Analysis Date2014-01-14 08:08:03
MD55d35b91246ac0aa0cc9a1df874b9f4f3
SHA190b110ab662b902fec7dbdc3d28069cb5cf95c8c

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: a22ee8d0ed74b20d6d3be5fcdfdf2cdf sha1: 4afd093b3e2ba4ba785fe8edf2cfafcae39f9bfb size: 147456
Section.data md5: d41d8cd98f00b204e9800998ecf8427e sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 size: 0
Section.rsrc md5: c7de9470a97f2389f5b90097b6489a7b sha1: 62b8398362351743974903b8040c76e9b2d3f38f size: 49152
Timestamp2005-10-02 03:13:04
VersionLegalCopyright: Entusiasto peaceable
InternalName: sulphonamido
FileVersion: 0.50
CompanyName: Entusiasto peaceable
LegalTrademarks: Entusiasto peaceable
Comments: Entusiasto peaceable
ProductName: Entusiasto peaceable
ProductVersion: 0.50
FileDescription: Entusiasto peaceable
OriginalFilename: sulphonamido.exe
PackerMicrosoft Visual Basic v5.0 - v6.0
PEhash23f761215ccf58b6d81dc3ab8b583e4513f0ea5e
AVmcafeeVBObfus.da
AVavgWin32/Cryptor

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Creates FileC:\Documents and Settings\Administrator\Local Settings\Temp\4b2c_appcompat.txt
Creates FilePIPE\lsarpc
Creates ProcessC:\WINDOWS\system32\dwwin.exe -x -s 336

Process
↳ C:\WINDOWS\system32\dwwin.exe -x -s 336

Network Details:


Raw Pcap

Strings
0123456789 -
040904B0
0.50
1111110,0110000,1101101,1111001,0110011,1011011,1011111,1110000,1111111,1111011,0000000,0000001
Comments
CompanyName
Enabled
Entusiasto peaceable
_extentx
_extenty
FileDescription
FileVersion
hwnd
info
InternalName
Left
LegalCopyright
LegalTrademarks
Name
OriginalFilename
ProductName
ProductVersion
RW_BackAngle
RW_BackColor1
RW_BackColor2
RW_BackMiddleOut
RW_BorderColor1
RW_BorderColor2
RW_BorderMiddleOut
RW_BorderWidth
RW_GenerateEvent
RW_LED_BurnInColor
RW_LED_DigitColor
RW_LED_ShowBurnIn
RW_PBarColor1
RW_PBarColor2
RW_PopInterval
RW_ShowLED
ScaleMode
Show
Static
StringFileInfo
sulphonamido
sulphonamido.exe
Theme
tModule
Translation
UD_ArrowColor
UD_AutoIncrement
UD_BorderColor1
UD_BorderColor2
UD_BorderMiddleOut
UD_BorderWidth
UD_ButtonColor1
UD_ButtonColor2
UD_ButtonDownAngle
UD_ButtonDownMidOut
UD_ButtonUpAngle
UD_ButtonUpMidOut
UD_DisArrowColor
UD_DisBorderColor1
UD_DisBorderColor2
UD_DisButtonColor1
UD_DisButtonColor2
UD_FocusBorderColor1
UD_FocusBorderColor2
UD_IncrementInterval
UD_Orientation
UD_ScrollDelay
UD_SwapDirections
Value
ValueIncrCtrl
ValueIncrement
ValueIncrShift
ValueIncrShiftCtrl
ValueMax
ValueMin
VarFileInfo
VS_VERSION_INFO
Wrap
ZPSNZRL4
'''''''''')''''''.'')')')''''''
03Nitt
0BONONHGadwkkkr
"1/#"%+/``0%
1x5i @t
2222222222222222222222222222222222222222222
2@GD8<<a^kkk]q
$%2Niivv
-3DF8<Ea[]^kk]
"$3GIihvnsrr}
$3HHhgjnnjrr
)3SYWWvho
"%!%425
58<=IA?KIKS
66;:::::;;;JNNJHIGLN
6s~d9s
6swG8sk}9sT
7s2m8sEm8s6n8sIn8s
7sh;:sOp8s
@8CCCC>C{~Q|
#8-DEI_am^m^^m
#8DF<E_a[^^^\k
$8DFEF<aa^^^^^
%8DHSdddammmr
# 8GIIJaammmmm
:!9--:4#
AADDDA>A>AB?BBCE@>>ABBCE@>>>?A
AMorphRangeRoamer2
Angle in degrees of UpDown buttons when they are clicked down.
Arrow color for UpDown buttons.
>>>>>@BA?ADB?>>?>@FEBB?>>>>>>@
>>>>>>>>>>>>>>>>@BB>>>>>>>>>>>
bdqakgzmdjao
bdqakgzmdjao"
BitBlt
Blue Moon
Both Horizontal and Vertical UpDown layouts are supported.
Button
Button arrow color when control is disabled.
BwQm\N9
CallWindowProcA
cddZrqq
cdTeeq
Change
Check1
Check2
Color of the RangeWindow LED digits.
Color of the simulated LED 'burned in' digits.
Color Schemes
C:\Program Files\Microsoft Visual Studio\VB98\VB6.OLB
CreateCompatibleBitmap
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateSolidBrush
CreateWindowExA
ctsssr
Cyan Eyed
$D8E8CCZ[^]^^^
`.data
>>>>>>@DBBCCGED>>>BECFB>>>>>AD
DD>A>A>>>@BEEBBBA>>BECEC>>>>>@
DDFDHHHHEDDDECGHCD>>?BCDBBA>>>
#:DED'<[[^^]^^
DeleteDC
DeleteObject
DestroyWindow
DFFDEFDHHHDEHHGGHCEA>@BCEBA?>?
DllFunctionCall
EEEECQE{Q{
Enabled
Enabled Demo
E~QQQDEQD8@P>C>E{
EVENT_SINK_AddRef
EVENT_SINK_QueryInterface
EVENT_SINK_Release
f2r}G0QC|
FDDDFDBBAAAAGCGBC@>>@BCECA>>@B
FillRgn
First gradient color of the RangeWindow progress bar.
First gradient color of UpDown buttons.
For this simple color picker, the three controls have their RW_GenerateEvent property set to True. That means that when you drag the RangeWindow progressbar, a Change event is generated as the .Value changes. The reason I included this property
Frame1
Frame2
Frame3
gdi32.dll
General
;General
GetCursorPos
GetMenuContextHelpId
GetProcessWindowStation
GetRgnBox
GetScrollRange
GetTickCount
$:GIKWdnmmmj
Golden Goose
Gradient angle in degrees when button is in its unclicked state.
Gradient middle-out status of UpDown button when button is clicked down.
Gradient middle-out status when button is in its unclicked state.
Green With Envy
Gunmetal Grey
%=H@F5- 3
HHFFDFFFFEEDHHHHHHE>ABDBFCEEAD
HHHHHHHFFFFFFFEHNHHELHLHHHED4(
HHNNHHFFFFFEHHHHHHHBB?DHCGHEG>
"$:HSWuvnszz
I7B?BIBAAP
If True, Change event is thrown when mouse drags the progress bar and a MouseMove event is triggered.  Otherwise, a Change event is only thrown when a MouseUp occurs.
If True, sets increments: regular increment=1, CtrlIncr=1% of range, ShiftIncr=5% of range, CtrlShiftIncr = 10% of range.
If True, simulated LED 'burned in' digits are displayed.
If True, swaps UpDown button  increments - i.e., Up decrements and Down increments the .Value property.  Useful in navigating images.
If True, the LED .Value display is shown in the RangeWindow.  If False, only the ProgressBar is shown.
If True, values wrap around back to the beginning or end when ValueMin or ValueMax values are exceeded while clicking UpDown buttons.
is that there may be situations where you will not want the RangeWindow to throw all those progressbar Change events - for example, if you use this control to cycle through bitmaps in a PictureBox. Loading and displaying images can be time-consuming, so in these kinds of apps, when RW_GenerateEvent is False, a Change event is only thrown when MouseUp occurs while the RangeWindow is active.  In a color picker like this, however, it's nice to see the colors change as you drag the RangeWindow progressbar so RW_GenerateEvent is set to True here.
-&i^,,^````V
iwiH2i
kernel32
Label1
Label2
Label3
Label4
Label5
lblHex
Libytheidae
LocalAlloc
L)O\TL/OTT1
MethCallEngine
mg6H']z6
MorphRangeRoamer
MorphRangeRoamer1
MorphRangeRoamer2
MorphRangeRoamer3
MorphRangeRoamer Demo - Matthew R. Usner
MouseDown
mouse_event
MouseMove
MouseUp
MoveWindow
M)QT\L+QTT$
mrrBlue
mrrGreen
mrrRed
MSVBVM60.DLL
new_Enabled
New_RW_BackAngle
New_RW_BackColor1
New_RW_BackColor2
New_RW_BackMiddleOut
New_RW_BorderColor1
New_RW_BorderColor2
New_RW_BorderMiddleOut
New_RW_BorderWidth
New_RW_GenerateEvent
New_RW_LED_BurnInColor
New_RW_LED_DigitColor
New_RW_LED_ShowBurnIn
New_RW_PBarColor1
New_RW_PBarColor2
New_RW_PopInterval
New_RW_ShowLED
New_Theme
New_UD_ArrowColor
New_UD_AutoIncrement
New_UD_BorderColor1
New_UD_BorderColor2
New_UD_BorderMiddleOut
New_UD_BorderWidth
New_UD_ButtonColor1
New_UD_ButtonColor2
New_UD_ButtonDownAngle
New_UD_ButtonDownMidOut
New_UD_ButtonUpAngle
New_UD_ButtonUpMidOut
New_UD_DisArrowColor
New_UD_DisBorderColor1
New_UD_DisBorderColor2
New_UD_DisButtonColor1
New_UD_DisButtonColor2
New_UD_FocusBorderColor1
New_UD_FocusBorderColor2
New_UD_IncrementInterval
New_UD_Orientation
New_UD_ScrollDelay
New_UD_SwapDirections
New_Value
New_ValueIncrCtrl
New_ValueIncrement
New_ValueIncrShift
New_ValueIncrShiftCtrl
New_ValueMax
New_ValueMin
New_Wrap
NNOOOOPNTQPNPNNPTVWVNNNPPPPNPO
NPPNNTVVQQVYWNNONQVXZVTNNNONNN
NRNPNTVVVQVYXVPNNNVZXZQNPNPNQQ
Occurs when the user presses the mouse button while an object has the focus.
Occurs when the user releases the mouse button while an object has the focus.
OffsetRgn
olepro32.dll
OleTranslateColor
One of eight predefined color schemes for the control.
OOONNNNQQQQNPNNNNVYXVNPPNPNNQN
Option1
Option2
Option3
Option4
Option5
Option6
Option7
Option8
Orientation of UpDown - vertical or horizontal.
PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD
Penny Wise
Perenni
Perenni.MorphRangeRoamer
picBlue
picGreen
picRed
picRGB
Picture1
^,^^`pprddbb
ProcCallEngine
Purple People Eater
QCEDDEQ{Q||E||||
RangeWindow
;RangeWindow
RangeWindow background first gradient color.
RangeWindow background gradient angle, in degrees.
RangeWindow background gradient middle-out status.
RangeWindow background second gradient color.
RangeWindow border first gradient color.
RangeWindow border gradient middle-out status.
RangeWindow border second gradient color.
Rebroadcast Agrostography Baroscopical
Red Rum
rnobdhs
RRRRRRRVYYYXXYVQPPTVZXVQNNNPQX
RTVVr}m}|}~
R;VB5!6&*
RW_BackAngle
RW_BackColor1
RW_BackColor2
RW_BackMiddleOut
RW_BorderColor1
RW_BorderColor2
RW_BorderMiddleOut
RW_BorderWidth
RW_GenerateEvent
RW_LED_BurnInColor
RW_LED_DigitColor
RW_LED_ShowBurnIn
RW_PBarColor1
RW_PBarColor2
RW_PopInterval
RW_ShowLED
Second gradient color of the RangeWindow progress bar.
Second gradient color of UpDown buttons.
SelectClipRgn
SelectObject
SetPixelV
SetWindowPos
ShowWindow
\\\SSS]NNNNKKKIIIIEE>>E====
StretchDIBits
sulphonamido
SystemParametersInfoA
T""&H8FIEaabm^^m
The delay, in milliseconds, between the time an UpDown button is first held down and the start of value scrolling.
The lower value in the value range.
The time, in milliseconds, between an UpDown button being held down and the appearance of the RangeWindow.
The upper value in the value range.
The value being manipulated by the UpDown and RangeWindow.
The value increment when no keys are held down while clicking an UpDown button.
The value increment when the Ctrl and Shift keys are held down while clicking an UpDown button.
The value increment when the Ctrl key is held down while clicking an UpDown button.
The value increment when the Shift key is held down while clicking an UpDown button.
!This program cannot be run in DOS mode.
Time, in milliseconds, between value changes when UpDown button is held down.
])\:\\$T<\T8)
]\T\\T\T
\T\\T\T
\\\\\T\T\T\TYT$
TTTVWYTTTTTQQ[[YYVQQVZVXYQNNVW
TTTWWWTRRQNVYYY[YTQNVYVZVNPNQV
TWWWTTQPTNRTV[YYQTNQVXZVQNNNNQ
TZTTWTTTTQRVVYVVVQQPVYZVVQNPVY
u8s8u8s
u8szo8s)
UD_ArrowColor
UD_AutoIncrement
UD_BorderColor1
UD_BorderColor2
UD_BorderMiddleOut
UD_BorderWidth
UD_ButtonColor1
UD_ButtonColor2
UD_ButtonDownAngle
UD_ButtonDownMidOut
UD_ButtonUpAngle
UD_ButtonUpMidOut
UD_DisArrowColor
UD_DisBorderColor1
UD_DisBorderColor2
UD_DisButtonColor1
UD_DisButtonColor2
UD_FocusBorderColor1
UD_FocusBorderColor2
UD_IncrementInterval
UD_Orientation
UD_ScrollDelay
UD_SwapDirections
UpDown
;UpDown
UpDown border first gradient color.
UpDown border first gradient color when control has the focus.
UpDown border first gradient color when control is disabled.
UpDown border second gradient color.
UpDown border second gradient color when control has the focus.
UpDown border second gradient color when control is disabled.
UpDown button first gradient color when control is disabled.
UpDown button second gradient color when control is disabled.
UpDown gradient border middle-out status.
user32
UserControl
uuv[6 
uuvfT6 
ValueIncrCtrl
ValueIncrement
ValueIncrShift
ValueIncrShiftCtrl
ValueMax
ValueMin
VBA6.DLL
__vbaExceptHandler
V\\\\T\T
vwvvvvvvvvvvvvvvvvvvvvvvv
WaitForMultipleObjectsEx
Welcome to MorphRangeRoamer, my attempt to overcome the range-handling shortcomings of the UpDown and Slider controls by seamlessly integrating them into one graphical control.  The idea is to provide the enormous range-selecting capability of the Slider as well as the precision of the UpDown in one easy-to-use package. If you have any bug reports or suggestions, feel free to leave a comment, and votes are always appreciated! Enjoy.
Width, in pixels, of the RangeWindow border.
Width, in pixels, of UpDown border.
WNTNRNNNQY[]\VYVWPVVXZ[QTNQNVQ
WQVTPTRRRRVV[[VYQNNQXZVVQNNNNN
wwwwwwwwwwwwwwwwwwwwwww
W\W]Y[ZYXRQNVYYYYVVV
XqfXfgn_nYUo
XWesl0fzc_\u
.xxxi0kt
XX__YppWnX
]]X\Y\\T\T\Y
XYYYYD
Y\TWYZYYYVNRQYZ[[VVVQ
Y\VXYYYYYVNQQY[VYQNQQ
Y\XTQZ\]\
YYVTTTWYZ[YQPNQYVXYVPQPV
]Y]YWTTQWYY\]YVY
YYYQVTWYXXZYQRQYZYVVQQQQ
\YYYVTQQX]\X\YW=
\Z\T\T\T
\\\Z\T\TYW\WTX032312032
\Z\T\\T\YY\[YT+
\ZT\YT
Z[V[['[canu
Z\Y\T\T\T\YY[YYWVTQQY[\\XYV
Z\\ZT\\T\\T0
\ZZT\Y\TYTTT)L
Z\Z\\Y\T\T\T\$