Sample details: 778739139bc15cff37f725b8f518003b --

Hashes
MD5: 778739139bc15cff37f725b8f518003b
SHA1: 867d2c298a4886db00dde196db1ac404581c8167
SHA256: 2d16258737546f848b8d305ea074ab11619febf73ce6fb9ca60d9139a6671f5f
SSDEEP: 1536:sRU8dLe0JwfN2h1K1/zOeYlcOtvQ0eUe5216CfAcEnaQNwqCKTdj:4UOL3KNcRI15tcEaSw8dj
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Cpp_V80_Debug | YRP/Microsoft_Visual_Cpp_80_Debug_ | YRP/Microsoft_Visual_Cpp_80_Debug | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/ExportTableIsBad | YRP/HasModified_DOS_Message | YRP/domain | YRP/contentis_base64 | YRP/Str_Win32_Winsock2_Library |
Strings
			dern32
	This pro W
`.rdata
.idata
@.reloc
t$\;D$Hs4
D$ 9D$8
 W+D$$
 W+D$$
 W+D$$
 W+D$$
T$09D$
D$$=PE
D$LyvhB9
?uED37
Card4G
=	`XKB
>;O?6;O
waveInGetID
midiInUnprepareHeader
WINMM.dll
WS2_32.dll
OpenInputDesktop
PtInRect
FillRect
GetClipboardData
WinHelpA
SetMenuInfo
SetScrollRange
CreateDesktopW
DrawIcon
FindWindowExW
ShowCursor
GetWindowPlacement
SetSysColors
GetMenuDefaultItem
GetClassNameW
wsprintfA
ReleaseCapture
GetGUIThreadInfo
USER32.dll
CryptMsgUpdate
CRYPT32.dll
SetPrinterDataExW
AddPrinterDriverW
WINSPOOL.DRV
DisassociateColorProfileFromDeviceW
mscms.dll
StrRStrIA
PathGetArgsW
PathFindExtensionW
PathCompactPathExW
AssocQueryStringA
PathRemoveBlanksW
SHLWAPI.dll
acmDriverID
MSACM32.dll
g_rgSCardT0Pci
SCardGetProviderIdA
WinSCard.dll
ispunct
ntdll.dll
msvcrt.dll
OleGetIconOfClass
MkParseDisplayName
HICON_UserFree
ole32.dll
MprAdminUserGetInfo
MprConfigTransportSetInfo
MPRAPI.dll
ShellExecuteA
DuplicateIcon
SHELL32.dll
OLEAUT32.dll
FindFirstFileExA
HeapFree
GetSystemWindowsDirectoryW
LoadLibraryW
WaitForSingleObjectEx
FindNextFileW
IsWow64Process
SetFileApisToOEM
CancelIo
GetBinaryTypeA
DuplicateHandle
FlsGetValue
GlobalDeleteAtom
FlsFree
LockFile
KERNEL32.dll
GetInterfaceInfo
IPHLPAPI.DLL
CM_Get_Parent
CFGMGR32.dll
DestroyPropertySheetPage
COMCTL32.dll
PdhEnumObjectsHW
pdh.dll
CreateAsyncBindCtx
urlmon.dll
CreateServiceW
AreAnyAccessesGranted
CryptDestroyKey
RegSetKeySecurity
DeleteAce
AddUsersToEncryptedFile
ADVAPI32.dll
JetDelete
JetRollback
ESENT.dll
NetFileGetInfo
NETAPI32.dll
StrokePath
GDI32.dll
NdrConformantArrayBufferSize
RpcMgmtEpEltInqBegin
I_RpcServerInqLocalConnAddress
I_RpcBindingInqLocalClientPID
NdrInterfacePointerBufferSize
RPCRT4.dll
RasGetConnectStatusA
RASAPI32.dll
<th}"I
NvD4!X
_b&yRxh
NvD4!X
)rb2~3Z
cc!	x7`
Yy0#N,H&
Yyk$N,</
!'PA,:K8
Yy3"N,
8b1~3V
!'vD,:`r
:%XKTD
8;a~3Q
Xxd!^,O
t}Ydp:
LeC	$Kb
Xc\'~Zy
!'XSTy
fyPA8mJ=o
*)>x(h
}bj7`u
idV9Lw
UfB;8ypNo
pb*vk%
>Xs8C5
0yLuP);
td6@m:
'~:_L$4"J!
Yw0*OvP
WUqv5L
PR16ED
gBg,h;E
cl':1 
KK^GRh
vLn#k<
ew4<+ 
K*TK!T
BH@~y5
?}R#{m
'?m"Po
}F!w^vt
P;"#D(Z
%~oPW/
v80jpN
Jkd78Qso
V	nt$q
{0oy\!
!wwq)*t
Lj	&+"
5+50bE
+\r{n>
U>J_\c
#x&>-P
'G$vle
j,UQ-oH
g-lUBl
;/3^T;]w
)*,#eI
@s8blY{1
-Id*.*
=C2:;|!
i$-GC2\G
HhWv9X
2+{P!%o=
Pm6b5!,X
R[UH5b
{i2).|
cTyiEu+h
yrO!{1	L_
Ck3v';"
(QWcu	fJ+
|cfxr:
5`(YLJ
a|?!zd
9mNaqlX
m[Mm+!
/}nbli6
[}GwS1
!|H"ws
|+l9I8
XN0/{@
jM)9]7
bKf*mfKW
Tp'!77
`s/c,k
<{V#'?
~!mvx?
%NQ3Ih(
|c)Hx3
W,\P(Z
ms$kq#
wTB@,h@
"	+ohwQ
(@~yUA>
=W,\Px
<{V#'?
\0Dz	hV
+rw4!k
MsG.pPa
EF8g_^Q
VX	NDLZ
-l~?d3
%vD2-	Mo
[gT)l	t?PM
To0!kn0s|
0f0D0~0Y0:
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
</assembly>
2#5(5.5
6%6U667D7e7
8-939?9
6 6&6,62686>6D6J6P6V6\6b6h6n6t6z6
7"7(7.747:7@7F7L7R7X7^7d7j7p7v7|7
0 0$0(0,00040`0d0h0l0p0t0x0
14181<1@1D1H1L1P1T1X1\1`1d1h1l1
1 2$2(2,2024282l2p2t2x2|2
3 3$3(3,3X3\3`3d3h3l3p3
4 4L4P4T4X4\4`4d4
5@5D5H5L5P5T5X5
6 6$6(6,6064686<6@6D6H6L6x6|6
7L7P7T7X7\7`7d7h7l7p7t7x7|7
888<8@8D8H8L8P8
9,9094989<9@9D9p9t9x9|9
9 :$:(:,:0:4:8:d:h:l:p:t:x:|:
; ;$;(;,;X;\;`;d;h;l;p;
;,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<
= =$=(=,=0=d=h=l=p=t=x=|=
> >$>P>T>X>\>`>d>h>
?D?H?L?P?T?X?\?
080<0@0D0H0L0P0|0
1 1$1(1,1014181<1@1D1p1t1x1|1
2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
3034383<3@3D3H3|3
3$4(4,4044484<4h4l4p4t4x4|4
5 5$5(5,505\5`5d5h5l5p5t5
6 6$6P6T6X6\6`6d6h6
6$7(7,7074787<7@7D7H7L7P7T7X7\7
8 8$8(8\8`8d8h8l8p8t8x8|8
9H9L9P9T9X9\9`9
:<:@:D:H:L:P:T:
;0;4;8;<;@;D;H;t;x;|;
< <$<(<,<0<4<8<<<h<l<p<t<x<|<
=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=
=(>,>0>4>8><>@>t>x>|>
? ?$?(?,?0?4?`?d?h?l?p?t?x?
0 0$0(0T0X0\0`0d0h0l0
1H1L1P1T1X1\1`1
2 2$2(2,2024282<2@2D2H2L2P2T2
3 3T3X3\3`3d3h3l3p3t3x3|3
4@4D4H4L4P4T4X4
54585<5@5D5H5L5x5|5
5(6,6064686<6@6l6p6t6x6|6
7 7$7(7,70747`7d7h7l7p7t7x7
84888<8@8D8H8L8P8T8X8\8`8d8h8l8
8 9$9(9,9094989l9p9t9x9|9
: :$:(:,:X:\:`:d:h:l:p:
; ;L;P;T;X;\;`;d;
<@<D<H<L<P<T<X<
= =$=(=,=0=4=8=<=@=D=H=L=x=|=
>L>P>T>X>\>`>d>h>l>p>t>x>|>
?8?<?@?D?H?L?P?
0,0004080<0@0D0p0t0x0|0
0 1$1(1,1014181d1h1l1p1t1x1|1
2 2$2(2,2X2\2`2d2h2l2p2
2,3034383<3@3D3H3L3P3T3X3\3`3d3
4 4$4(4,404d4h4l4p4t4x4|4
5 5$5P5T5X5\5`5d5h5
6D6H6L6P6T6X6\6