseButtons
mmioClose
SetThreadLocale
VirtualQueryEx
GlobalUnWire
mmioAdvance
SetCommConfig
AddPrinterA
GetDCOrgEx
VkKeyScanA
ImmGetCandidateListCountA
GetWinMetaFileBits
LookupIconIdFromDirectory
EnumTimeFormats
RegSetKeySecurity
SetClassLongA
IsWindowVisible
RevertToSelf
BackupWrite
DdeSetQualityOfService
ReadFile
ScrollWindowEx
joySetThreshold
comdlg32.dll
FindTextA 
DlgDirListA
PlayEnhMetaFileRecord
DdeQueryStringA
SetLastErrorEx
EndUpdateResourceA
SetupComm
FindResourceExA
SendDlgItemMessageA
ImmGetConversionStatus
midiInPrepareHeader
PolyTextOutA
user32.dll
EnumWindows
GetThreadContext
ShowWindow
GetOldestEventLogRecord
waveOutGetDevCapsA
SetBkColor
LoadLibraryA
GetUpdateRect
__vbaStrToAnsi
OpenEventA
GetCaretPos
FlushInstructionCache
DebugActiveProcess
AreAllAccessesGranted
GetMenuItemCount
DrawTextA
__vbaStrToUnicode
__vbaFpI4
__vbaExitProc
__vbaFreeObjList
__vbaFreeStrList
__vbaStrI4
__vbaObjSet
__vbaStrCat
__vbaOnError
skvadrede
Politistat
Politistat
Bortfiltrerede5
Hectyli
skeptisk
Acrologic1
Forslow5
formelles
highth
Vanetnkninger
colpeurysis
tredes
Lyster
nombles
Kontrollanter5
paleohistology
Iagttagerrolles1
Ordenspolitiet5
Diamorphosis
Skyggelivets
prepunish
prepunish
Reckvelser
Forlystelseslivets
Ulvetid5
Deadlinesses
ausform
betingningernes
Galopperede7
Interplical
Fasedreje
valgmenigheds
Prescott8
Weena8
Korrekturlsningers2
Torvilds
pompholyx
farvelgges
Stops8
leprotic
Securable
Petersborg2
Misaccent
Alchemise4
Velstandsstigning
Velstandsstigning
Contrivedly2
Recitativos7
Conqueror
stningsstykkets
hiplength
kasinoer
rematriculate
Botaniseringen
Luffer0
Spatterware3
Bercelet
Stoplys8
Overstterteknikken
Bestand
bastardliness
Triumfering
Curably2
Misery6
hyperdeify
loyalty
Engsnaren
Tallotteriers1
kkkenmaskinerne
Lejekasernes8
unofficerlike
unofficerlike
iodothyronines
fungused
Sdefdselens
prequote
Metallically
Adullamite8
Bagvejens2
Plutonium8
aspersion
Taljebloks
Binyrebarkhormonets
kdelig
Disrespectfully
Sportiges3
jazzen
Linear1
Landstingsmedlemmerne3
Finansloven3
Skriftefaderen8
Turcykel
Ingenirvidenskabs
skrinlgningerne
Rickstand5
Rickstand5
unvindictive
forkodning
Abnormal6
Trettenaarsfdselsdag8
uefterretteligt
Guldkurs0
noninhabitance
Krystallernes5
hyttefadet
Ranglesten1
Ingelenes
blrehalsen
slidsomste
Devulcanization
Smrfedt
Railwaydom7
laminerende
Forgrundsfigur
fangstknivenes
Unseared1
Oplfte
Beryciform7
endegyldige
chameleon
chameleon
Kidnaping0
sclerosed
blanketweed
katodestraale
Barrikaderer
foreskrive
Productidae7
Frustration
gnomonia
Rentrice
Belnningssystemers3
snowshine
Benzen
Svalebajers
Forldremderne
decelerated
Samvittighedsnagets
Interludium8
Deltalfirma
akasha
Reslash2
Manuel
Snappily
Standsforskel6
assemblerprogrammerings
Polytheistically1
Spritkrslens
Spritkrslens
Opkoebt1
Blundedes
Magnanimousness
Fervourless6
Fejltrinets
streetlike
Krydsordsopgavens
Civilretterne
anonymiseres
damage
Superannuitant6
Typhonia
garwood
Amtsborgmestrene6
slibningens
Browningesque3
enneads
Residualoliers
talebearers
Mikrodatamaters
sonderingernes
Droner
dichasial
Koggeret
Heptaspermous
Indbetalingsystem5
Berigtigelsens
Shell_NotifyIconW
shell32
RtlAllocateHeap
RtlCreateHeap
##KERNEL32
>D$~2D27`
8%QHJN
%|(D2S
3QH o{C
q-M'o`Y
s%Z1.$
J-KAES'L
\jvnr?
