Static | ZeroBOX

PE Compile Time

2008-09-27 14:14:14

PE Imphash

2f095340e94ca508e3b83fb009ebf4cc

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00173f6c 0x00174000 5.90181259571
.data 0x00175000 0x00005d0c 0x00001000 0.0
.rsrc 0x0017b000 0x0000a658 0x0000b000 7.68890795593

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x0017c208 0x00008ea7 LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_ICON 0x0017c208 0x00008ea7 LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_GROUP_ICON 0x001850b0 0x00000022 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x001850d4 0x0000028c LANG_ENGLISH SUBLANG_ENGLISH_US PGP symmetric key encrypted data - Plaintext or unencrypted data
RT_MANIFEST 0x00185360 0x000002f7 LANG_CZECH SUBLANG_DEFAULT XML 1.0 document, ASCII text, with CRLF line terminators

Imports

Library MSVBVM60.DLL:
0x401000 None
0x401004 None
0x401008 _CIcos
0x40100c _adj_fptan
0x401010 __vbaFreeVar
0x401014 __vbaLenBstr
0x401018 __vbaEnd
0x40101c _adj_fdiv_m64
0x401020 _adj_fprem1
0x401024 __vbaSetSystemError
0x40102c _adj_fdiv_m32
0x401030 None
0x401034 __vbaAryDestruct
0x401038 __vbaObjSet
0x40103c __vbaCyAdd
0x401040 _adj_fdiv_m16i
0x401044 _adj_fdivr_m16i
0x401048 _CIsin
0x40104c None
0x401050 __vbaChkstk
0x401054 EVENT_SINK_AddRef
0x401058 __vbaStrCmp
0x40105c __vbaCyI2
0x401060 __vbaCyI4
0x401064 DllFunctionCall
0x401068 __vbaRedimPreserve
0x40106c _adj_fpatan
0x401070 __vbaLateIdCallLd
0x401074 EVENT_SINK_Release
0x401078 _CIsqrt
0x401080 __vbaFpCmpCy
0x401084 __vbaExceptHandler
0x401088 _adj_fprem
0x40108c _adj_fdivr_m64
0x401090 __vbaFPException
0x401094 None
0x401098 _CIlog
0x40109c __vbaNew2
0x4010a0 __vbaInStr
0x4010a4 __vbaCyMulI2
0x4010a8 _adj_fdiv_m32i
0x4010ac _adj_fdivr_m32i
0x4010b0 __vbaI4Str
0x4010b4 __vbaFreeStrList
0x4010b8 _adj_fdivr_m32
0x4010bc _adj_fdiv_r
0x4010c0 None
0x4010c4 None
