Sample details: f5fd33dde38320fc97fe073f0f3b853d --

Hashes
MD5: f5fd33dde38320fc97fe073f0f3b853d
SHA1: dab2d7af52c859ad638577b026aefdc3cefe18f4
SHA256: 844774fd10c7f936849f42d80ff408ef32a0a7f04a658ed4ad43365d3094ae26
SSDEEP: 6144:Yxn1NncAEriKgribiIEWAUtvry6avShXJ9:AnEJDbiIEWk60Sb
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/DebuggerHiding__Active | YRP/screenshot | YRP/win_registry |
Source
https://b.coka.la/WtikvW.jpg
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Disdiaclastic0
Scramblement6
Welcome
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNrr}xxxxx%%
NNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNN
`[}rrrNNNNNNNNNNNNR
__j*:).0
NNNNNNNNNNN
_	/////
NNNNNNNNN
NNNNNNNN
rrNNNNNNN
NNNNNN
NNNNNB,M
rrNNNNi
rrNNNNi
rrNNNNK
Fyyc`(
%NNNNNN
CP%NNNNNNN~
PPNNNNNNNN8
RRNNNNNNNNN3
9RNNNNNNNNNNN
55NNNNNNNNNNNN
NNNNNNNNNNNNNNN
NNNNNNN
NNNNNNNNNN388
NNNNNN
NNNNNNNNNNNNNNN
KKiiNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
Linaceous4
Feministen1
Tweakiest0
Smidtes
VB5!6&*
Skinnery
TEST_24
Disdiaclastic0
Disdiaclastic0
Scramblement6
longee
scherzoen
Erhvervslivene7
Skldyr
Ontically
Semiexpansible
dumpende
Blgeformens6
Afbinder
8\df{L
Feministen1
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Tweakiest0
ADVAPI32.DLL
OpenPrsocessTo1ken
winmm.dll
midiIsnClo1se
user32
CopysIma1ge
SendMessageCallbackW
DdeSetUserHandle
kernel32
WritePrivateProfileSectionA
WriteConsoleA
VirtualProtect
MulDiv
VBA6.DLL
__vbaStrCopy
Beskatningsgrundlag6
__vbaI4Var
__vbaStrComp
__vbaR8FixI4
__vbaStrVarMove
__vbaFreeVarList
__vbaVarDup
__vbaObjSet
Moment7
__vbaFreeStr
__vbaStrMove
__vbaVarMove
__vbaFreeObj
detonational
overgangsreglen
__vbaInStr
__vbaNew2
__vbaEnd
__vbaFreeVar
Trottoired4
Incages0
__vbaErrorOverflow
__vbaAryDestruct
__vbaHresultCheckObj
__vbaSetSystemError
__vbaGenerateBoundsError
Tyvekngtens
__vbaAryConstruct2
Regeneratoryregeneratress1
Aecidiomycetes1
Astenier
Brugtvogne
Steadfastly6
schlepper
branchiosaurian
Overexertedness
ressentiment
Emptiable4
Cheeriness0
flommefedters
Patronymikonets5
Entrefer
demagogiskes
systemskifters
chamaeprosopic
Cyclostomatous
menageris
Delende4
Differentialregningernes7
Riffelkuglens
Untextually8
Registermarkerings
bleachfield
Enevldets6
woorali
Sikkerhedkopieringerne5
Objectionableness
Friesic5
Alligators1
Forvrngedes
Echium
Harrumphs
Sagaers
oplagsplads
Apoplastogamous
Paatrykningens7
Nondilapidated5
Analyserammers6
Frugtknuder
overpollinate
fortjninger
Mellemrubrikker
Woodscrew4
Fgtekaarderne4
Arbejderkulturers3
Prolines4
Beneurous
Adviserings
Cinnamein6
Gameworks
Minimumslsninger0
Stratiotes
Putrefactions0
Ydergang7
Interrobang
Flykapringernes
ignoreredes
Charmeoffensivers
Establishes
Roquist2
Stdbrndes3
Nordligere
bhmernes
Unmechanise
Tjenstgrende
Sanable
varmluft
benzinrabatter
suppeterninger
Styning3
Tnkepauser
Defamatory
frikirkers
Silkeormene
Unmaimable
rmebrttet
Aerogrammer
tastaturets
Smultifistulous
friturestegtes
kapacitetsdiskussioner
Elefantben8
Supertitle
raffman
Niniane
Gallanting
Elkhound
Fuhrer
Lidelsesfllerne3
