Sample details: f8678e60de6ba5611ef8c15b3e14cfed --

Hashes
MD5: f8678e60de6ba5611ef8c15b3e14cfed
SHA1: 7685305d89eace8dad7851129805eaa500ced384
SHA256: e488d7c76af2bc54f8873b1712a556acae722657040d424198f25a4fceae051a
SSDEEP: 3072:Q03tI3hrDKOOqrdspvZz+5jcEwjrOlXT8508D:CDWMIvZzGjgrOlXTY0c
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Basic_v50v60 | YRP/Microsoft_Visual_Basic_v50 | YRP/Microsoft_Visual_Basic_v50_v60 | YRP/Microsoft_Visual_Basic_v50_additional | YRP/Microsoft_Visual_Basic_v50v60_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/SEH__vba |
Source
http://derbosteel.ml/file.exe
Strings
		!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
VB5!6&*
Panelling
Handforth1
Gardyloo
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
VBA6.DLL
__vbaFreeStr
__vbaFreeVar
__vbaStrVarMove
__vbaStrMove
gdi32.dll
EnumFontsW
periodontia1.dll
Underbough7
PlayEnhMetaFileRecord
__vbaLenVarB
__vbaVarTstGt
__vbaInStrB
__vbaVarDiv
__vbaStrCmp
__vbaFpCmpCy
__vbaCyI2
__vbaCyAdd
__vbaFreeVarList
__vbaVarAdd
__vbaI4Var
__vbaVarMove
__vbaSetSystemError
__vbaOnError
__vbaHresultCheckObj
__vbaNew2
Handforth1
Buckcreek7
FHW.*M
[-rLyG
:dU~F(
`<Q<@8
zC0i4*K
]&E:W%
C81CuN
4hutQm;
'WvW@2
3+uvT2o"b
@ef6MY
4e~6,;?
4MUG^3a_
w_sJ~}(P
WAIgHgx+
kvc87^s
2.WyU0
[D,3 5
!Y4"UFS
zd<1FiLZ%9iy	
o&352,A
/[g{L@
u#)FXGgxM
+S\Q|Cdu
(LZe9e:H
UORF'5
~|[, 53)D
,AGBJP
<M,MCC
;d;&&"Dz
*:76/0E
r*u:	u
<F!WfK
.CC-PwU>
lZe9q;H
o33S|B
}Z-rcTj
Q"k3a[
FP[, 97)D
,h0n\m
jA0i4jK?
Y*d$Sv
jC0izBK7`
~PY	i"
\*:kzsf
,hyp\m
[-r-Tj
=GG`)'
r*ze"p
FFdS\~h
"pm`dI
C0i4RK
`(75J7
:*eJj+
Xt_olv
i*Msxd)CMl
nCZe9e
azBK7o
I\{_C@
#o#L0g
~uqaqI_
k~3Jst
^ve~6,
X&Eh{t
'LZe9e;H
k~3Jsx
%+L4"zX
k~3Jsx
CVy#{[
-_{LN9
;@1p p
C0iKBK
56V[]n
83aUPm
~,[, %3+D
Ru4A}I
aUY^3aUD
(LZe9e;L
.cVy#c[wF
W3[Na%
S\|G;:
t? Np3
tYM"`;
6#\l=Z'\
xb9;ff
aUg5Ym
~x[, 9
hZe9a3I
:l})<@8
zx5Y)6
(LZe9e;H
4BKSnC|
EUZ{3a]
jC0izBK'^
 E!{[K
a5n5Ym
/E>)XV
Ze9a;H
x/4"gE
Y~"eSv-
(LZe9e;H
[-r-Tj
6/~[, 52+D
.CC-ND
pZe9e+H
 -3Tfq
k3sk&8
jms]B~&x
C0izBK#a
ueMM[Xz
f:6BK#
p~5Iq ^H
xngw/U
Or=zK'a
3GdVFb#
d%M]o-
QJq'sb(A
;$-4#\
#I]7#\
UF'3Yb
9lr-Lj
}u)UF(	'
l>CNfG
2^G\*l
Y-rcTj
$=f#_l<
peN6,(
XHa1gTm
gU}Fp2
gU}FpZ
}G$ZSy
]#[2dK/
g{2t%1^
a/,g7V
H"b.&H
>[2V4k
1^PQH 
8U/SLT
h(K>w7
EEVVE0
uR)S4'o)
Jr`1	|
	k8.~A
7udwY.
6](MnrP)
`})Qqf
 Cv~J6
$8g0Ax
XGmgX 
'oaT(&
V<)M>bW
!R/W:[x>
]6H0QuJg
74UW+a
8JNSwU7
`mtobno
S? IcDS	
8JNSwU7
R)^W~,
Ph(1IL
"Zpj5nf$
2aVULVf
-ia8rae
U}2A!s}"
I6	 .c
:Q,P4kX
/aEpD)
gK}	IU
!N/KQZ,*
Oy ^;l
)WERY0
@_4s@#
2aZ\LVz
D/8|QJ
.:F/8D
/r\/8b
/sH/8~
/Qn/8_
/>a/8x
wwwwwp
777y3s3377
ssss773s7773x!
wssssss
ssx7s3x
sssw7778
{{sss3
ssssw{
777773sx
!377777{
777778
sss73sw{s7
73s7777
ssss73sx{w78
sssw87{
773s78
77773s
73w778{
w773sss!
sssss77sss
w733378
{w777ww
87w3sw
87!7s37
s3sswwss
s73sss333s
ss{{ss33x
C5UVUUUe3I
DvUUUUeWwS5
vfveUWweS
vveU!6wwUp
vUU335wffp
eUU)eg
vgfUUWwvep
weUUSWweV
eUUSSVwUV
eUUUUg
vfffvw
wwgeUW
eeUS56wU!
uUUUUW
vfeUUWwUV
uUUUUUeU6
wwwww1
EWggvveFFj
weVA5f
	S3STC1
	fgwe3
Buckcreek7
MSVBVM60.DLL
__vbaVarTstGt
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaOnError
__vbaCyAdd
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaCyI2
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaFpCmpCy
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaVarDiv
__vbaFPException
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
__vbaI4Var
__vbaVarAdd
__vbaInStrB
_CIatan
__vbaStrMove
_allmul
__vbaLenVarB
_CItan
_CIexp
__vbaFreeStr
C5UVUUUe3I
DvUUUUeWwS5
vfveUWweS
vveU!6wwUp
vUU335wffp
eUU)eg
vgfUUWwvep
weUUSWweV
eUUSSVwUV
eUUUUg
vfffvw
wwgeUW
eeUS56wU!
uUUUUW
vfeUUWwUV
uUUUUUeU6
wwwww1
EWggvveFFj
weVA5f
	S3STC1
	fgwe3
wwwwwp
777y3s3377
ssss773s7773x!
wssssss
ssx7s3x
sssw7778
{{sss3
ssssw{
777773sx
!377777{
777778
sss73sw{s7
73s7777
ssss73sx{w78
sssw87{
773s78
77773s
73w778{
w773sss!
sssss77sss
w733378
{w777ww
87w3sw
87!7s37
s3sswwss
s73sss333s
ss{{ss33x