0x4010c8 __vbaI4Var
0x4010cc __vbaAryLock
0x4010d0 __vbaVarDup
0x4010d4 __vbaFpI2
0x4010d8 _CIatan
0x4010dc __vbaStrMove
0x4010e0 __vbaR8IntI4
0x4010e4 __vbaI4Cy
0x4010e8 _allmul
0x4010ec _CItan
0x4010f0 __vbaAryUnlock
0x4010f4 _CIexp
0x4010f8 __vbaFreeObj
0x4010fc __vbaFreeStr

!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Fishpot2
Marchon
Koreci7
{d)2$q$q$q%q%q$q$q%q$q%q$q%q$q$q$q$q%q$q$q%q$q%q%q%q%q$q$q%q%q%q$q%q$q%q$q$q%q%q%q$q$q$q$q$q$q%q$q%q$q%q$q$q$q$q%q$q%q$q$q$q%q$q$q$q%q$q$q$q%q$q%q$q$q%q$q$q$q%q$q$q$q%q$q%q$q%q%q%q$q$q$q%q%q$q$q$q%q$q$q%q$q$q%q$q%q%q%q%q$q$q$q%q$q$q%q%q%q$q%q$q$q%q$q%q%q$q%q%q$q$q%q$q$q%q$q$q%q$q%q$q$q%q$q%q%q%q%q$q%q$q%q%q$q$q%q$q%q$q%q$q$q$q%q$q$q$q$q%q%q%q%q%q$q%q%q$q%q%q%q%q%q%q$q%q$q$q%q%q$q%q%q$q$q%q%q$q$q$q$q$q%q$q%q$q%q$q%q%q%q$q%q$q%q$q$q$q$q%q$q$q$q$q%q%q$q$q$q$q%q%q$q$q%q%q%q$q%q%q$q$q%q%q$q%q$q%q$q%q$q$q$q%q$q$q%q$q$q$q$q%q%q$q$q%q$q%q$q%q$q$q$q$q%q$q$q%q$q%q%q%q%q$q$q%q%q%q$q%q$q%q$q$q%q%q%q$q$q$q$q$q$q%q$q%q$q%q$q$q$q$q%q$q%q$q$q$q%q$q$q$q%q$q$q$q%q$q%q$q$q%q$q$q$q%q$q$q$q%q$q%q$q%q%q%q$q$q$q%q%q$q$q$q%q$q$q%q$q$q%q$q%q%q%q%q$q$q$q%q$q$q%q%q%q$q%q$q$q%q$q%q%q$q%q%q$q$q%q$q$q%q$q$q%q$q%q$q$q%q$q%q%q%q%q$q%q$q%q%q$q$q%q$q%q$q%q$q$q$q%q$q$q$q$q%q%q%q%q%q$q%q%q$q%q%q%q%q%q%q$q%q$q$q%q%q$q%q%q$q$q%q%q$q$q$q$q$q%q$q%q$q%q$q%q%q%q$q%q$q%q$q$q$q$q%q$q$q$q$q%q%q$q$q$q$q%q%q$q$q%q%q%q$q%q%q$q$q%q%q$q%q$q%q$q%q$q$q$q%q$q$q
tM)Z;
bIJ]+?
TfHd[%
}&qqeeI
i.Jzva
cg'*pM
JsJ](w
{,--Cn
g&Bodt
62[TyE
"78P$P
fSP6vP
tw&]>;
9%n[+Ri
`=a}w:k
qZ%z|,
9y} 3X
1ZGgr+:
{HN<ld
x^a=a}|
&\hfnA
hfzZ?c:}
2~n5z#r
&JSfn!'
>OS^=^*
U]flHjwK
X9Da1?
rZo_|,
f)Q6|/
Q[; y?
<Bq=?N
,.Ghr5T|
)%TH4
*{:j*9
g`~$3>
IQ.K8s
n35`G0V
[-%6+7
W[-%6/
U^ 5GV
yXrd@]
xqa[t;
>,yquVt;
6}aNnr
sDAxQ+Q
r^|McO
6}aB`r
xqa[t;
}*>GfZf
}"[b!?
3~n5~@
X'8#:q
$)j%z@
ik)e|"3
Vv4+L}_
nlc:562
J+#l^-
X1Da%?n
y*LpQ?n
'Gy|,n5
y4u I[
8B{E1]W=
r1P~^
0+EE=4
~h5z#h
q3y}"
'+}yU?