amphigonium
monikas
Skabilkenhovedets
diblet
Paletot
convenership
Dactylopteridae
dogmatikere
Degraderer
mellemstades
overskrer
cembalo
appelsinskive
Hypermetaphorical8
Conviviality
videreudviklingens
Trierucin7
terminaltypen
Trinlst0
BeginDeferWindowPos
OpenDesktopA
WaitMessage
WaitForSingleObject
WaitForSingleObjectEx
FreeConsole
DdeAddDataA
DrvGetModuleHandle
winspool.drv
EnumJobsA
MoveFileA
RegGetKeySecurity
CharPrevA
SetPrinterA
AnimatePaletteA
SetAbortProc
FoldStringA
SetServiceStatus
SetColorAdjustment
GetRgnBox
GetJobA
BeginUpdateResourceA
CloseDriver
ScrollWindow
SetStdHandle
LoadBitmapA
StretchDIBits
RegEnumValueA
CopyFileA
ReadConsoleOutputCharacterA
AddPrintProvidorA
ScheduleJob
ReplyMessage
WritePrivateProfileStringA
LocalReAlloc
DdeAbandonTransaction
AdjustWindowRectEx
SetROP2
GetBinaryTypeA
CreateSolidBrush
CreateWindowExA
DrawIconEx
imm32.dll
ImmGetCompositionWindow
Escape
RegisterClassExA
CreateMDIWindowA
PrivilegedServiceAuditAlarmA
timeEndPeriod
EndDeferWindowPos
ImmGetDescriptionA
waveOutGetVolume
SetScrollInfo
GetDIBColorTable
LoadAcceleratorsA
CloseFigure
SetParent
GetDoubleClickTime
HeapUnlock
waveOutGetPosition
MapViewOfFile
OutputDebugStr
CreateRemoteThread
GetSidSubAuthority
InitiateSystemShutdownA
ScreenToClient
GlobalFree
SelectClipPath
GetBrushOrgEx
GetDefaultCommConfigA
GetOEMCP
StartServiceA
SetForegroundWindow
DeregisterEventSource
waveOutSetPlaybackRate
IsValidSid
GetPrivateProfileIntA
DdeNameService
EnumDesktopsA
LZDone
GetSidLengthRequired
ScrollDC
SetActiveWindow
sndPlaySoundA
Rectangle
ReleaseDC
shell32
CommandLineToArgvW
mpr.dll
WNetAddConnection2A
SetConsoleActiveScreenBuffer
GetCommModemStatus
GetPrintProcessorDirectoryA
ExtCreateRegion
RegQueryValueExA
GetSidSubAuthorityCount
DdeConnectList
SetTapePosition
RegEnumKeyExA
ReuseDDElParam
VkKeyScanExA
GetClassLongA
EnumResourceNamesA
SetMenuContextHelpId
ObjectOpenAuditAlarmA
GetNumberOfConsoleMouseButtons
DdeDisconnectList
mmioClose
SetThreadLocale
VirtualQueryEx
GlobalUnWire
mmioAdvance
SetCommConfig
AddPrinterA
GetDCOrgEx
VkKeyScanA
ImmGetCandidateListCountA
GetWinMetaFileBits
LookupIconIdFromDirectory
EnumTimeFormats
RegSetKeySecurity
SetClassLongA
IsWindowVisible
RevertToSelf
BackupWrite
ReadFile
ScrollWindowEx
joySetThreshold
waveOutGetDevCapsA
comdlg32.dll
FindTextA 
DlgDirListA
PlayEnhMetaFileRecord
DdeQueryStringA
SetLastErrorEx
EndUpdateResourceA
SetupComm
FindResourceExA
SendDlgItemMessageA
ImmGetConversionStatus
midiInPrepareHeader
PolyTextOutA
user32.dll
EnumWindows
GetThreadContext
DdeSetQualityOfService
ShowWindow
GetOldestEventLogRecord
SetBkColor
LoadLibraryA
GetUpdateRect
OpenEventA
GetCaretPos
FlushInstructionCache
DebugActiveProcess
AreAllAccessesGranted
GetMenuItemCount
DrawTextA
__vbaExitProc
__vbaStrToUnicode
__vbaStrToAnsi
__vbaFpI4
__vbaFreeObjList
__vbaFreeStrList
__vbaStrI4
__vbaStrCat
__vbaOnError
Ontically
Reinkarnationer
Reinkarnationer
varmluft
Tjenstgrende
umildestes
Roquist2
Stdbrndes3
Unmechanise
Cardiocarpum
Sanable
dehiscent
Charmeoffensivers
Nordligere
bhmernes
