Sample details: e5fb31f7be04068fc088418d642e292b --

Hashes
MD5: e5fb31f7be04068fc088418d642e292b
SHA1: 9c043826be0f12c96dce9a58b6793dfe33926589
SHA256: 42154d0805933548da9b7a9fbbce40be9e155091e6f96ed4ce324c21b3430b20
SSDEEP: 6144:AyaOH6GdiNywts0oFiv4HmdChI7Cm6Vad:+f3i44GdyIH
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | YRP/SEH__vectored |
Source
http://www.centerweb.es/soporte/.eval/en/sys/asun.exe
http://www.centerweb.es/soporte/.eval/en/sys/asun.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Marmelade2
Nonemancipative
Croceines8
qG@|vF
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmm
lqzzp{l
G@@@@@@g@hhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGl
sxGvB@@Gl
@vvvvvv||||5
@@HhGGtw^R^`
vvvvvvvvvvv|||
glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvv
qpppIF
(gvvvv
vvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvvvGmvvvvv|@
mhh@llggq(
vGzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFv
5GphFFFB
\\}\\fFFFFFF55
@lmvFF
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGvFFFFF\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttppqx
(AFFFFF
ppqmpr
AFFFFF\v5gmmhG(
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCL NNNM
|rrf[co
yjyyyyjyyj
QQQQQQyQ
QQQQvr[zvQ
ovbXvq[fv]M
]ooo'XXh_
114__h_X'@'[
'X__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
oAAAA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
+-E8_d
%35Q/{
Croceines8
Overtrkkende2
Camphouric
Storbys1
Varmebehandlerne1
Microcolon6
Comitium
Dagcentrerne
WG64=<
D	_ER_
O`NOfP}\
'Vh|c:Jn
9+"nhKB
\Nr7VD
+`Otd'@
Ufs_03
Bc $Lf
K,Rd,u
, wMb&
GkpM|J
	 pzt:U,u
Q*>s(^
-r0yx7#
y[Cv]t
tnU0I/
Hq<6Cw
$>p~ln
:/1gjE
@#Pa0D
0g89s~
":HJgL
Ff`jUX
lG.1]A
A|AOD^[
C_fE!jR
	x;u,q	u
RPS70/C
(h@tk%
4Cr*.A~
3`LHLt
_bm`A+
5f)IQ{
 X	CXb\
+.tj5a
o`5gR$i]
|m $;o
YzY#8$
a5/'I!
86mS_YSQ
[	j.95Qz
}~v &G
cZ^6.}
_7h(z]Rd
$utKPy
l&^ww	
ZY[D}6&~
Nao#<t
pKcV%J
H>O<W|
F:]9o=
2|Kjz?
p58YML0
E#\Z-[H
M.R2O	$l
54GHpi{
~OqD \j
LVrmj8
HFr)(S{\dz
v\^5mEH
0<#_LL
J'zh/<
!rtLq,
qt7y/s
/ZcT&K
|k6/*U
fHYrf$H
A)*{jk
0a{[<7
)Y8%$2
=f/MJ>
}&.#{g
n\8%\2U
@lt#euY
e:(BR$
de'9|h
O#)uJ3=
O#MH'cx
M-5@_c
U<g]W.
}iPym<
G'!ku,
liysPUr
gYS!]2
V!zjGFW
7c+j'q
$*oeD,W
_Zp|w?
ImN:z:K>o#
M_pLVx]
!%JW=5
ZW-a,.
ilsn3+
i7`-f2
l(n@9EE3
~!LFOa
4*1xQ;(`
=zGnAS;g
Ez	BHj
`(:r_&I&
}zMLW7
AIXyYA
eKeQin
]bV|=K"
]{m?DA
1 |7It
k1in&\|l
3vCJha}
e.e\wX
{_Xm"f=
z-+a1K
x*D2: u
'`-h/"
,q9/kP
:Y&]%0
#G,HW4C
L(&oelS
&dY=n\
?j~mj2C
LB8;Cph
+a`"iaf
.H=XCH
#-54u0W
$P8:d|
c&p2X	O
R'DI;u
\.nt*+,
)3{Zr"
j[p?:J
Yk8hm|
fe=.DO
8[a+<G
QfARjh
,U;$?2
Q&JCjn
)*(9!3
G)c++7
3^Nj2w
is#N;u
R^/p[@y
C<=*%I
J+`T;2VpTa"
@L;`KNe
4C$;L*
`8Zt#8
 rgj!@
xe3m3'
8s^Jv;
RX|	&U
Y[UDmH
3O!V]Q
 \5z'E
9un{.#
jx(<P"
a=K:n+
uqH?O!
s-.hAU
%^6seTz2
)C$:s0
(o:F,Tm
\8dK#<
za[mb&n
z8o^ynG&[
95"uy4
G1FgDr
nN!<	f5
ps8~.A
S2@nk(
`8>RD1Z
ShE9/"a~
/x6	iw
greFHl
d#!'Qe
sF5/\]
-(QpoX
QmLR*U
#RdC.1
e>z-|KM
TifQb)
vbHuw-
Sg!u_]
f(7am 
8l/uvK
R,BMBC
Qr$MpYj6
/q/1Kx(
:GN#(S
f"v	,fQ$
>$hu2XD;
TFyqFW~
I{	jrO
:<ujRA
KR-K^=
S]W9W6
Yt|<G#
AsGYHjd/
&6<W5H
lJHY>G
Uz"E#?
