Sample details: 0093f9e306b951050048571228a95e36 --

Hashes
MD5: 0093f9e306b951050048571228a95e36
SHA1: a3d4152794216cbcfaa2d06d7bdd4bb567453c4f
SHA256: 505d65990d8f978a232be732ab866ec26ef5c37ee66ca9af422299c9b8f6323d
SSDEEP: 384:e7ADNmMdoCsLgQt6kJ1rn9HaQHze7JkFFmhm2hBgHqDBYIOF1A5YsnYPLrdipeMC:Uomk1g8zFkzmhmxIOjm3lU
Details
File Type: PE32+
Yara Hits
YRP/Microsoft_Visual_Cpp_80 | YRP/Microsoft_Visual_Cpp_80_DLL | YRP/IsPE64 | YRP/IsConsole | YRP/HasOverlay | YRP/HasDigitalSignature | YRP/HasDebugData | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/anti_dbg | YRP/win_registry | YRP/win_files_operation |
Parent Files
3cfb5ac298abec347907f1e1b310ad0e
Strings
		!This program cannot be run in DOS mode.
mARich
`.rdata
@.data
.pdata
@.rsrc
SVWATH
\$`fff
8A\_^[
LcA<E3
=YYYYu
HcD$0Hk
HcL$0Hk
HcD$0Hk
HcD$0Hk
HcL$0H
|$ ATH
bad allocation
[%02d-%02d %02d:%02d:%02d (T%d)]: 
[%02d-%02d %02d:%02d:%02d (T%d)]: 
iscmInitLib
iscmFiniLib
iscmGetAppCtrlUnitEx
iscmIsProductLicensedEx
GetSystemWow64DirectoryW
PreSnapshotOperation2
PostSnapshotOperation2
StartSnapshot
FinishSnapshot
PreSnapshotOperation2
StartSnapshot
PostSnapshotOperation2
PreSnapshotOperation
FinishSnapshot
PostSnapshotOperation
c:\development\IMA\current\src\output\x64\Release\AppLaunch64.pdb
MFC80U.DLL
wcscmp
_wcsicmp
_swprintf
_wcsupr
wprintf
memset
wcschr
_wcsnicmp
memcpy
wcscat
wcstombs
wcscpy
sscanf
strcpy
strncpy
wcsncpy
wcslen
wcsrchr
_time64
_localtime64
sprintf
strcat
strlen
wcsstr
MSVCR80.dll
__C_specific_handler
_unlock
__dllonexit
_encode_pointer
_onexit
_decode_pointer
_amsg_exit
__wgetmainargs
_XcptFilter
_cexit
__winitenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
FreeLibrary
IsWow64Process
GetCurrentProcess
OpenEventW
SetEvent
CloseHandle
CreateEventW
ResetEvent
WaitForSingleObject
GetLastError
LoadLibraryW
GetProcAddress
GetCommandLineW
GetModuleHandleW
GetCurrentThreadId
CreateFileW
SetFilePointer
WriteFile
WideCharToMultiByte
GetCurrentDirectoryW
lstrlenW
lstrcatW
lstrcpyW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
KERNEL32.dll
wsprintfW
wvsprintfW
USER32.dll
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
ADVAPI32.dll
__CxxFrameHandler3
.?AVtype_info@@
.?AVCExLog@@
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity name="FalconStor.RD.IMA" processorArchitecture="amd64" version="1.0.0.0" type="win32"></assemblyIdentity><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.VC80.CRT" version="8.0.50727.762" processorArchitecture="amd64" publicKeyToken="1fc8b3b9a1e18e3b"></assemblyIdentity></dependentAssembly></dependency><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.VC80.MFC" version="8.0.50727.762" processorArchitecture="amd64" publicKeyToken="1fc8b3b9a1e18e3b"></assemblyIdentity></dependentAssembly></dependency><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="amd64" publicKeyToken="6595b64144ccf1df" language="*"></assemblyIdentity></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="requireAdministrator" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo></assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD0
Western Cape1
Durbanville1
Thawte1
Thawte Certification1
Thawte Timestamping CA0
121221000000Z
201230235959Z0^1
Symantec Corporation100.
'Symantec Time Stamping Services CA - G20
http://ocsp.thawte.com0
.http://crl.thawte.com/ThawteTimestampingCA.crl0
TimeStamp-2048-10
Symantec Corporation100.
'Symantec Time Stamping Services CA - G20
121018000000Z
201229235959Z0b1
Symantec Corporation1402
+Symantec Time Stamping Services Signer - G40
http://ts-ocsp.ws.symantec.com07
+http://ts-aia.ws.symantec.com/tss-ca-g2.cer0<
+http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
TimeStamp-2048-20
VeriSign, Inc.1
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA0
130405000000Z
160603235959Z0
New York1
Melville1
Falconstor Software1>0<
5Digital ID Class 3 - Microsoft Software Validation v21
Falconstor Software0
/http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D
https://www.verisign.com/rpa0
http://ocsp.verisign.com0;
/http://csc3-2010-aia.verisign.com/CSC3-2010.cer0
AI9/wUe
VeriSign, Inc.1
VeriSign Trust Network1:08
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
<VeriSign Class 3 Public Primary Certification Authority - G50
100208000000Z
200207235959Z0
VeriSign, Inc.1
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA0
https://www.verisign.com/cps0*
https://www.verisign.com/rpa0
[0Y0W0U
	image/gif0!0
#http://logo.verisign.com/vslogo.gif04
#http://crl.verisign.com/pca3-g5.crl04
http://ocsp.verisign.com0
VeriSignMPKI-2-80
VeriSign, Inc.1
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA
Symantec Corporation100.
'Symantec Time Stamping Services CA - G2
140812045757Z0#