Udrre1
Pentamerous5
ukristelighed
casearia
Establishes
regnskabsmaterialet
Consubsistency7
Semiexpansible
Liquidized6
Liquidized6
Defamatory
Coproprietorships0
suppeterninger
rmebrttet
Miggles0
Styning3
Aerogrammer
tastaturets
Silkeormene
Unmaimable
Tnkepauser
benzinrabatter
Skrmtroldenes
Bevidstgjortes
Brintjoners
frikirkers
temptations
Vietnam1
longee
salvers
salvers
flommefedters
adfrdsvidenskaber
ressentiment
Forviklet
systemskifters
Spitefuller1
demagogiskes
Overexertedness
incognoscent
Cyclostomatous
chamaeprosopic
Patronymikonets5
Toningernes
Emptiable4
Cheeriness0
Proczarist2
Snedkrendes
Miljforvaltningens
Entrefer
Tarveligheden6
dumpende
Disseisin
Disseisin
kapacitetsdiskussioner
krystalklar
Niniane
sprgemeldingens
Fuhrer
timotens
Supertitle
friturestegtes
diblet
Helpensions8
Elefantben8
raffman
Intimidatory
Gallanting
amphigonium
monikas
Skabilkenhovedets
Lidelsesfllerne3
multifistulous
Elkhound
Fotostter
Bortforklaringernes
Erhvervslivene7
Forretningsomraadernes
Forretningsomraadernes
Apoplastogamous
Dodekafonis
overpollinate
Sagaers
Sanctioners7
Analyserammers6
fortjninger
Paatrykningens7
Fgtekaarderne4
Tolkningernes
Frugtknuder
amperemetrenes
Mellemrubrikker
Harrumphs
Snerrendes
Nondilapidated5
papyrussernes
basiske
oplagsplads
Woodscrew4
resuspect
scherzoen
Kreditorgruppe
Kreditorgruppe
Forvrngedes
dilettanterier
Differentialregningernes7
Registermarkerings
bleachfield
instrumentative
Friesic5
Catenane
Alligators1
Riffelkuglens
spigelian
Echium
Decoherer
Sikkerhedkopieringerne5
woorali
Objectionableness
Delende4
Niecers6
Enevldets6
menageris
Untextually8
Navahoes
Blgeformens6
Bundvands6
Bundvands6
overskrer
Dactylopteridae
terminaltypen
Unhoop
valgkamp
mellemstades
Conviviality
appelsinskive
papirers
Trierucin7
Paletot
videreudviklingens
Ladyen2
Trinlst0
dogmatikere
convenership
Irascibility
Hypermetaphorical8
Pantelegene5
Degraderer
cembalo
Skldyr
Aivers5
Aivers5
Renegater6
Putrefactions0
klaedningsstykker
Adviserings
ignoreredes
Ydergang7
unornamentally
Gameworks
Interrobang
Beneurous
Stratiotes
Ndudgangenes3
Cinnamein6
Nightcrawler5
Arbejderkulturers3
Limpidity8
Prolines4
Chilisauceer
Flykapringernes
Subaquatic
Minimumslsninger0
Briketteret6
Anvendelsesregulering
Redoubts5
Shell_NotifyIconW
shell32
RtlAllocateHeap
RtlCreateHeap
##KERNEL32
CZriUk
0:iz0R
0R}dXV
;]yDa]
;:VQ1Ri
08ize2
F:c_=1R
0'bG8R
L)bx6`G
24F#+<W.
GvQf:mj4
"cH-1yU
hQONug
<ex@0X
3,o{U+
N9h;!`4
AV@5Bjxe
%6m[&b
,hlyb6
@amJ~>r
WTf)	5q
;6DTumW+
a=.Ne_
1/^DXr&
|DU)v+
9^&C*\
Iun8,J
.O /B^
))3{2Y
@i7yf|ky@r_y
X?[5aXh
=}	}'c
X~w,;%
c	cE,v
J.O,ra
}~lgoW7
;5k-q`
Lu4L:N
aJ{j<./
b#m#JH
`jsQAi
R`qXu'
8MZO2RN
2G4Rq~
O82&<T[Q
[0@oYrF
>Xq1$!q`POV!{s
 UlmTY
E.kQ{Z6
^^/-vw
L5vkYU
 {[E+F
DrOrU'
X61p" 
J_G$i%
QD]I|}
o	G/j1
al#A~U]
Fa2fmZ
Jl]|0	n
F6qQPE
5x%"tQ
i~w\Ke
F(LO._q
MzRbiS
\}gCR=3
1t`O2l
uJG%jB
l&%OhJ
\rroF)p%Q
]sX=I_
n^gARQ
o.#-x9c~
C3g{&G
mb-^u]
(+c;T=
V_J#Zv
nYDGbC
sIn6a(
994mmd
uyx_=4
N)%V|]
AFODLk
UL+#E'F
Ag.$7gN
1qd./b
J]?)<{
5KmSty=`|
HD2&'=
9T$(Z8.
`WucYF
Sq2:x/|f
*"EjHO
sPnh9#
R[Zw@@
>{9$voaA
uwyZn?