nABj|d
7>L'+g
g`~$3=
.!9"-M
t/[m"
w2=\i3
J=A1vY
VJ<FL09I>
&2kgni
_#^0<-6
4E/Rm=
8fmj;a
M},n4"
O0'a4p
VTo|e%
|/]53P
il5?A<"
0bC2cv
IbX]4v
i;d<4&2
vn5z#B
6}aNnr
xqa[t;}
O5Ew2>y
xqa[t;
BH4vPp
M[]&},
zynU:c:5
d~$G?!'q
p(vZCz|,l
u RZ'T
B-8~hpy
uM&gdr
"mfE-y|Z
w!=6+w2
`=nAu:
a=a}u:[
.K8q%Ma
X;Dq5^Y
=a-u:_
MZGz|,8
&,jfnw|
h%C(|c
|@N0cB
e'UAeS
b9rbx<,
AWgTz=0
g~$Gi
FL09I>
r~n%>@
3li@
@<D2;\
@^Y_]D
:v^0`
<Qk8fr]yBp
49iNtQ
~'TJ0s
'?vw&4
vC#tW}
uE13O`
(h5zN=
<"3u_I
RGc<i8
)Q6|/]53i
0~n5z#DRY
,fURV^
8FYIZ&
yquVt;
8}a&nr
xqa[t;}
>">@] N@
~8}a.n
e*(%KCQ
e{qI!w;Q
]y7v6&
z8}a"nr
uhlK8q
sBe<S+G
WxqiXt;
H<6`C]X
lMJI<*
6}aNnr
xqqXt;
&LVlKzq1
r~.[7v
gk~Bp~
8q:F4;
PK<"sB]
8}aFnr
`=av62
b=y#t2
FQuu5v
fn"#-$
9?.fGJ
08CYI"
d{E#a;
Xcn8U6
3|@C ]
N`-t(~
8("HrW
L[&(~4
WjfzZ?c:
<%\^^(
fJMfOnz|X#
r~n=z@
b_>rX{
n0AMp:
E}0J6]l
$nu"@g
``W64bH
7pUQ&G
f7Rz|X
+_~,n;
D0~Qqn
oM--d(~/d
Vwcln7
xqa[t;
J4krv&=
+S0>a%
+~$GyP
`=a}x&
~t[t/0
Wx~'UqU
d3*[i%
frG6]m;
l`DUn~
?LRE?c
Rfk2g8
_@TtTg
Rfm"ci
T}$EyT
w28CY(}
y4t Sg
X?'e9(
KLhNK<
dXFTF\S
|,S5:^
+IG7vn
dXFTF\S
Ns0~wf
8!YM4n
xZBfm
'+}q}/R
Z[en'%
ea%Psa
Yv$3eC
?fErVN
9XDq9?j
dr_{LD
i*8@uI
~<T|6c
-P?'|)
2#46'bt6c
&z9{#
-j%z@%
IbBD6v
1A)\Mv
r]h/`?<~
s6fwvle
Htk]J4dC
uvuUtk
uvwQ4m1
Lwe4e?
V4kc(!
tr,=-"J
&?.r/|
#%j =Z
E?cnI)
7GYC+%CL
xq}Vt;
&4\en#&
~n%nj]
=#3tOC
xoTHs0s
#%ylud4$
jaya}5bj4
eya}5bj
d6Ab*
@K<b.@]
`>aV"v
`=a0#v
yuf>@]C#
JH{)/7
}aNv<t
y4qcaH
H(>G}K
H+'C#)
3M!oYi
9?.fGJ
x:vO>u^
zSJ]r
K](wp2
6 vaF4
dtz#ZX
ItnKk'A
;uvL"f
<"3wMK
Qe+qoS{D
JJs5ruc
$GyHas
F}(J8q
dHBTCPQ
g`~$3=
*"t>"#
xqM[t;
4Z|8cO
\=upr2
"t-"v\
U+S/{
r8}a:nr
yRjK?t
"5}aRcr
+nwQy0
@X#_u3
X?Dq=?
tG,(5&A
;fZVW^
q$w16e
n0AMp:1H
`3)[y!
Lj_K]:
}p&jh{
1J'K@n9
qZ7z|,l
Q&~Cbn
+M&l`BU+
<<zHD]
{9|k+<
Dq=\\2
VN0D0x{
$#d"jp\
h0Wa}s
z9{#yt
h% _;u
us`6abd
Dq=\\2
Dq=\\2^Y
mO$3l@}W
2lS\6p
+9.jHqs;
`=R6lk
,+>*dc
u=nwfpe
Ox^/W*
fMF4B>
.xMG+V
z$GyPq
AN0bF_
`=aF20
+E@=0,
`=aF20
`=aF20
.K8quZq;u
`=apkw
#lY[O<
&K9qQoq;i
k;ND4&
vmX9=&
6%t>^!t
&(ecn!%
P?}5`?SH
r}k]$66
'Qfo"s
$80Rb?
fl=eN<
&|`kKjq=
Iy8K*>
Q4%=y#t
:=6v04
K<"L4L
!7pUQ&
4J:G1nhezs
xs2SRM|"
)d4h?U6
-E@=6,
y[*2bll
Or?5s/|
i!=5R6cZs
bN?0vqc
syJf]eKl
K^NEzh
vc,(i
?Nt[t/0
HVs ~ud
IeanP;
4#a"l8
`&spz%T#
`=1}s:
G7vh0^@
nc=a}s:
lu|6t>
}yEv<;
&^|&|
]^TQ`0V
Z0Wa}s
p8z`_/
n6AMp:
K]NEbh
S36:<!
+E@=0,
s;/ROC/K8q-)H
y %Vg2|
}.r6x8
G{$ 4K
MJV@X3
lScc]c
x|X=v<0
#t&npd
k8~D4h
n0AMp:]
_l4P4v
uvw kY3
CDmf0z!va
rmjV5v
r8}a:n
#lY[O<
H4yi*;[
S0vX&d
8}aFnr
`?aj&r
&K:qmSr;i
8q:n-si
b=`j&r
gza"'u
fnU?a
!"cft!
IW/K8z
`=-fp2
PKhK:q
`=av72
`?GOp2
\.]U~H4
g7X|0r
}udL1g
N3hK:q
F46v,~$
xqa[t;
6kuav?z
,u>S\y
UtW+S
XC"nqM
fUVTZPQ
< tV9K0
hmG 0
{E/a -
vO>ub;r
e~'T~6
][;QP;
KL~-sk
3Nd{fZBU^
)JPJ]@d
&dw|+tu
Jv0c6H
+S0#X
;x$GyD
n0AMp:
0>a!pe
,]53iT
U^t[t-4
i#A:?b
kWO0kj
(]"yE#
icB`~$
9?.fGJ
>-Tby8
`=cw}:
c;`~$E
g`~$36
=f/#~|
Rfm"cis
rqF61G
?np#p*
R-/ L~=
3{{k]<
,gFY.K
p(r9R
m]J4dC
`#]DTU
%T|[ H~
f+p~|V%
+E@=6$
Pe[) ]vmp
P+-`=a}
fu$||Z
yO=j"J!
XXA"9 ]
Zr861:3
?I4E}P
?OVC?_
GaT.L|
<rxyWT&
caX.Gq,
]K^J|k
9?,fGH
X$8#!yD
.`=a}s:
_wK0'a4p.
%@;;0z
1mD,ZVmB}
Ic2i=^\Z
fK+z|X5x
JtHL- 4~
uvw`\k
rC/K8qN
6:CI+K
v OC`G
l``4c6
xziU?c:
a)p8r9
jq].W
yfqax|
+S}nf
I[ erK
x9dq%~
{,n4"N
)ne@](
f=_x|^
VN4r8GI(
FFhCh~zH
))^s\"
E".h%~
VH$r[8
T|-r?<E
Is6&w^
htJKHF
:$~GyT
)+#T9(
_<7G Yi)
yVI8qNNxk
7G Yi%
hI8qHH
m%Jw"[
G9iN8s
tXQ0(
1Ava]u#R
@iP/[
AN0aJ,
w3Dq=?
kl]|C<"
,@F4yi*
p,6|/[
zYU[.2
.h=r@.
