Sample details: ecc61634964a48947a3d69ff6cc70d48 --

Hashes
MD5: ecc61634964a48947a3d69ff6cc70d48
SHA1: 85395112fbb9599087daf7ca4404cb15d04b4d84
SHA256: 9b4d99bb34cfee781f6494189363582cb925d19ed5bc692009eb8aca8adc18e6
SSDEEP: 3072:gqXFMPs08cS0EdD7seqdVTxkEtmUjG1FCx31GmHtD/E00XJkiQ28DWgF/gqwWYRw:gnPs/XtD7DwYEtVjNA00Z/8DlF/uWpX
Details
File Type: PE32+
Added: 2018-11-29 12:49:46
Yara Hits
YRP/Microsoft_Visual_Cpp_80_DLL | YRP/IsPE64 | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/anti_dbg | YRP/win_files_operation |
Source
http://www.kolastav.sk/wp-content/plugins/js_composer/assets/lib/bower/flexslider/calc.exe
http://www.futuremarketing.com.pk/wp-content/plugins/essential-grid/admin/assets/js/mode/calc.exe?21
Strings
		!This program cannot be run in DOS mode.
-=Rich
`.rdata
@.data
.pdata
.gfids
@.rsrc
@.reloc
D$h9D$ s@
 H3E H3E
WATAUAVAWH
 A_A^A]A\_
WATAUAVAWH
A_A^A]A\_
ffffff
x ATAVAWH
D8&t4H
D8d$Ht
A_A^A\
u3HcH<H
x ATAVAWH
< t;<	t7
 A_A^A\
UVWAVAWH
0A_A^_^]
WAVAWH
A86taH
0A_A^_
L$ WATAUAVAWH
@A_A^A]A\_
x ATAVAWH
 A_A^A\
WATAUAVAWH
 A_A^A]A\_
UVWATAUAVAWH
`A_A^A]A\_^]
x ATAVAWH
0A_A^A\
\$ UVWAVAWH
A_A^_^]
@8|$^t
l$ VWATAVAWH
L$&@8t$&t0@8q
A81t@@8r
A_A^A\_^
fD94Fu
fD9t$b
SVWATAUAWH
HA_A]A\_^[
@UATAUAVAWH
e0A_A^A]A\]
D82u&H
D8t$Ht
l$ WAVAWH
 A_A^_
@UATAVH
@UATAUAVAWH
H!T$0D
uf!T$(H!T$ 
A_A^A]A\]
WAVAWH
@A_A^_
UVWATAUAVAWH
A_A^A]A\_^]
VWATAVAW
A_A^A\_^
WATAUAVAWH
 A_A^A]A\_
\$ UVWATAUAVAWH
H!D$ E
D08@t	
`A_A^A]A\_^]
ffffff
fffffff
USVWAVH
A^_^[]
LcA<E3
InitializeConditionVariable
SleepConditionVariableCS
WakeAllConditionVariable
Unknown exception
bad allocation
bad array new length
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__ptr64
__restrict
__unaligned
restrict(
 delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
 new[]
 delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator "" 
 Type Descriptor'
 Base Class Descriptor at (
 Base Class Array'
 Class Hierarchy Descriptor'
 Complete Object Locator'
CorExitProcess
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
GetCurrentPackageId
LCMapStringEx
LocaleNameToLCID
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
UUUUUU
UUUUUU
=imb;D
1<.	/>:
/>58d%
>jtm}S
)>6{1n
r	Vr.>T
+f)>0'
;H9>&X
*StO9>T
n03>Pu
K~Je#>!
bp(=>?g
BC?>6t9^	c:>
K&>.yC
.xJ>Hf
y\PD>!
|b=})>
c [1>H'
uzKs@>
3>N;kU
	kE>fvw
V6E>`"(5
?UUUUUU
?7zQ6$
atlTraceGeneral
atlTraceCOM
atlTraceQI
atlTraceRegistrar
atlTraceRefcount
atlTraceWindowing
atlTraceControls
Delete
atlTraceHosting
atlTraceDBClient
SYSTEM
atlTraceDBProvider
atlTraceSnapin
atlTraceNotImpl
atlTraceAllocation
atlTraceException
atlTraceTime
atlTraceCache
atlTraceStencil
atlTraceString
atlTraceMap
atlTraceUtil
atlTraceSecurity
Delete
atlTraceSync
atlTraceISAPI
ForceRemove
NoRemove
SYSTEM
Component Categories
FileType
Interface
Hardware
SECURITY
Software
Delete
TypeLib
atlTraceGeneral
atlTraceCOM
atlTraceQI
atlTraceRegistrar
atlTraceRefcount
atlTraceWindowing
atlTraceControls
atlTraceHosting
atlTraceDBClient
atlTraceDBProvider
atlTraceSnapin
atlTraceNotImpl
atlTraceAllocation
atlTraceException
atlTraceTime
atlTraceCache
atlTraceStencil
atlTraceString
atlTraceMap
atlTraceUtil
atlTraceSecurity
atlTraceSync
atlTraceISAPI
ForceRemove
NoRemove
Component Categories
FileType
Interface
Hardware
SECURITY
Software
TypeLib
JScript
atlTraceGeneral
atlTraceCOM
atlTraceQI
atlTraceRegistrar
atlTraceRefcount
atlTraceWindowing
atlTraceControls
atlTraceHosting
atlTraceDBClient
atlTraceDBProvider
atlTraceSnapin
atlTraceNotImpl
atlTraceAllocation
atlTraceException
atlTraceTime
atlTraceCache
atlTraceStencil
atlTraceString
atlTraceMap
atlTraceUtil
atlTraceSecurity
atlTraceSync
atlTraceISAPI
ForceRemove
NoRemove
Component Categories
FileType
Interface
Hardware
SECURITY
SYSTEM
Software
TypeLib
.text$di
.text$mn
.text$mn$00
.text$x
.text$yd
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCL
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIC
.CRT$XIZ
.CRT$XLA
.CRT$XLZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$T
.rdata$r
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata
.xdata$x
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.pdata
.tls$ZZZ
.gfids$x
.gfids$y
.rsrc$01
.rsrc$02
HeapFree
InitializeCriticalSectionEx
HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DeleteCriticalSection
GetProcessHeap
MultiByteToWideChar
KERNEL32.dll
CoCreateInstance
CLSIDFromProgID
CoInitializeEx
ole32.dll
OLEAUT32.dll
CloseHandle
EnterCriticalSection
LeaveCriticalSection
CreateEventW
GetModuleHandleW
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlPcToFileHeader
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RtlUnwindEx
SetLastError
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
WideCharToMultiByte
GetStdHandle
WriteFile
GetACP
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
CreateFileW
                          
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
                          
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVtype_info@@
.?AVbad_alloc@std@@
.?AVexception@std@@
.?AVbad_array_new_length@std@@
.?AUIUnknown@@
.?AVJSEngine@@
.?AUIActiveScriptSite@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level='asInvoker' uiAccess='false' />
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>