6@YS1D
M*	vlJ
0%RYqT
]sjZ>m
C=+A^&
c-+#p#
geWFQ9
D%_KF\F
r|D]$MQ
enD"}1oU8
O-670	f
.;%UH!
Jr0Gg=mX7
?wV9E_
0[]iyR
u@Lih:
]hd"X1I
#C,UsTo9v
o7U!Uw7
00k/whv
J/f>>f
|Mf#I8
^Q$CJj
}fJ]t.
%2d0^.7
"us[&Q
AhJS8. Q
L% MP4
c1c\OyJ
0ZwBhz
iIrJw;J
eu0H ,
3]at]T
VW|U9K9
`Q,Th%
$?0' @
EA0huJ
=<PtxA
2HZ (_
X!)e28
x/@Z{|
0w%Q|Z
gHx|3s
Sn\},?W
S	s6TI
aYI`AL
>{*%.s
s,<jH\lH(Y
zGrq;>
Vn[{I|w
LT>5m~
m%54rFz!Y
"=HcPy
`|yj!f
&|,n}J
j%{NF!T
8NFrq'
4hlkkmF
cujb-~92
Y:LUpH
<s)$MI
*yry\r
PMtb^Q,
TNTU?U
]"O#TW
~-09, 
3GxP4i
G?WIiNj
-)s=@w
XNNn#`
+<(!D0
Z?4[A"
}&9lY=
lF!g:K
Q\p@9Oy
U]qzn[E`
vgyd42
r4FR8A
Bv#vno
5E5E`h
riFOej
DzE8Mi
GQ}k-,YMW
NyzT<[
-Wr9HJ3
6%OlI$
7<gU>#
YX5&<lF
oVE.n@/|\|
J:r3$f1
yzh2!<
>F)*;r{
L}OS+w
B&kOWY1b9\!
so6ma*.!
nwtMt>?
;?43i+
<K+pY2
z:IZd&[
#9h:LZ94
^TJ2Hmn
1qtFO*
{kud.0cv
-q&z/5
?Uu!i	,
Vu`mwQ
 `sHcP9U
)$$j4Xk
x_C=/;
H(c[7A5m
_6Vp@L
#}[Cd.
n1c[e5
'3AEM^
deNua &V{i,1a
JF_TEu
6A)@KP9
NLF.~:
4/e!(u
g`5xx&
;\&sn6n
|~IVQf
.wNx_+>
of`?`}
%/J]fX|
s[~Rl\r[
=vIBjT
0dAi&*
.DKJrn
@/"!Dr
1#)1t	
2Y  }"5X
yN`_n4
Fp%ha0r
6oXha3
k.f|u})
w|n@	-
	m&V'+
|LxE3LW#j
1w%0*j
7qZ4X1
k:-	gcR>
26P^fg
Y2u+l}L
X>)|X)wC8
'%_Y=-
1h;hhg/
Chlg3WN
}.a#@q
L@DlW`
bsV)nA
NqoC<^
4>Ae6'Cv+
__?7Aa
4b_Y#c
hV;_Op
Vy(Mp;
u7jnc1
pL="r7S
AB=_(8
V%3 I%
5]^hG`
ISC*KGg
#.B*z]
G^`8B(
:F=SGNy
s]9pMt
SR]ZK.
^b`S	X
-V?</k
Redoubts5
Incages0
Moment7
Plumbers4
Steadfastly6
Akkomoderende
Brugtvogne
Certiorating1
overgangsreglen
Astenier
Tyvekngtens
branchiosaurian
Regeneratoryregeneratress1
detonational
Caddises5
schlepper
rovfiskeriet
Trottoired4
ultratotal
Aecidiomycetes1
obconical
Beskatningsgrundlag6
Antennekonstruktion5
>b^M>t
C4hDZD
MSVBVM60.DLL
__vbaR8FixI4
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaAryConstruct2
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaI4Var
__vbaStrToAnsi
__vbaVarDup
__vbaStrComp
__vbaFpI4
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNrr}xxxxx%%
NNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNN
`[}rrrNNNNNNNNNNNNR
__j*:).0
NNNNNNNNNNN
_	/////
NNNNNNNNN
NNNNNNNN
rrNNNNNNN
NNNNNN
NNNNNB,M
rrNNNNi
rrNNNNi
rrNNNNK
Fyyc`(
%NNNNNN
CP%NNNNNNN~
PPNNNNNNNN8
RRNNNNNNNNN3
9RNNNNNNNNNNN
55NNNNNNNNNNNN
NNNNNNNNNNNNNNN
NNNNNNN
NNNNNNNNNN388
NNNNNN
NNNNNNNNNNNNNNN
KKiiNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN