Sample details: f489e326948e9d69983d0bfd7e2841e7 --

Hashes
MD5: f489e326948e9d69983d0bfd7e2841e7
SHA1: 922d9f94a23a0e99c22d7365283617b903c6dd3f
SHA256: a9bb0acf51a9db1caf7eaca8fef45be5550635f1a5a4838a1e08c2d58acd30ff
SSDEEP: 3072:5JZbZDIRqGLBJehvhNUhaPSnBoOyxR3tGipNpZlykZ5G53kVmuIBDRoVTfuW:5JxeRq8SvhnABo/xxFdl7A1VBti1
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasOverlay | YRP/domain | YRP/contentis_base64 | YRP/screenshot | YRP/win_files_operation | YRP/CRC32b_poly_Constant | YRP/MD5_Constants |
Parent Files
708342e797634bf4e9c7b779e42b0b1a
Strings
		!This program cannot be run in DOS mode.
`.text
`.rdata
@.data
\$XK;\$$
QSRZ[_9
;\$Dux
\$8+\$
;\$$|)
ItJIt2
L$ #L$$
L$(RPQ
D$$PQh`z@
L$(QPW
D$\9D$
T$X9T$0
L$@;L$0
T$@9T$`
T$X9T$0
t/9\$,w)r
9T$(w!
D$T;D$Xr
tW;D$dw5r
;L$`w-
D$49t$ u
9|$$tY
WS9*t$
|$ SPW
\$ WQS
9l$$v43
9t$ v%
F;t$ r
E;l$$r
D$ PUS
D$ QRP
l$8;L$0s
F(OggSf
)D$<C=
WindowClass_%d
PB_DropAccept
PB_WindowID
IsAppThemed
uxtheme.dll
DllGetVersion
COMCTL32.DLL
AlphaBlend
msimg32.dll
?UUUUUU
?DirectDrawCreateEx
DDRAW.DLL
InitOnceExecuteOnce
Kernel32.dll
FLAC__STREAM_DECODER_ERROR_STATUS_UNPARSEABLE_STREAM
FLAC__STREAM_DECODER_ERROR_STATUS_FRAME_CRC_MISMATCH
FLAC__STREAM_DECODER_ERROR_STATUS_BAD_HEADER
FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC
FLAC__STREAM_DECODER_WRITE_STATUS_ABORT
FLAC__STREAM_DECODER_WRITE_STATUS_CONTINUE
FLAC__STREAM_DECODER_LENGTH_STATUS_UNSUPPORTED
FLAC__STREAM_DECODER_LENGTH_STATUS_ERROR
FLAC__STREAM_DECODER_LENGTH_STATUS_OK
FLAC__STREAM_DECODER_TELL_STATUS_UNSUPPORTED
FLAC__STREAM_DECODER_TELL_STATUS_ERROR
FLAC__STREAM_DECODER_TELL_STATUS_OK
FLAC__STREAM_DECODER_SEEK_STATUS_UNSUPPORTED
FLAC__STREAM_DECODER_SEEK_STATUS_ERROR
FLAC__STREAM_DECODER_SEEK_STATUS_OK
FLAC__STREAM_DECODER_READ_STATUS_ABORT
FLAC__STREAM_DECODER_READ_STATUS_END_OF_STREAM
FLAC__STREAM_DECODER_READ_STATUS_CONTINUE
FLAC__STREAM_DECODER_INIT_STATUS_ALREADY_INITIALIZED
FLAC__STREAM_DECODER_INIT_STATUS_ERROR_OPENING_FILE
FLAC__STREAM_DECODER_INIT_STATUS_MEMORY_ALLOCATION_ERROR
FLAC__STREAM_DECODER_INIT_STATUS_INVALID_CALLBACKS
FLAC__STREAM_DECODER_INIT_STATUS_UNSUPPORTED_CONTAINER
FLAC__STREAM_DECODER_INIT_STATUS_OK
FLAC__STREAM_DECODER_UNINITIALIZED
FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR
FLAC__STREAM_DECODER_ABORTED
FLAC__STREAM_DECODER_SEEK_ERROR
FLAC__STREAM_DECODER_OGG_ERROR
FLAC__STREAM_DECODER_END_OF_STREAM
FLAC__STREAM_DECODER_READ_FRAME
FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC
FLAC__STREAM_DECODER_READ_METADATA
FLAC__STREAM_DECODER_SEARCH_FOR_METADATA
Publisher/Studio logotype
Band/artist logotype
Illustration
A bright coloured fish
Movie/video screen capture
During performance
During recording
Recording Location
Lyricist/text writer
Composer
Band/Orchestra
Conductor
Artist/performer
Lead artist/lead performer/soloist
Media (e.g. label side of CD)
Leaflet page
Cover (back)
Cover (front)
Other file icon
32x32 pixels 'file icon' (PNG only)
PICTURE
CUESHEET
VORBIS_COMMENT
SEEKTABLE
APPLICATION
PADDING
STREAMINFO
FRAME_NUMBER_TYPE_SAMPLE_NUMBER
FRAME_NUMBER_TYPE_FRAME_NUMBER
MID_SIDE
RIGHT_SIDE
LEFT_SIDE
INDEPENDENT
VERBATIM
CONSTANT
PARTITIONED_RICE
reference libFLAC 1.1.4 20070213
fLaCCaLf 
