Sample details: e6dd5d390a945f283b3bc4ca29f5e2f5 --

Hashes
MD5: e6dd5d390a945f283b3bc4ca29f5e2f5
SHA1: fffd3aa0989544ce9bc037b4136ca181021021b1
SHA256: 8928905570c7b26a5d4d60c6c6d6f2fba7f7211a698eb4065a36a0a05bfe6fd2
SSDEEP: 768:OsUHO83qJK3xT+ngXYUDVGZhj1N8tGYbiqedyh5ABILS3kdT4Cu9K3e:L8aaxT+OYUDrllei5Bu3rKu
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_40 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/Borland | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasOverlay | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/maldoc_OLE_file_magic_number | YRP/SEH__vba | YRP/win_registry | YRP/win_files_operation | YRP/Str_Win32_Winsock2_Library |
Sub Files
73304b8bed8b1f982fc93400f0710ce3
fdcbb380b87b22767e73c6c7426662a1
075479a1e3ad4c9773c5845bd9f385ba
Strings
		!This program cannot be run in DOS mode.
`.data
.idata
@.rsrc
@.reloc
MSVBVM50.DLL
wwwwwx
wwwwwwwx
wwwwww
VB5ES.DLL
Host_01
Module1
C:\Archivos de programa\DevStudio\VB\VB5.OLB
Form_Load
advapi32.dll
RegCloseKey
RegOpenKeyA
RegQueryValueExA
kernel32.dll
RegisterServiceProcess
kernel32
GetTempPathA
VBA5.DLL
__vbaFreeStr
__vbaFreeVarList
__vbaEnd
__vbaFreeStrList
__vbaStrCat
__vbaFreeVar
__vbaVarTstNe
__vbaFreeObj
__vbaHresultCheckObj
__vbaNew2
__vbaStrMove
__vbaSetSystemError
__vbaI2I4
__vbaVarDup
__vbaStrToUnicode
__vbaStrToAnsi
__vbaVarForNext
__vbaVarForInit
__vbaFpI4
__vbaExitProc
__vbaPut3
__vbaStrCmp
__vbaGenerateBoundsError
__vbaOnError
__vbaStrVarCopy
__vbaStrCopy
__vbaStrVarVal
__vbaInStrVar
__vbaLenBstr
__vbaInStr
__vbaVarAdd
__vbaErrorOverflow
__vbaVarTstEq
__vbaFileClose
__vbaVarSub
__vbaGet4
__vbaI4Var
__vbaStrVarMove
__vbaLenVar
__vbaVarCopy
__vbaI2Var
__vbaFileOpen
__vbaVarMove
MSVBVM50.DLL
__vbaVarSub
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaPut3
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaExitProc
__vbaVarForInit
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaGet4
__vbaVarTstEq
__vbaI2I4
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaVarTstNe
__vbaI4Var
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
__vbaVarCopy
__vbaFpI4
_CIatan
__vbaStrMove
__vbaStrVarCopy
_allmul
_CItan
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
wwwwwx
wwwwwwwx
wwwwww
0(0,080<0@0P0`0d0t0|0
1"1(1.141:1@1F1L1R1X1^1d1j1p1v1|1
2$2*20262<2B2H2N2T2Z2`2f2l2r2x2~2
848<8D8L8T8\8h8l8x8|8
8T9\9`9h9l9p9
< <(<@<
=p=t=|=
>L>P>X>]>h>m>
343@3X3\3`3h3|3
3#4)40454;4A4U4\4h4
535Q5a5r5
5'6K6w6}6
7!7,7<7L7v7
9`9r9y9
;%;E;O;];
<M=g=u=
>2>Y>m>w>
>0?g?x?
0"0*0?0L0W0}0
0#1+1G1X1_1
162K2R2d2
3$3/3M3[3h3s3
474G4Z4d4j4u4
4%575^5
6(6@6K6Q6b6r6
7-7;7B7t7
8'8L8p8
9'929=9V9j9|9
:$:5:C:Q:Z:u:
;7;Y;n;
</<^<g<
=#>(>9>I>b>l>
>(?I?S?_?j?
0 0f0w0}0
1/1A1c1y1
1N2`2g2
3$3/353K3f3s3
lities 4.5b1
Paint Shop Pro 5.03
PartitionMagic 4
Serials 99
SmartScript 5.1
Winamp
WinDAC
Windows Commander 4.0 (versiunea si in romana)
WinRAR
WinZip
<< pret: 45.000 lei/CD >>
Internet: www.cd2all.8m.com
E-mail: bogdan@yahoo.com
Telefon: 092.820.935 (Bogdan)
Se pot trimite CD-uri si in provincie cu plata ramburs,
adaugandu-se la pret taxele postale.