^TN&H]
Dq1?PvJ
R6|/[5
du Z_u
p}1}s&
("NS8hfh
b2d=vwc
@/Fy9\
w*=1}s:
r`=a}s
`UwKTS
)\]c{A
.KMJ}r
VK8q:NT
9%lK9q
`=y#t2
a tBJ$P
dqY;Y#
rYH/`?<~
qgZ_90
ps`>Qnd
YvFOjo
l`p6"R
6iAb*
xquVt;
@=%C %
Iz.Q9qu
B=gZP0
qJTtrm
!>}ituN
!l*1tu"
*`=avZ
U5s;q
b=cD&{
;i^Zqq
jN[>@]
-{X+S
.I8s)6};k
qjo9~sJ
Ez"%"L
ra^J8q
[.2($l
(p|X=x9n
J8q,x5;iU
dMBTS@S
2ILyL]8
r8x4v&
dCPA})K
e~$GyT
Qbuahexl
.i)SS
Ob_<'G
e,(a L
KL~NN,
cc:ixy
|r~h5z#
'f(Rfm"ci
5,-- Y
#lV5N3
E?3nK!%
~h5zKE
cp2-jSk
CCN0|;
7Bj/+z
N0""va
vq2jwIxk
K]KNFE
4;:6$z
5vO>uYZ}
BB<FL09
6e(S0+
&08qLJ
zu3L2+
fU?c:}
3N(+f[
i+Yw>
IGRit0
glD>0j
x:`=a}s
:fGFp|Z
T:wLS
(a "7M
ooAb,
-j%~@%
8~b$Zp
{4O`,-
/8(~sJl
[.2J#l
!7pUQ&8X2
h%"AZ
0;aa_m
9?.fGJP
Gt@P-=
Erjo0T
3;i!,0
}rvBs
P0!G4_
rkGh"
"Z(M&:t
*S`S$#
rQRH8q
tw/Dq=\
B]8qLK
tP,/$(
ooAb,
DKRqNK
Epjo(~zJ
GrlJ&
7?x|,l
vmX9q&]7
zA}c>j
~<T{UB
Vg=Ml7Y
eSADF^
b]J4dC
z9{#uM
b]J4kr
yi~0'c
&HW-*&
.L}7^8V
5z#RJQ
b~$G)$
J](/&8
b]J4kr+&
(a "7M
mo%Sv"8E
&>nfn!
U^OT|X
Uf5T|(
yJ]P=B
5H<^YC]
$yE+4'8T
Ob\<"
K<B}@]
v(%#*W
|@] I
<%E0z
63q1s?;i
53q+p?;m
k8{jT@
s<@n}D
T0ybVH
B2o` J
d4cf*L
z9[kpA
`{JAM>
B=oo&E
B7ceXO
Jz@@H?
_pAJD5
F8oj\@
j4~f!L
U<xnWD
P6qdJN
>fL~!
n|]FN9
\4ef*L
x9AkBA
n7}eNO
j3KaDK
t6\dyN
K=jo9E
j5Kg@M
5t\N\1
f4Of|L
^=goTE
j2K`@J
[8zj*@
{6HdVN
t4FfwL
v;]irC
z;NiOC
VuDOV0
r9SkhA
C*/qzB
v3@aLK
V2f`!J
f}BGD8
z6[dpN
n:whDB
z<[npD
b0CbxH
Pz;[i
v6[dtN
VqDKE4
J:kh B
v=_olE
j1Kc@I
F8kj$@
v<_nlD
`=af02
l_y8rJX
y#hxtB
e]\2oUX
!*jKFp
.K81JN4;i
.K8q51
Y$g%Q7
{d)2{d)2:Y&WN0
{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{TX
{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{
r({T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T
r{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!(a
{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{
!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{{T!{
Koreci7
Kailey6
Ultranet
Naughty
Wegner2
Avites8
Folkloristic
Zhizni
Hittitics
Transiency3
Tumefacient
Revivalize
Gadiyo3
Saucerlike0
VB5!6&*
Braggat0
Orphancy
Fishpot2
V7ue.
Fishpot2
Marchon
Ghorashy5
Appay6
Preboist
Afternight7
Paradoxman8
Collocations0
Tankful5
Unapparent8
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
Hightstown
Hittitics
Kailey6
Folkloristic
Naughty
Saucerlike0
Revivalize
Tumefacient
Avites8
kernel32.dll
EnumDateFormatsExA
user32
CopyRect
FreeDDElParam
GetViewportExtEx
kernel32
GetLastError
VirtualAllocEx
ADVAPI32.DLL
EnumServicesStatusA
lstrcatA
SetLocalTime
Briareus7
WriteConsoleOutputAttribute
GetForegroundWindow
ExcludeClipRect
winmm.dll
auxGetDevCapsA
mixerMessage
Hakashima
SetParent
SetConsoleWindowInfo
msvbvm60
GetMem8
Differ
Chaunter
Textonly8
Azemat6
Barmie7
Dollardee
Hornos0
Unluckier
Impolite0
Playwrights6
Florulent6
Pipelined
Exosmic4
Bungwall2
Reappearing
Ghostliest2
Auteciously5
Maddrsum
Thyroidotomy
Girvan8
Hebes5
Diagrammer
Kolka7
Unherd
Tectospinal
Trziste
Airports
Chiaromonte7
Turriculae2
VBA6.DLL
__vbaAryDestruct
__vbaAryUnlock
__vbaSetSystemError
__vbaI4Cy
__vbaAryLock
__vbaCyI2
__vbaCyAdd
__vbaRedimPreserve
__vbaFpI2
__vbaLateIdCallLd
__vbaI4Var
__vbaCyMulI2
__vbaCyI4
__vbaInStr
__vbaR8IntI4
__vbaI4Str
__vbaFreeVar
__vbaObjSet
__vbaFreeStrList
__vbaVarDup
__vbaStrMove
__vbaStrCmp
__vbaFpCmpCy
__vbaEnd
__vbaFreeStr
__vbaNew2
__vbaLenBstr
__vbaFreeObj
__vbaHresultCheckObj
Kt gSK
Hippometric
Outfeast
V7ue.
Chimolitha
Nuwara
(Dyeleaves0
Bhurhanuddin
Phelonion4
Unstacker
Pardanthus
Pardanthus
Phelonion4
Appay6
Ponticular2
Ponticular2
Collocations0
Congton
Congton
Dyeleaves0
Tankful5
Gyropigeon
Gyropigeon
Bhurhanuddin
Afternight7
Smyrnean7
Smyrnean7
Chimolitha
Paradoxman8
Unreimbodied7
Unreimbodied7
Nuwara
Unapparent8
Portative6
Portative6
Bluevelvet
Chloanthite
Chloanthite
Unstacker
Adelea
Ghorashy5
Barless
Barless
Hippometric
Alabaster
Rizhenko6
Rizhenko6
Outfeast
Phlebopexy7
V7ue.
Preboist
Microcycles
Microcycles
Geoffery8
MSVBVM60.DLL
_CIcos
_adj_fptan
__vbaFreeVar
__vbaLenBstr
__vbaEnd
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaObjSet
__vbaCyAdd
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaCyI2
__vbaCyI4
DllFunctionCall
__vbaRedimPreserve
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaFpCmpCy
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaNew2
__vbaInStr
__vbaCyMulI2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaI4Var
__vbaAryLock
__vbaVarDup
__vbaFpI2
_CIatan
__vbaStrMove
__vbaR8IntI4
__vbaI4Cy
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr
(qWbK3
PZZJn^^qi
fWC7u
fe:V& L
(FbGa"
kmm-;v
R[[K}}
%%%TVV
B!|>n
Q__OII
,YB}}=
bN,))a
/bbDu4
PpE"47
W&8bA\
tttPYY
JL>*SUP
Ds;q*N
<nP5rK
mTVVJ&`m
kGsz)
=L.u2c
LiM5x=
9)e777
_VIKG+
/fP<~,
7\z6G:n
~;mmmx
g>3`9UU
z:(,,"
@8Byn>
:n_.nGhH
MuPYRB
WH^~1W_s-
. GU8p
ommmL
/@\3o'^+DY
wRXXHa
,-bBy)j4L
8L())"
~/E>'}
P~+//`ry
rW]kkk
MMMro@&
PVVFuu5
>AFvEX
6TWWS]]
bv-++K
1#IC>}
o Df i
3fHfn/
y'eeel
O<!M^---
!i\D_D
S^^._r
P^^.Mjv
~cc#uuu
QSSCmm-
*Z[[%1>
***(//
I*/77W
/^LCCC
^~yy9w
8p@ZHD[
gmGMMMR
\7LEUU
p}uuutuu
uTVVRRR
4rrr(..f
ZGEEEZ&#
EEErm?