K3\NtN?1{\!f
8V.LW\,
bEMa4"
qVD*G`
!i|w7d%
4K;DPh
u{]*@I
$?WUQA
9xoN+p
W%Fub)
I X.$5
{&.wE|
A.J*=9
j7Nw"y
qI7f-P
;5@GzqT)
xD5q9g
Cn jQbi
M/ n0T4
BL7k6v
ed7+)C!
08kbR&
QJhp-27
(pIBOp5
I).W7U
zC^vpi
c@q*u7
0j=\GP
X~H1?|V
N<9_77
y(A-al
oeG8w4YN
O.Yfnyb
5.h+O:
;'|9w|j
DpqQ$	
2BF4Rl
L< $qE
&jg8N1v9
.7z"Li
GXrI2%
>`SCWR
{"C_c\
/J}@2P
]MW8J	
;Z2KS9e
r1Y7,h
-}`91=$kZ
/y@aA>
r./(q:G
<dc2~h;D
/*X]I=l
N&=vIU
"stgbH}
W	4#<'
RR3?pY/
qBg1r8-y
_)	s}E
RldU,XK
1a f!wh
bm6ZCQ
ow`!z`
[~d>t:'
vtjOvk
w3{22i
[-g]@g
>bk-K\"P
$\BMh+^
]6Ytwq
	yLNP`
Hm*\R1
tqN	k;(
cdc&JM
?u]!i}
)O(va:
I{r\:y
U'c^-A
	qeHc3
stb<'2
V(IVZ4&
6qTEP2?
b-K=s#t2
yt~Aq=
Am>e`1
IS6M`]
{U-wz	oF
!%S5SI
U/5Rk8
3Gy%x3
j/#yq8
4gPPk\
`fR.ah
hqk>f=
y\+O2/
Vt4&!(
'2TLlx
~Dw}WM/
/vZ!ZA
HS;/!7]w
r?/12T
L3):E>
(u_G8Fl]
uKKrx5
!O#{R#
-^\SrR
hP.'O%CJm
=V#8*_
h]`Xqj
SHELL32.DLL
Shell_NotifyIconW
PHeapAlloc
KERNEL32
X2^\	1
|)^6j[
c0iJU5*
}_K6jf
}<S6jf
}qR6jm
}{R6j1
Bathylitic
VB5!6&*
Merveileux
Overofficiousness
Marmelade2
Marmelade2
Nonemancipative
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Varmebehandlerne1
Overtrkkende2
Dagcentrerne
Comitium
Camphouric
Microcolon6
CreateDCA
kernel32
HeapCompact
user32
OffsetRect
WaitMessage
ADVAPI32.DLL
GetSecurityDescriptorOwner
FindResourceExA
GetTempFileNameA
winmm.dll
midiInGetDevCapsA
ExitWindowsEx
GetMetaRgn
SetConsoleActiveScreenBuffer
VBA6.DLL
GetSystemDirectoryA
imm32.dll
ImmGetCompositionWindow
SetServiceStatus
CascadeWindows
ActivateKeyboardLayout
LeaveCriticalSection
ClipCursor
AddVectoredExceptionHandler
CloseWindow
URLencode
__vbaErrorOverflow
__vbaBoolStr
__vbaSetSystemError
__vbaFreeObj
__vbaNew2
__vbaFreeStrList
__vbaHresultCheckObj
__vbaStrI2
__vbaStrCat
__vbaStrMove
__vbaStrCmp
__vbaFreeStr
MSVBVM60.DLL
__vbaStrI2
_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaBoolStr
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj
+-E8_d
%35Q/{
rstuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
|rrf[co
yjyyyyjyyj
QQQQQQyQ
QQQQvr[zvQ
ovbXvq[fv]M
]ooo'XXh_
114__h_X'@'[
'X__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
oAAAA2232STUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
*	+,-./
qG@|vF
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmm
lqzzp{l
G@@@@@@g@hhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGl
sxGvB@@Gl
@vvvvvv||||5
@@HhGGtw^R^`
vvvvvvvvvvv|||
glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvv
qpppIF
(gvvvv
vvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvvvGmvvvvv|@
mhh@llggq(
vGzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFv
5GphFFFB
\\}\\fFFFFFF55
@lmvFF
G\\\\\FAAAAAAFI
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
Fv5glzzGvFFFFF\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
AAFFFFFFvlttppqx
(AFFFFF
ppqmpr
AFFFFF\v5gmmhG(
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCL NNNM