~zuqmiea]YT
{wsokgc
{wrnjfb
{wsojfb
{wsokgb
{wsokgc
{wrnjfb
Times New Roman
Symbol
Verdana
Times New Roman
<< pret: 45.000 lei/CD >>
Internet: www.cd2all.8m.com
E-mail: bogdan@yahoo.com
Telefon: 092.820.935 (Bogdan)
Se pot trimite CD-uri si in provincie cu plata ramburs,
adaugandu-se la pret taxele postale.
>> JOCURI FULL CD <<
Age of Empires: Rise of Rome - strategie real-time	-	1 CD	
Alien vs. Predator - 1st person shooter	-	2 CD	
Blood 2 - 1st person shooter	-	1 CD	
Caesar 3 - strategie real-time	-	1 CD	
Carmageddon 2 - simulator auto	-	1 CD	
Chess Master 6000 - joc sah	-	1 CD	
Civilization: Call to Power - strategie	-	1 CD	
Commandos: Beyond The Call of Duty - tactica real-time	-	1 CD	
Delta Force - 1st person shooter	-	1 CD	
Descent 3 - simulator/arcade	-	2 CD	
Dune 2000 - strategie real-time	-	1 CD	
F16 Aggressor - simulator avion	-	1 CD	
Fallout 2 - 3rd person RPG	-	1 CD	
FIFA 99 - simulator fotbal	-	1 CD	
Heroes Of Might and Magic 3 - strategie turn-based	-	1 CD	
HHL 99 - simulator hochei	-	1 CD	
Might and Magic 7 - 1st person RPG	-	2 CD	
Mortyr - 1st person shooter	-	1 CD	
Nascar Racing 2 - simulator auto	-	1 CD	
Nascar Revolution - simulator auto	-	1 CD	
NBA Live 99 - simulator baschet	-	1 CD	
Need For Speed 3: Hot Pursuit - simulator auto	-	1 CD	
Need For Speed 4: HIGH STAKES - simulator auto	-	1 CD	
Populous 3: The Beginning - tactica real-time	-	1 CD	
SimCity 3000 - strategie economica real-time	-	1 CD	
Starcraft: BroodWar - strategie real-time	-	1 CD	
Test Drive 5 - simulator auto	-	1 CD	
Test Drive: Off Road - simulator auto	-	1 CD	
Toca 2 - Touring Cars - simulator auto	-	1 CD	
Unreal - 1st person shooter	-	1 CD	
Virtual Pool 2 - simulator biliard	-	1 CD	
Worms Armageddon - turn-based arcade	-	1 CD	
>> SOFT COMPLET <<
3D Studio MAX 3.0 Final	-	2 CD	
Adobe Acrobat 4.0	-	1 CD	
Adobe Illustrator 8.0	-	2 CD	
Adobe PageMaker 6.5	-	1 CD	
Adobe Photoshop 5.5	-	2 CD	
Adobe Premiere 5.0	-	1 CD	
ArchiCAD 6.0	-	1 CD	
AutoCAD 2000 Final	-	2 CD	
AutoCAD Map 2000	-	1 CD	
Borland C++ Builder Enterprise 4.0	-	1 CD	
CorelDRAW 9 Final	-	4 CD	
Corel WordPerfect Office 2000	-	1 CD	
Delphi 4.0 Professional	-	1 CD	
Microsoft C++ Professional Edition 5.0	-	2 CD	
Microsoft Office 2000 Final	-	4 CD	
Microsoft Visual Studio 6.0 + MSDN	-	5 CD	
Microsoft Windows 2000 beta 3	-	1 CD	
Microsoft Windows 98 Second Edition	-	1 CD	
Microsoft Windows NT 4.0 Workstation	-	1 CD	
Oracle Designer 2000 v2.1	-	1 CD	
Red Hat Linux 6.0	-	1 CD	
>> SOFT SELECTII <<
 - SOFT selection 01 -
Microsoft Windows 98
Microsoft Plus ! 98 for Windows 98
Microsoft Office 97 PRO - Romanian Version
Microsoft Clipart for Microsoft Office
DirectX 6
 - SOFT selection 02 -
ACD Systems
Acrobat Reader 4.0
Adobe Acrobat 4.0
Adobe After Effects 3.1
Adobe Illustrator 8.0
Adobe ImageReady
Adobe ImageStyler 1.0
Adobe PageMaker 6.5
Adobe Photoshop 5.02
Adobe Premiere 5.0
Adobe Products Serial Keygenerator
Adobe Streamline 4.0
Adobe Type Manager 4.0
AdobePS 4.2
Andromeda Series 1-3
Edge Wizard and Magic Mask PS plugin
Extensis PhotoGraphics 1.0
Eye Candy 3.01 PS plugin
Fireworks 2.0
Fonts.new
Fractal Design Painter 5 with Libraries
Genuine Fractals 2.0
Kai's Power Tools 3.0.2 Pro
KPT 5.0
Kudo Internet MultiMedia Suite 5
Macromedia Dreamweaver2.01
Macromedia FreeHand 8.01
Macromedia Players
MetaCreations Painter 3D
MetaCreations Poser 3.0.1
Neal's EFEX
Page Mill 3.0
Photo Optics PS plugin
Photo Tools 3.02
Portfolio 4.0.1
QuarkXPress Passport4.04
RussHyph v1.0
SPG WEB Tools
ThumbsPlus 4.00
Total Xaos PS plugins
Ulead Art Texture 1.0
Ulead FantasyWarp 1.0
Ulead PhotoExplorer 4.2
Ulead Web Razor Pro
XARA 3D V3.02
Xara Web Style 1.2
WinRAR 2.50
 - SOFT selection 03 -
Microsoft Windows 98 Second Edition
3D Studio Max 2.5
ACDSee 32
Adobe Effects 4.0
Adobe Photoshop 5.02
CuteFTP 3.0
DirectX 6.1
F-prot antivirus
GetRight
ICQ 99a
Kai's Power Goo
Microsoft Office 97
Microsoft Visual C++ 5.0
MusicMatch
Norton Utilities 3.0
Norton Uti
|xtplhd
{wsokg
{wsokg
{wsokg
{wplhd`
{wsokg
{wsokg
|xtplhd
Normal
Default Paragraph Font
Microsoft Word 6.0 Document
MSWordDoc
!32bit Windows only.$
`.idata
DGROUP
Coded by Weird
SQRVWU
VVVh>@@
]_^ZY[
SQRVWU
ubhdx@
]_^ZY[
SQRVWU
]_^ZY[
SQRVWU
]_^ZY[
ADVAPI32.dll
USER32.dll
RASAPI32.dll
WSOCK32.dll
KERNEL32.dll
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnumChildWindows
FindWindowA
GetMessageA
KillTimer
PostQuitMessage
RegisterClassA
RegisterClassExA
SendMessageA
SetTimer
ShowWindow
TranslateMessage
RasEnumEntriesA
RasGetEntryDialParamsA
CloseHandle
CopyFileA
CreateFileA
CreateThread
ExitProcess
FreeLibrary
GetCommandLineA
GetComputerNameA
GetFileSize
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GlobalAlloc
GlobalFree
LoadLibraryA
ReadFile
SetFilePointer
WriteFile
Kernel32#
Krnl_class.
j'-\P!
k|Rf,m
1 W4Ij!tt&
QX7e@7
zY)}	az
G'C=d,
yV'/K;>
?[0I#C
~iMRH<
8yKv_!HO
hTyS	F$
hS%y	A
u6Hi!A@
a3d$Sp 32p dpcl
dm__eodU#
127.0.0.1
GetSystemDescriptor_
FlushCache_
alternate
KERNEL32.DLL
RegisterServiceProcess
winstart.bat
regwiz.dat
ndate.dat
 cmemq/
39U^:ZY
([0MCG
Z=H,zB
OZmqr1b(V
3`Ski 
ON~sl5
CO?+9Fi
$-Tw];
fR<?19
E_GMb1
3rW5?s
9Ig )s
HP~,2Q
ej	H\E
TV5lkP:h
 <2,20A8\
E]qa7l
xunistall                      
c:\windows\command\extract.exe
/E /Y /L c:\windows\ c:\windows\temp\uninstal.dat
MICROSOFT PIFEX
WINDOWS 386 3.0
/E /Y /L c:\windows\ c:\windows\temp\uninstal.dat
WINDOWS VMM 4.0
PIFMGR.DLL
Terminal
Lucida Console
@#@#@#@#@#@#@#@#@#@#@#@START
File Number 1:19968/20992 - cduri.doc
File Number 2:40960/14848 - tapiupp.exe
File Number 3:55808/10418 - uninstal.dat
File Number 4:66226/967 - uninstal.pif
@67194@#@#@#@#@#@#@#@#@#@#@#@END