Sample details: f5ff2bbbc8d8fccab5fd996d3824e871 --

Hashes
MD5: f5ff2bbbc8d8fccab5fd996d3824e871
SHA1: a816c95dd7492091d31b334341213422cccdc040
SHA256: e631066c681e40e77e0b0c75c1d65440a3f8353807da8dbfd7afdc97b5d28e41
SSDEEP: 6144:yDVQxrgsH2Y/nHfZKAKXrnxTiIIW4NqPPUx+6VtVy:+CrP/ZKZiIz4NqPPE5
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba | YRP/SEH__vectored |
Source
http://www.centerweb.es/soporte/.eval/en/sys/adp4.exe
http://www.centerweb.es/soporte/.eval/en/sys/adp4.exe
Strings
          	            !This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
BorderFanaticized1
Nymphosis
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmmllqzzp{llmhl(
G@@@@@@gghhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsxGvB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv|||
@@glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
kpppIF
(gvvvvvvvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvvvGmvvvvv|@
mhh@lAggq(
vGzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
\\\\\fF
FFFF55
@lmvFF
G\*\\\FAAAA
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
>v5glzzGvFFFFF\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
FFFFvlttppqx
AAFFFFF
gGppqmpr
AFFFFF\v5gmmhGo
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM
|rrf[co
yjyyyyjyyj
QQQQQQyQ
QQQQvr[zvQ
ovbXvq)fvXM
]ooo'XXh_
114__h_X'@'[W
'X__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
oAAAA2232
TUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
:^1<P4
*	+,-./
r!tuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
+-E8_d
%35Q/{
Paternosterelevator7
Mjsommeliges
Landzoner
Gallerierne
dDwyoo
YW{~vp
mAwC#B
DW`&iy
3gtl;\
uK!~Q	
E9:b4<*
6&4647U
WiXzymC
vtY(fF
uAS{z'p
x:VzAE3u
:KTnr9xX
.sRch	n?
g>"Rg!
4A d2e~
+S.Or>q
;!9rJX_3
mWLah}
5j{Ore
\j$e0w
6c8VcS
)|si\[
8wEN_q
,x7_Kn%
*k\eSs*
8rq:e}S
I&S"Z!Ef
{C9<}-
rs}KK~dS
])TnIP,I
:ai54v
)(3zL1
-96<@;0
K=.3M}
HC$M5+DM
HU>^	2>
m*45;!&
l@qD)$pr08
-I?S#,4
PS$A_=d
Nu'	aL
6Qk-"k
_1&3N:=
;_kUGm
 X2sKHB:
jNO;lN
pSFOt,
R0MF:P
QB)35/
5&2Kcm
t9(56@
9z0!/"p
*oTJkm
%x48cm
mKnf+-
vl4YQ^W
%zFOl-
Bp:9]B
SrS(j	
3r=t*1
^	c0fp
hhX~)5
-Z*m	b
?+=cA/
`mG!,j0
V_ lyx
DMy3;p
+;KJ{u
s$bC&#
/4FFt[i
Iq$9R8x
fW`9Gq/C
ou(( T
V}$,^L
eI7	%T
"]+ZWx
b.8.%*Q;y
9BdTXr |
zOp?,D
PKzw,"o
fP/{a_
0wuCIr
K}7;g@
_>GP!&
_/x{]/
3lWb]%
#PzxL(:
Ten59(
+K1ITu
yU~r/p=
G>,Gf{
Il`t0u
p3-xgN2@
\EVE/T
DlDlpp/
y{_}.m
=fc=XGI
K\A`*z
?rUWik
nn`|rj
k`d+bqmH
O>LK>!qZ
^;UT!o
ZiNMC0
'rwa@p
pm[na3
y={K<<
5Q &t.
&T,GYh
N=.>5w
uO.%Fx
ZP.Av9/
kt!Hqw
2HxMZt'
)tw6y3U9
$	JiqlU
JEi`=F
<~fc".\8OX9
U	kG[E<I
0\	PUV
%flqK#
_rU~T'
)MR@~-
%#Ffo 
'G+hN?`
oMH	\C4
L=ox2&
+|B A7
1I8eW2
HkvUK%
@8%SD*
85T5GQ
++oSDv
xHlGa 
QH')&!Y
2*=]DLg5$
Oz	Kt*
&h#9g`
g6nC2Q
1\!Kj3
5hrn?A
w}0	B|
2AUpdo
"-zvJ>
7z{=S5
5FR@/>
:SeMG^.n?
WOQ$Y1
%)!S8v5r
5@%A~W#
/"N;%^
F}]^h\
?:nx3%
#X%HuI
2'CK-=~
Zl{-Sp
[.Q	zc'k
!dKHsB8y7
~X1ZulC`
=l!VC}
2Rs%<g
7>S;)N~&
*G/%q#
OZ%3A3
dWV4+:-
]{U]u!(
h20`7?
7CwSu'm
"]"/_1
8WnqceJh,
HWM/dy
\Uhj)[
ymKh<j
L%E"Nsq
!{lw)^
~r.MT%&
?\01Mp
E_%V,3
,[j+%J
Y*p^.8
"?m5vC{):
^?$pj1
CX	p3h
@Be@8Y
UG=i$R2LR
.Yg-dI%
YV;vc7:
(YD'9p
Dgo?Vn
1.?~\ 
85~. s
#Sub}d
_1H"DK.