$J$F6}"{
."H M=
~,JM@2-h
Y/FlFjrm
mL:.Y9I:>A
YD#p#w
@)VTbQ
]Wv#ir
{X7?c6
^|%"#i`
B0T>/	
Xz7jOLF
+kuZPTWy
,*6+q"
"{KT{")S
%p?qV,
5S=B#_
eibw^Fvou
.5:}s&
SZZHzq
-lud8+3
DL@V8t
0B\_I5f
M*N8L@R
dt.V7U
If[t,0
NZT'>6
D&HgyB
+j|%s}
m$k8ZQ#
Y#*}==
|C=rp*Q
tkst<-
82:o*4#
s`Ic:ue
}-;9~j[
UN7Bmq
]"_,(i
yzBIpn
Wd4BHd
W~w{|c'
4x%m3<
obILqH
dx9 o7
/.%bLF
4FQ^yY
Jc#t;S1
b|EjJd
AO8N"mj 
ZWqqI|
8$z\=V
/b[2SG
c]/j|N
i"~5Sc
j@vKM!
lsT*{i
K3a"37=0
&)5yv2
;B,(Z{
N|:pE_
_y=ya2
>ql([6
	fL0jx&
l}8\tz
59" T2;T
~%(<Yg
CsQ9^#
pnU)5_Y
_$eH'`8
B4^&X"H
&=o'<]
%Vq;%k
o?anLl
GU:&L\Q
e#q=+8
}7i,%yp0
*&$|Mt
/3Qz,F
-mt!z/
( d@kg
OG]=fp
Axc5m~
l>$5iC
&-(`2zVc
!9Yz$T
Pzl2$y
K~m8)i
y(Ch?$~F
8}Y\uye
R(Q2ur
pezs{Th.m^
*0`YKO
TLu3qwYt
D0g9G)
BQYxYw
IkP_|Yp
yr > ,
TV(eEO
W8u9dPM
vs<\iIQ
N")1,	
Jk'f:*
c,mONJ
L)_//%^
qf_k2p
Sixp!G
%( Ah`i
*<*6(\X
[1g5G=O
b{Q^{	
[/i,^0
~SsSh,
[!L(9G
Z})?L@
)QK~(y7
iw;fm2
4tifa_
+]fMV$
W4W&*Vuor
c&XNJK|
SAyJX=
[;0N\;<=L.X=
{wR$ut
*e6kI3
xG	x@j
=[EMO3
	CbD%k
M<4k/[CK
_oxog$>
\@`tez
KGdzjC
Ls~8iStL F8P(
jt"y<`
?Z`:I^
df%wY"
JV^\GhR{4
8V9^D 
oUE4=^
}!jr-f
u" 40}
g{+5Yc<
7ln+oc0
c3y)37
YgC7&:
'%l:R+
ijFd|G
i_dY<T87
Rzrwhc%
#q*4`#
:!+QD}
*X;Mjj
8YL=+|
mf_#cr
qE_'U!`_
?SWkWt
s%\JG S
YskOTZ2s
^qGG&d
Vag.=6L
-r3i{Vu
l[k!a7m
1N?@fe
Le$I^p/
cnD@U0ZaJ
&VF/D=/
/yy*cNN
J6`80V{q
8.#Rvw
!0kI%|
B	{h,,
{x'LbW
kLyUGT+7G
Nd8+b,
n#pFct
;o3Aok(
foOEm<=
u"fh}.
;,UJTt
*0`&Wn
>[5z?Gu
M#=6c+Uc
mV)`fr
;3k|(3
,MNO}/
qpj[<W4
7E<9]c
_>2`1z
cUioM5
A\<hHhY3
@[lpj|O
!7)X&1M
WlAda#
xZ$hnw
b3pyYX
e6}$*S
?Q5xa3
)Y]%N,$`
th8TBN		
2*y"102
&,YC;T
K@+lRZ
oS9<	rk0
%@L\(u
P$pUQ.
?g*!l9
^LM(V*
kD9GW$
Q"{q\*&
yOZw/5
x}F2YQ
ImPXQvcV
4CSk>.
=,z**Zg
*2$qM%
7eJ+!3cI
&IMrH\
;2sXky}
=z"`@7@
TUB~Aq
E lVrzJ
MIu*\S
M+OH?u<
J]|K')
Lo[I'2
_R}ogx
wtTpfE
3?kLQ;n
yquL||l>Y
Q25CD%lf
49Iu*N
KJy}!r
`lQz<iWW
O'WGVb
`"L>&O
pc~hIh
iSJe  0bI
a9?*mB1&
Y8'c|=
eUL<3"2X
1?//8u
&u,6!_i
:Yr }c
eg IqL
zc$5=_
u"{69S[*
@|'?Hlr
{da[-8XA
~^4%vJ
	6v;;q
lT(-i 
UZ$*/s
*/|,\|5
H[(|1EN
puABMWefVy
L8Sl_^
-0(G5ZB3j4K
A?:'{L
l#EZ*R$
K_kqW#
:(/Il(
(3_1I1!
f5_UuV
*=Up]L,
Zzs>8`<
./z;n9
fIG2O~
?rd@P/
Berigtigelsens
afstress
Arrangerings3
Skredene2
sexisyllabic
brnelokkere
Stercorarious6
neuralist
Spoonerisms
mislead
Khanjee1
Plenteous1
Bruddet
configurating
Skraldebtte
Mudlark
Japaners6
strikkepinds
Personlighed
>p[\!t
C4h9JD
jmj;j&
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaFreeVar
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
__vbaR8Sgn
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaAryConstruct2
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaStrToAnsi
__vbaVarDup
__vbaFpI4
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNrr}xxxxx%%
NNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNN
`[}rrrNNNNNNNNNNNNR
__j*:).0
NNNNNNNNNNN
_	/////
NNNNNNNNN
NNNNNNNN
rrNNNNNNN
NNNNNN
NNNNNB,M
rrNNNNi
rrNNNNi
rrNNNNK
Fyyc`(
%NNNNNN
CP%NNNNNNN~
PPNNNNNNNN8
RRNNNNNNNNN3
9RNNNNNNNNNNN
55NNNNNNNNNNNN
NNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNN388
NNNNNNNNNNNNNNNNNNNNNN
KKiiNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN