Sample details: 068a19ed3b36f77ce05371971973f7a4 --

Hashes
MD5: 068a19ed3b36f77ce05371971973f7a4
SHA1: 6dc798336ef4affc013cfb7ad725df8ef506970b
SHA256: bc6274a89a8511fbfee8c3a21a493e7898e649ea1a840c94ce8449be10a8e511
SSDEEP: 6144:kSVfGaQ6wDQ9tJvr2PfMLbw79wGSykVWeqCd+CtKIuBgyhmryRc2:kBatwDdHFpwGFcl+CYIuayhfc2
Details
File Type: PE32
Yara Hits
YRP/VC8_Microsoft_Corporation | YRP/Microsoft_Visual_Cpp_8 | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/anti_dbg | YRP/screenshot | YRP/keylogger | YRP/win_registry | YRP/win_private_profile | YRP/win_files_operation | YRP/win_hook |
Source
http://www.foxydance.cz/repository/ri.php
http://www.sabineclaire.com/girasoli/ri.php
http://134.0.117.224/itexe/stat.php
http://134.0.117.224/itexe/1100.exe
Strings
		!This program cannot be run in DOS mode.
qaRich
`.rdata
@.data
0A@@Ju
t h|sI
t$<"u	3
>=Yt1j
< tK<	tG
j@j ^V
t"SS9]
0SSSSS
PPPPPPPP
0SSSSS
0SSSSS
PPPPPPPP
URPQQh
t+WWVPV
uL9=0pI
;t$,v-
UQPXY]Y[
v	N+D$
locale information set according to the user preferences.
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
EncodePointer
DecodePointer
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
CorExitProcess
runtime error 
TLOSS error
SING error
DOMAIN error
An application has made an attempt to load the C runtime library incorrectly.
Please contact the application's support team for more information.
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program: 
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
GetProcessWindowStation
GetUserObjectInformationA
GetLastActivePopup
GetActiveWindow
MessageBoxA
USER32.DLL
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
DialogBoxParamW
MessageBoxW
DestroyWindow
CharUpperW
LoadStringA
LoadStringW
SetWindowTextW
DialogBoxParamA
InvalidateRgn
EnableWindow
LoadIconA
SetWinEventHook
UnregisterDeviceNotification
UnhookWinEvent
SendMessageA
RegisterDeviceNotificationA
LoadBitmapA
FindWindowA
IsIconic
DrawIcon
GetWindowTextA
PostMessageA
KillTimer
SetTimer
LoadCursorA
PostQuitMessage
IsZoomed
RedrawWindow
MessageBeep
OffsetRect
SystemParametersInfoA
WinHelpA
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
RegisterClipboardFormatA
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongA
SetActiveWindow
GetActiveWindow
CharUpperBuffA
GetCapture
CopyIcon
SubtractRect
GetIconInfo
GetDoubleClickTime
CreateMenu
GetWindowRgn
DestroyCursor
FrameRect
GetUpdateRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
IsClipboardFormatAvailable
GetDesktopWindow
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetFocus
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
MapVirtualKeyExA
IsCharLowerA
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawIconEx
DrawFocusRect
DrawFrameControl
DrawEdge
UnpackDDElParam
ReuseDDElParam
GetKeyState
IsWindowVisible
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
ShowOwnedPopups
MessageBoxA
GetLastActivePopup
GetWindowThreadProcessId
CopyRect
ReleaseDC
GetKeyNameTextA
MapVirtualKeyA
GetWindowPlacement
IntersectRect
SetWindowLongA
GetMenu
PtInRect
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
GetSysColor
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
GetMenuItemCount
GetMenuItemID
GetSubMenu
UpdateWindow
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
GetWindowTextLengthA
SetFocus
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
IsChild
SendDlgItemMessageA
RegisterWindowMessageA
CheckDlgButton
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
RemoveMenu
InsertMenuA
AppendMenuA
GetMenuStringA
InvalidateRect
IsRectEmpty
SetWindowRgn
SetCapture
ReleaseCapture
CopyAcceleratorTableA
SetRect
WindowFromPoint
WaitMessage
DeleteMenu
SetRectEmpty
GetSysColorBrush
LoadMenuA
PostThreadMessageA
DestroyMenu
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CharUpperA
GetAsyncKeyState
DestroyAcceleratorTable
LoadAcceleratorsA
CreateAcceleratorTableA
NotifyWinEvent
CreatePopupMenu
SetParent
SetClassLongA
GetSystemMenu
IsMenu
InflateRect
BringWindowToTop
LockWindowUpdate
EnumChildWindows
DrawStateA
OpenClipboard
CopyImage
DestroyIcon
LoadImageA
SetClipboardData
CloseClipboard
EmptyClipboard
CharNextA
GetNextDlgGroupItem
GetMenuItemInfoA
UnregisterClassA
TranslateAcceleratorA
InsertMenuItemA
GetWindowRect
USER32.dll
GetFileTitleA
COMDLG32.dll
ShellExecuteExA
SHBrowseForFolderA
ShellExecuteA
DragFinish
DragQueryFileA
SHGetPathFromIDListA
SHAppBarMessage
SHCreateDirectoryExA
SHGetSpecialFolderPathA
SHGetFileInfoA
SHELL32.dll
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
ADVAPI32.dll
ExtTextOutA
DeleteDC
SelectObject
SetDIBColorTable
CreateCompatibleDC
GetObjectA
CreateDIBSection
CreateBitmap
CreateRectRgnIndirect
PatBlt
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
DeleteObject
CreatePalette
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
TextOutA
GetStockObject
SelectPalette
GetObjectType
GetDeviceCaps
CreatePen
CreateSolidBrush
PtVisible
RectVisible
SetPixelV
GetTextFaceA
EnumFontFamiliesExA
GetSystemPaletteEntries
GetNearestPaletteIndex
SetPaletteEntries
ExtFloodFill
GetViewportOrgEx
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetWindowOrgEx
GetPaletteEntries
CreateHatchBrush
RoundRect
Rectangle
Polygon
Polyline
CreatePolygonRgn
GetMapMode
SetRectRgn
GetBkColor
SetPixel
StretchBlt
CombineRgn
RealizePalette
GetDIBits
GetTextExtentPoint32A
GetTextColor
CreateRoundRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateCompatibleBitmap
CreateFontIndirectA
CreateDIBitmap
OffsetRgn
GetRgnBox
Ellipse
LPtoDP
DPtoLP
CreateEllipticRgn
CopyMetaFileA
GDI32.dll
ImageList_GetIconSize
InitCommonControlsEx
COMCTL32.dll
GetProcAddress
SetCurrentDirectoryA
AreFileApisANSI
FormatMessageW
GetWindowsDirectoryA
SetFileTime
CreateFileW
SetFileAttributesA
RemoveDirectoryA
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryA
CreateDirectoryW
DeleteFileW
GetFullPathNameW
FindFirstFileW
FindNextFileA
WaitForMultipleObjects
ResetEvent
GetCommandLineW
WriteConsoleW
GetLastError
LoadLibraryA
GetModuleHandleA
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
CreatePipe
GetStartupInfoA
CloseHandle
WaitForSingleObject
OpenProcess
TerminateProcess
LocalFree
LocalAlloc
SuspendThread
TerminateThread
GetCurrentProcess
GetVersionExA
DeleteFileA
CreateFileA
WriteFile
FreeResource
GlobalAlloc
GlobalLock
LeaveCriticalSection
EnterCriticalSection
GlobalUnlock
GlobalFree
WinExec
FreeLibrary
lstrcmpA
CompareStringA
GetLocaleInfoA
GetModuleFileNameA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
GetTickCount
lstrlenA
SetThreadPriority
ResumeThread
SetEvent
CreateEventA
GlobalAddAtomA
GetCurrentProcessId
lstrcmpW
MultiByteToWideChar
GlobalFindAtomA
GlobalGetAtomNameA
GetModuleFileNameW
MulDiv
lstrlenW
FormatMessageA
GlobalSize
CopyFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetCurrentDirectoryA
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
LocalReAlloc
DeleteCriticalSection
TlsFree
lstrcpyA
GetFileAttributesA
GetThreadLocale
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
ExitThread
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetCPInfo
GetModuleHandleW
FileTimeToSystemTime
GetFileTime
GetTempFileNameA
SetErrorMode
SearchPathA
GetProfileIntA
FileTimeToLocalFileTime
GetFileSizeEx
VirtualProtect
FindResourceExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapFree
GetCommandLineA
RtlUnwind
ExitProcess
CreateThread
RaiseException
HeapReAlloc
HeapSize
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
GetACP
IsValidCodePage
LCMapStringA
SetLastError
LCMapStringW
VirtualFree
HeapCreate
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
CompareStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetEnvironmentVariableA
GetConsoleOutputCP
WriteConsoleA
TlsSetValue
GetTempPathA
GetOEMCP
GetExitCodeThread
CreateProcessA
GetFileSize
IsDebuggerPresent
ReadFile
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
KERNEL32.dll
Ovafif olos ahylub
Orefam. ipub uquqyp
6&84D@
)D1eB_
4(%*d3
hpJ>Gj
DOPZ;E
F7dIPG
Fpl`er
0y4ki5
RTTH2v
[8Mz.;
P-q1c	
g7yVJU
}E&D!t
0\V9a`
B%&c~a
.1;KKc
H,~$tV
4/D?^)
TV5f%P
T&>|	V
c4a7_4
wi56}Z
?<xrwy
8?JK6[
hS$37;
ly&s?z
ro>bC=
y#}{a@
#*H$%+
+m,9WW
MEqAW"
CF9$Fp
7yhn%;
"8a{V_
"lbOxy
	YY*U2
RwnVji
wcXp"?
!GPgg+
qSr)mx
5;Z;Sd
gf|TfI
jl=j(Y
|&|6kq
7~[=|:
phx$(i
.1b=v+
~Z=9&]
cwa8T6
ALK<oX
p9hoLe
yU(>8d
Zg0 m.
&^vq	c
zj4GE 
s)u\e{
hVyh*k
5v$v$c
a)`5E(
!WHo#1
!Id\?*
>w#cNW
Hz'ejq
n\! 4V
\3n9o1
1t-^?-
%t;6)s
iDx\#O
W)4sRS
B1>#KA
v`+PrS
t4q),B
o0 ec"
C|-=K{
22 .GZ
v{\-3[
W8?RX	
p|_L^\
I$m,\c
3'1*fV
)xSx,h
mkv7X7
$-bm45
QP[WA`
cdkuY.
q0m(j$
Z5O_Le
YDh*'B
Cqj|8p
2=5#Pz
K<A3lQ
+"UhuJ
y0(ID1
?1_ay$
k4]f;O
]N%18'
6FcK#.
)dw'7w
b+mk#z
JCi _Y
5gKuae
-9Fe9'
.5,@!;
v]z=>#
fp?2Vo
A=G@I/
R.c8xX
z(h]N~
o,^%1m
e7?5is
^6)81(
_~$$_@
Fg7AAc
%tda!D
&2)f~(
%BB9cE
&-8D*c
&8%_&7
B-e9_4
4.~%7_
1-e4#3
4B3#)9
<i,BD^
R&\^E)
fIm&<J
P~;zyu
GSe!#8
AJ{c6+
`	qc7f
                          
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
                          
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>