!8QeY[[[R
s+y>WV
4-)PI
><h=555R
^/555tvvJ/Bk
]UUE~~
E$&5qM
EQ!yazZ
%>^@cT
%tEXtdate:create
2015-04-23T07:14:55-05:00k%
%tEXtdate:modify
2013-02-02T05:39:20-06:00
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="Riltroccha Ralocchia"/>
processorArchitecture="X86"
name="Riltroccha Ralocchia"
type="win32"/>
<description>Riltrocchi RalocchioFiltroccha RalocchioRiltrocchi RalocchiaFiltrocchiaMalocchiaFiltrocchioMalocchia</description>
<!-- Identify the application security requirements. -->
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel
level="asInvoker"
uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
PPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDIN
Ultranet
Wegner2
Otosalpinx
Ethered
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
040504B0
Comments
Geacata
CompanyName
Windows
FileDescription
Geacata
ProductName
Orphancy
FileVersion
1.09.0005
ProductVersion
1.09.0005
InternalName
Braggat0
OriginalFilename
Braggat0.exe
Antivirus Signature
Bkav W32.AIDetect.malware1
Lionic Trojan.Win32.VBKrypt.tqRV
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
FireEye Generic.mg.6d3632abf3c43b6d
CAT-QuickHeal Clean
ALYac Trojan.Agent.DXTX
Cylance Unsafe
VIPRE Clean
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Trojan.Agent.DXTX
K7GW Trojan ( 00502b1a1 )
K7AntiVirus Trojan ( 00502b1a1 )
Baidu Clean
Cyren W32/Injector.YKAB-2853
Symantec W32.Tapin
ESET-NOD32 Win32/AutoRun.Delf.LV
APEX Malicious
Paloalto generic.ml
ClamAV Win.Trojan.VBGeneric-6989114-0
Kaspersky Trojan.Win32.VBKrypt.xupa
Alibaba Clean
NANO-Antivirus Trojan.Win32.VBKrypt.ewdbrj
ViRobot Trojan.Win32.Agent.1576960.B
MicroWorld-eScan Trojan.Agent.DXTX
Rising Trojan.Injector!1.B459 (CLASSIC)
Ad-Aware Trojan.Agent.DXTX
Sophos ML/PE-A + Mal/FareitVB-I
Comodo TrojWare.Win32.Fareit.RGY@7qlz41
F-Secure Clean
DrWeb Trojan.Siggen6.55368
Zillya Trojan.VBKrypt.Win32.302131
TrendMicro TSPY_HPFAREIT.SME
McAfee-GW-Edition BehavesLike.Win32.DistTrack.tm
CMC Clean
Emsisoft Trojan.Agent (A)
SentinelOne Static AI - Malicious PE
GData Trojan.Agent.DXTX
Jiangmin Trojan.VBKrypt.cgtc
Webroot Clean
Avira HEUR/AGEN.1126331
MAX malware (ai score=82)
Antiy-AVL Trojan/Generic.ASMalwS.23994B5
Kingsoft Clean
Gridinsoft Trojan.Win32.Kryptik.ka!n
Arcabit Trojan.Agent.DXTX
SUPERAntiSpyware Trojan.Agent/Gen-PonyStealer
ZoneAlarm Trojan.Win32.VBKrypt.xupa
Microsoft VirTool:Win32/VBInject.YA!MTB
AhnLab-V3 Win-Trojan/VBKrypt.RP.X1764
Acronis suspicious
McAfee DistTrack!6D3632ABF3C4
TACHYON Trojan/W32.VB-VBKrypt.1576960.B
VBA32 Trojan.VBKrypt
Malwarebytes Qbot.Backdoor.Stealer.DDS
Panda Trj/Genetic.gen
Zoner Trojan.Win32.82457
TrendMicro-HouseCall TSPY_HPFAREIT.SME
Tencent Malware.Win32.Gencirc.10b09472
Yandex Trojan.GenAsa!z1jxJcx+Gmw
Ikarus Worm.Win32.AutoRun
eGambit Unsafe.AI_Score_100%
Fortinet W32/Injector.DJYO!tr
BitDefenderTheta Gen:NN.ZevbaF.34126.Gn0@auQ1sGgO
AVG Win32:TrojanX-gen [Trj]
Cybereason malicious.bf3c43
Avast Win32:TrojanX-gen [Trj]
MaxSecure Trojan.Malware.300983.susgen
No IRMA results available.