Sample details: 018dd6ac2aa9d97d287ecc275f775218 --

Hashes
MD5: 018dd6ac2aa9d97d287ecc275f775218
SHA1: 9d4770800c5cc5c3cd5a1686b309432e59633328
SHA256: 6f31c871228f235f78a29b5ac78539691ec1d52f49bd2669b362ecedf8c446bd
SSDEEP: 3072:zCpmFp0CHDZG1yl4L8KtYM+Y1pUKfXR0WxL/BniCv2lTag91STXzozeSStZKD+:zCweCHg14pKq4zNR7x/BZeNagHSPr
Details
File Type: PE32
Yara Hits
YRP/Armadillo_v171 | YRP/Microsoft_Visual_Cpp_v60 | YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional | YRP/Microsoft_Visual_Cpp_50 | YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/Armadillo_v171_additional | YRP/Armadillo_v4x | YRP/Microsoft_Visual_Cpp | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/win_files_operation |
Source
http://fruploadtool.com/arbayt/creed.exe
Strings
		!This program cannot be run in DOS mode.
}=5g}6M
}Rich4M
`.rdata
@.data
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
t.;t$$t(
VC20XC00U
V32Session.cfg
EV_HMAC_OID_INTEL_ROAM_AGGRESSIVENESS
MsiPreviewBillboardW
msi.dll
runtime error 
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program: 
<program name unknown>
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
LoadIconA
SendMessageW
CreateWindowExA
GetClientRect
CreateWindowExW
SetWindowLongW
GetMenuItemCount
DestroyIcon
ClientToScreen
TrackPopupMenu
SetWindowTextW
GetActiveWindow
LoadStringW
UnregisterClassA
ReleaseDC
GetMenuStringW
PtInRect
SetWindowPos
CheckMenuItem
GetMenu
SetActiveWindow
DrawFocusRect
SetMenuItemInfoA
USER32.dll
OleQueryLinkFromData
OleInitialize
ole32.dll
VirtualAlloc
GetProcAddress
LoadLibraryA
EnterCriticalSection
WideCharToMultiByte
TerminateProcess
SetFilePointer
MultiByteToWideChar
GetModuleHandleW
SetLastError
ExitProcess
InterlockedExchange
FreeLibrary
WriteFile
SetFilePointerEx
CloseHandle
GetLastError
WaitForSingleObjectEx
WaitForSingleObject
GetModuleHandleA
QueryPerformanceCounter
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
KERNEL32.dll
GetStartupInfoA
GetCommandLineA
GetVersion
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetCurrentThread
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
InitializeCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW