Analysis Date2014-11-19 21:50:31
MD5cb0023925f64f3e5b15650498d97995b
SHA1d70891d681434265d4272431f728bdce5ea67c09

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
PEhashe9983cd4623522af33ed189efcef611644676559
IMPhash
AV360 Safeno_virus
AVAd-Awareno_virus
AVAlwil (avast)VBInject-Q [Trj]
AVArcabit (arcavir)no_virus
AVAuthentiumW32/VBcrypt.I.gen!Eldorado
AVAvira (antivir)TR/Inject.295564
AVBullGuardno_virus
AVCA (E-Trust Ino)no_virus
AVCAT (quickheal)no_virus
AVClamAVno_virus
AVDr. Webno_virus
AVEmsisoftno_virus
AVEset (nod32)Win32/RiskWare.PEMalform.E
AVFortinetW32/Injector.ATCM!tr
AVFrisk (f-prot)W32/VBcrypt.I.gen!Eldorado
AVF-Secureno_virus
AVGrisoft (avg)no_virus
AVIkarusTrojan.VBInject
AVK7no_virus
AVKasperskyTrojan.Win32.VB.cjwp
AVMalwareBytesno_virus
AVMcafeeno_virus
AVMicrosoft Security EssentialsVirTool:Win32/VBInject.gen!LD
AVMicroWorld (escan)no_virus
AVRisingno_virus
AVSophosno_virus
AVSymantecno_virus
AVTrend Microno_virus
AVVirusBlokAda (vba32)no_virus

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

Network Details:


Raw Pcap

Strings
Dj

()208
30#6!
6'8*2<;2
A.9)
*\AD:\Duflamongo\30\SOvL.vbp
af5cVMzP9
D.ZVRVRVRV
e651A8940-87C5-11d1-8BE3-0000F8754DA1
EJJNU
GetFile
iyWxPjJ4Knl
jHK0uZzNB
neTueGooenou
P2jIRvKbk
PcuOI5
rA133F000-CCB0-11d0-A316-00AA00688B10
RNDA
SaU4
Size
UUUQZF
wrJbCO
&0o&9C~A`m
 \1===I
1Wkv)J_N)GY3+Yt"8n
35ceZs
3XlM*Pi
) 5=<B
98868#
!!+,`a
%'),]a
!%,-ad
Add New
AllowAddNew
AllowArrows
AllowDelete
AllowUpdate
Appearance
.;Apr,n
AUs&FXlE
!+,-a^w
BackColor
 \[=?BAF~
(Bill Rate)
b]jGFFHHKHKHH
BorderStyle
BoundText
Category Code :
Category Name :
ClamAV - A GPL virus scanner - http://www.clamav.net
CloseHandle
cmbField
cmbOperator
cmdAddNew
cmdExpandRecordset
ColumnHeaders
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
C:\Program Files (x86)\Microsoft Visual Studio\VB98\vbc22608.oca
`C:\Program Files (x86)\Microsoft Visual Studio\VB98\vbc29208.oca
CreateFileW
CtxtParentDate
%'+[^d
`.data
DataCombo
DataFormats
DataGrid
DataGrid1
DataMember
DataSource
DefColWidth
DefWindowProcA
DTPicker
$dzIKNUYS
Ek{T/Ym
erftghnbh
Field :
ForeColor
Frame1
frameDatagrid
FreeLibrary
F^t EZh$Lc_H
FuckBitDeffende
General Item
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
"G_{+L``1M`I.FWC>\jiHjx
h;"6or#D
%_HGJNSW
 Ib{&J`iN
Issue Rate :
Item Type :
j9CbMt
$\j?EGHHJJJJH
JggHH#
&Kbk/NbO1M_'
!Kdr(Mc^A~
Kei#KbX-h
kernel32
KERNEL32
kernel32.dll
KerOcx
KhggH%
k{lbsa
Koigg%
Label1
Label2
Label3
lblParentDate
lblParentMain
lblParentMaster1Main
lblParentMaster1Normal
lblParentMaster2Main
lblParentMaster2Normal
lblParentMaster3Main
lblParentMaster3Normal
lblParentMaster4Main
lblParentMaster4Normal
lblParentMaster5Main
lblParentMaster5Normal
lblParentNormal
$LdZ%Lc1 F\
#Lfg*NcS/OcI-HXN
#Lfs&MeX,NcF,HZ-
LoadLibraryA
Locate a record
MAPO8c
Medicine
Medicine Code :
Medicine Name :
Medicines / General Items
%^mGLSWSU
MSCOMCT2.OCX
MSComCtl2
MSComCtl2.DTPicker
MSDataGridLib
MSDataGridLib.DataGrid
MSDataListLib
MSDataListLib.DataCombo
MSDATGRD.OCX
MSDATLST.OCX
MS Sans Serif
mU3D9S
nGHF~~HHHH~~
"Nj^'PhK5~
Nyoih'
\o==BBF
'oCBBBBD
OpenProcess
optGeneral
optMedicine
 P\002
Packing :
P\??EFFHFHJJH
Pk=??FFHHJJKH
%PkR*Qi@6
pmbbQNKKJ9N
poledr
Process32First
Process32Next
Product Name :
(Purchase Rate)
P{yyi)EFWIUC
qC:\Program Files (x86)\Microsoft Visual Studio\VB98\vbc30554.oca
,Qgx&Kb1)Sl
r~~DH~~~~~D
ReadFile
Receipt Rate :
RightToLeft
RowMember
RowSource
RtlMoveMemory
Search  (Click on row to locate that record. Press Esc to hide this box)
Select record from drop down list
sslss~
Supplier Code :
Supplier Name :
Supplier's City :
SystemParametersInfoW
TabAcrossSplits
TabAction
TerminateProcess
!This file was created by ClamAV for internal use and should not be run.
txtMasterParent1Normal
txtMasterParent2Normal
txtMasterParent3Normal
txtMasterParent4Normal
txtMasterParent5Main
txtMasterParent5Normal
txtParentDate
txtParentMain
txtParentMaster1Main
txtParentMaster1Normal
txtParentMaster2Main
txtParentMaster2Normal
txtParentMaster3Main
txtParentMaster3Main(0)
txtParentMaster3Normal
txtParentMaster4Main
txtParentMaster4Main(0)
txtParentMaster4Normal
txtParentMaster5Main
txtParentMaster5Main(0)
txtParentMaster5Normal
txtParentNormal
txtSearchValue
txtStr
txtWarranty Over Date :
uigigigig
Unit :
-_\UQw
user32.dll
USer32.DlL
Value :
VBA6.DLL
"%'VbzEEJMHHHIIINI
"%%V}tEBJDHDIHNHIN
wEFFIIHIIIII
WrapCellPointer
WriteProcessMemory
(*++%X
#')XnBEDDDDHHMNNNI
%%'XnEEBDDHDHMNNNI
/Xn~$LdK"=NK/l
$?xsCcut[
"%%XuCEJJDDHMHHNMI