cue sheet track index numbers must increase by 1
CD-DA cue sheet track index offset must be evenly divisible by 588 samples
cue sheet track's first index number must be 0 or 1
cue sheet track must have at least one index point
CD-DA cue sheet track offset must be evenly divisible by 588 samples
CD-DA cue sheet lead-out offset must be evenly divisible by 588 samples
CD-DA cue sheet track number must be 1-99 or 170
cue sheet may not have a track number 0
CD-DA cue sheet must have a lead-out track number 170 (0xAA)
cue sheet must have at least one track (the lead-out)
CD-DA cue sheet lead-in length must be evenly divisible by 588 samples
CD-DA cue sheet must have a lead-in length of at least 2 seconds
description string must be valid UTF-8
MIME type string must contain only printable ASCII characters (0x20-0x7e)
%08X: 
bitreader: capacity=%u words=%u bytes=%u consumed: words=%u, bits=%u
bitreader is NULL
8?61$#*-pw~ylkbeHOFATSZ]
' ).;<52
WPY^KLEBohafst}z
ing`ur{|QV_XMJCD
!&/(=:34NI@GRU\[vqx
jmdc>907"%,+
reg+9g498t48rth8r7t89h7r89thrth
KERNEL32.DLL
COMCTL32.DLL
GDI32.DLL
MSVCRT.dll
OLE32.DLL
USER32.DLL
GetModuleHandleA
HeapCreate
LoadLibraryA
HeapDestroy
ExitProcess
GetProcAddress
HeapAlloc
HeapFree
CloseHandle
InitializeCriticalSection
GetCommandLineA
TlsAlloc
FreeLibrary
GetVersionExA
WriteFile
ReadFile
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitCommonControlsEx
DeleteObject
GetStockObject
GetObjectType
GetObjectA
CreateCompatibleDC
GetDIBits
DeleteDC
CreateDIBSection
SelectObject
BitBlt
CreateBitmap
SetPixel
memset
memcpy
strncpy
sprintf
malloc
fclose
_CIacos
_CIatan
strlen
realloc
__p__iob
_fileno
_setmode
calloc
ferror
_fstat
memmove
fprintf
_CIlog
memchr
CoUninitialize
CoInitialize
RevokeDragDrop
GetWindow
SetActiveWindow
RemovePropA
SendMessageA
DestroyWindow
UnregisterClassA
DestroyAcceleratorTable
LoadIconA
LoadCursorA
DestroyIcon
FillRect
thereyougo
thereyougo
thereyougor748bb552rr7548referferrgergergergergergergthereyougo
L}Byl8
J$+rsA
e2aV_&
ET*WKJ
thereyougou
xht^4m)
KM9I+sy
HRg@Ez4
mVKm:y
/4|Oz5
b\6(w~c
S4:^w(^
8p{ "/
>	h-t.
rO>*uD
;a*00P{
CwjjM~
aSf?l/
(+uJ+h})
3(Aqrj
yrDL2h
};0d+0hq
o53@ 8*
2^Pkra
CVcxC6
YN=h6#
;'11R)
{x8U] 
lUN?<Tq
Xu \SB
tEU%T8
%J3Uc:.
zlX7U/
C`API1
&.t)&sv
OE+o(q
^Dwh[T
+4mg7{
0}QX\en
iOJ?xB5
P =EI[
8{)f]>n
dF<HwUZ
2=?^pf
b%6,@A
Ov[<pe^A
due)5%
Q,e<Fk
`wlaAz
3_j~0h
$s<i <
j~3_o 
`GQ'4:?
FxkLw8q
chbgHLm
7O_U6\
R/eD(<
6fK6i:>
m/.}Y*
\Q|?^Z
iP`8Ps_y
o,{_b!k=
y8LK,`
Z&<qCtlK
zWiB;;
QEu5_9
mA^*c-
Ej]y B
8doK|(
c*Gh$U|
:[#@!E
j5%adG5
 O$D_O
.|'(umq%
Uk42iH\4sh
i.hG'U
d%'?9\
-fEK',
wHcGX++
E6@ZLt{
,=Z0fa
]>lVBN
']I.Ef
k_w<%Hu
z4Fe,QEgR
_r{Fnk
F|6	Us
Kt9_LJ"3^
T}<~A0
-h$+!t
> T% 5&`
4BfP^m0
CE\>u2
	Pk)MWk
Bf%<f&T
TpO"R!
_@LtS5T
46kQAT
%nZQ0^
bPO.K]
?#V~1#
kYB/?[
Xb7D(V
r)T197
Q|'^(*2
f)6jO:T
rn%z_{
9d~D$nN
[E1-0q
rpK.y4
qr>.x!
9cr4PXi}sh
D^((tX
)Tz1e[
/nLu?D
!Bw2&J
15wQg]
PcL0(Ba/h
~wv0e*-
uL*<M?C
P*oAy)%
u=8RNzL
doRJ$*#
27bBd@
*m#Bo8
{w."<Y>
7hN#Jq
E;hs_I
88IS,,f}
@d+;P('RR
cSBL0Z+
@|s_"l
TU}yZQ
~`d+LJ
/&[w|E
19{N/y
Da5jCCZ
	Ey.V9
k5mY.R]o
3\[@89t
y"X,6*
3;dp=wa~N-
R-HiS-1l
"|V[bln8x
?23#$Tb
P4Nqyq"
JGDuWq\
H^A?x@
?#Kh4>
e-#ixJ]>
{s"Q_\PI
E_o}Vl
:$mT?b
6xO1BL
%rem9kGk
G`.[cP'h1k'BP
<.,n#_.
jb{>:x
thereyougo,,,,,,,,,,,,