"3/U&~
VQ-Fxr
\[=pd'
Am]G[*4*
)lD:\4
bg\hV)
AS&/;1
DGU@vs
CTt/YK
:-V3Su
~jYqP:"
3KPk1~ 
0F +/d
mlUkc!
dyY>sS 
ysXg7y7|
~+Lj)Z
<?Y,%2
Ab],)/
RnnAr:
5>g0$v
axf|RY
t|eRpn
Q3@a	*
v"?kGl
K@uOQW
[y~?Q}
[HI5-E
vStas-
DV08R?2
BO_Em C
6D7>}Bv
S;!VA0%."kX
MIf9z>	
TJxOe<n
[|meoM
4b-_Dt
XLLdV"=U.
0M,Lk9
~TU)dr'
 Zo|02K
8)[-Vl
37%@'`
 oh	yW:
8hVo,3
^/CCS9
pY&4i\7|mH1Q
o/'#3w
6&.AS?u
aj/r`h,'l
n(		7L
3dz	v2
nPfC	nC	
ibOI'=
n/H^Xx
"giw	$
A:tVSJ
"p`j'sQl
p!L <b
.7)zkt
8d]jvkq
&t[NN}q
bEjP$=
zgU`nL
M&X8Zn
?4KB*6
6M<wIy
&8S=(N
RLr_m~
8vq&vk<A
_mL-^><d
f\u`\H
tC(	`o
?`_VhwG
HPz_(MO
yD*twl
TJg\45
=z??Pi
K{U|}YY
:GUQ[K
=+me	v
^%bZkf
wuFYyKm$.qx7
H XQ}3
j*31KF
tE)'1*
Fh%t^LI5
Pe6[Kn/
qaX|nW
*WyyydU!N
Zj8@:;
 N-K.1
#g>`N^~
N!i.^u
g!M<r*
hLZ'wW
u"vwMg?
qR{!yx
:nkh(U
r:BYcQ
]8mp=X"
u_}~^=
*tvw6E
:[|jlx[:P
SHELL32.DLL
Shell_NotifyIconW
PHeapAlloc
KERNEL32
%z7~N|1"
Dg_8	|b
Dichronous
Dksbdens
Butiksassistenters2
VB5!6&*
Stemmes6
Fanaticized1
Fanaticized1
Nymphosis
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Dichronous
Butiksassistenters2
Paternosterelevator7
Gallerierne
Landzoner
Mjsommeliges
CreateDCA
kernel32
HeapCompact
user32
OffsetRect
WaitMessage
ADVAPI32.DLL
GetSecurityDescriptorOwner
GetTempFileNameA
winmm.dll
midiInGetDevCapsA
ExitWindowsEx
GetMetaRgn
SetConsoleActiveScreenBuffer
FindResourceExA
GetSystemDirectoryA
imm32.dll
ImmGetCompositionWindow
SetServiceStatus
CascadeWindows
ActivateKeyboardLayout
LeaveCriticalSection
ClipCursor
AddVectoredExceptionHandler
CloseWindow
URLencode
VBA6.DLL
__vbaErrorOverflow
__vbaBoolStr
__vbaSetSystemError
__vbaFreeObj
__vbaNew2
__vbaFreeStrList
__vbaHresultCheckObj
__vbaStrI2
__vbaStrCat
__vbaStrMove
__vbaStrCmp
__vbaFreeStr
MSVBVM60.DLL
__vbaStrI2
_CIcos
_adj_fptan
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaBoolStr
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj
+-E8_d
%35Q/{
r!tuvVwxy
cdefghijklmn
WXYZ[\]^_`ab
RJKSTU
BCDEFG
789:;<=
,-./012345
!"#$%&'()*+
|rrf[co
yjyyyyjyyj
QQQQQQyQ
QQQQvr[zvQ
ovbXvq)fvXM
]ooo'XXh_
114__h_X'@'[W
'X__;___@op
0X__;;;;;_or
rvXYbY
o;;;;;^;;;_^`_XXYYQ[[me
A;;A;;^;;`Ia;;XXYQc\sf
oAAAA2232
TUV'hXX'o
0hA22;4
DEFGHI;J|Lxx
'33Y56789
:^1<P4
*	+,-./
qG@|vF
qGg|vf
(zlmGmmlllqzz
mgghhhGGGmmllqzzp{llmhl(
G@@@@@@gghhGGGmllqzt(Iv5gG
G|||||5
@@gghhGGllsxGvB@@Gl
@vvvvvv||||5
@@ghGGtw^R^`
vvvvvvvvvvv|||
@@glxx(A
|vvvvvvvvvvvvvvv||
@ptt(FG
vvvvvvvvvvvvvvvvvv||
kpppIF
(gvvvvvvvvvvvvvvvvvvvv||qqqq
lvvvvvvvvvvvvvvv|vvvvvvvhlmmqG\v5gl(
(|vvvvvvvvvvvvvvGmvvvvv|@
mhh@lAggq(
vGzpvvvv@
\\fFgGqt\f\\
v|||v|@G
\\\\\FFFFvg5GphFFFB
\\\\\fF
FFFF55
@lmvFF
G\*\\\FAAAA
\FIlG\\m
h\\\FF
Afv5|vv\FFF\g
I@Glzz|FFFFv
>v5glzzGvFFFFF\v|vvmx
FFFFFFFFF\sttxtu
<<<<<<<<<<
AFFFFFFF\txxtpty
FFFFvlttppqx
AAFFFFF
gGppqmpr
AFFFFF\v5gmmhGo
ceAFFFF\fF
v5gg@t
/ULWVVYcnAAFFF
5JCLMNNNM