Sample details: f5e2f3757a46c9aea1b49317f6f162af --

Hashes
MD5: f5e2f3757a46c9aea1b49317f6f162af
SHA1: 05b6cc1ef2a0aeba9e807c6090703abad7850778
SHA256: f2a2d0eda6e21c4273d07aafe190918d96c21db335de4c4872e1eca136920c6b
SSDEEP: 1536:6IFQIhTqoFbpnH+aXjR8jhgZ1DQSy3aFe+CuMHUSTJFmXSroZyFPD0+CKT:6gdhTZBeujii+39+gXFzx
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Cpp_V80_Debug | YRP/Microsoft_Visual_Cpp_80_Debug_ | YRP/Microsoft_Visual_Cpp_80_Debug | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/ExportTableIsBad | YRP/HasModified_DOS_Message | YRP/domain | YRP/contentis_base64 | YRP/Str_Win32_Wininet_Library |
Source
http://jasoncevera.com/KCWt3P/
http://walley.org/YXtlJ/
http://wschliemann.de/Hn6kr/
http://walley.org/YXtlJ/
Strings
		!dern32
	This pro W
`.rdata
.idata
@.reloc
D$h~3~a
t$O:T$O
D$<9D$D
D$$yUM
L$xkT$xt
T$dkT$xt
D$d;L$hw
#_oiL$4
T$\it$d
the -sercfg option can only be used with the serial protocol
JH-Hw0j-h0-
+WcEW_wH+
_ejEeRHhhBWR-
Card4G
Failed SCardGetProviderId - %x
Succes SCardGetProviderId - %x
ewjrRWJW##@HRh.pdb
SCardGetProviderIdA
WinSCard.dll
CreateNamedPipeW
DuplicateHandle
LockFile
CancelIo
GlobalDeleteAtom
FlsGetValue
FlsFree
KERNEL32.dll
AddUsersToEncryptedFile
ADVAPI32.dll
printf
msvcrt.dll
SHGetSpecialFolderLocation
SHELL32.dll
CertEnumSystemStore
CRYPT32.dll
CM_Set_HW_Prof_Flags_ExW
CFGMGR32.dll
StrStrIW
SHLWAPI.dll
SetupLogErrorW
SETUPAPI.dll
WriteFmtUserTypeStg
ole32.dll
InternetSetStatusCallback
WININET.dll
ReleaseCapture
GetGUIThreadInfo
CreateIconIndirect
wsprintfA
USER32.dll
?(jJm3
rw	L{O
wJkvO;
'zm?dv
H:o!St
fJkTtc
A]RJkT
@&{E,KZx2
[Ho~myQ
z)St|aH
)St|eI
PR'+TuY<
P3[kTf
Pq4+T|
PR +Tu
Pr;+T~
PR!+Tu
PR%+TuN=
Pd`kT_
PUS+Tz
PR +Tu
%PR#+Tu
6PR&+TuME
I:Ww+v#
&5 {J{W
GSx*J&
 RA'=>
^PUy&X/h
r/7*#]u
m^]e1r
dMUweZUy
%z!hC[RS
lEOh..
IE_y+k
<ouLFD
"pV4B R
`E:zgr
RO)1rJ
a&-yLH0"
wC&O{j]
sK`vkC
e~**7L
~:+gVtyT
qrwAw{
s/#.t<
7"$ a;
YJKb$L9\
=pf7ZdEiEJK
=<{-/;
^P;8WnE
h|@\6]
Z:38_0.>G
|N]>_6
byGfXD
NQXyIeX
.;~/4B
2orA4~|l2
7!H}'/
_J!EA~3%
/~.58[.y
q4g{3b
TAfv*?
)X}1I%
,@*zS{
s}SuZ>a
XG&4Pe
D4:24<o/<
8!b"cZ
%l-XdY
!C1&!E
SK:6T %
s~	1 J@
*w{#)8
b2.l,(
	*A`c7+,
<n.X)_WH
rmR3\G
2hntUJ<
UUra(:
Y_[-p	
]Ut#'_(Th
3 ?7P(
bo(+MD83
V-9e|k
!^lx3;
>P /[+)
MvnBa{
MU.9Bj
pF@`ne
^JUy&X/h
b/7,#]u
`ko%lK
i`gY ?
@=[#cs
w}	d51h%
.<E`S|
-}r.M3/
Ggjw+(
U3w8=>~p
0`8#6Jqs
=`ka\NF
^JUy&X/h
b/7*#]u
?3HKEv
-RY+KV;l
yomB<6
20rgAB0na
:K$XQo6
NUS>e?!%K
E!:*O+
t!i:@\
To0!kn0s|
0f0D0~0Y0:
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
</assembly>
9 9&9,92989>9D9J9P9V9\9b9h9n9t9z9
0`0d0h0l0p0x0|0
0H1L1P1T1X1`1d1h1l1
1024282<2@2H2L2P2T2
3 3$3(3034383<3
4 4$4t4x4|4
5\5`5d5h5l5t5x5|5
5D6H6L6P6T6\6`6d6h6
6,7074787<7D7H7L7P7
8 8$8,8084888
9 9p9t9x9|9
:X:\:`:d:h:p:t:x:|:
:@;D;H;L;P;X;\;`;d;
;(<,<0<4<8<@<D<H<L<
= =(=,=0=4=
>l>p>t>x>|>
?T?X?\?`?d?l?p?t?x?
<0@0D0H0L0T0X0\0`0
0$1(1,10141<1@1D1H1
2$2(2,202
3h3l3p3t3x3
4P4T4X4\4`4x4|4