Sample details: 0aa7883654cca51850d95320f4f5119b --

Hashes
MD5: 0aa7883654cca51850d95320f4f5119b
SHA1: a22c92c2449e57a1d4374d58e8339da80fed3088
SHA256: 9d75d81fa3b56a2fecaaf942052080545ff3d97163fc9f2c45bc437d14c7efa0
SSDEEP: 1536:rPZ/5v5/3PZ/573PZ/5v5/h3R3nhfzV7djlrjzV7djBzV7djlrhfZ3RvBfPZ/5vz:SoPcEUZaXRg3URi5k2vHBC5UroBsP2
Details
File Type: PE32
Yara Hits
YRP/Armadillo_v1xx_v2xx_additional | YRP/Microsoft_Visual_Cpp_v70_DLL | YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/Microsoft_Visual_Cpp_60_DLL_Debug | YRP/Armadillo_v1xx_v2xx | YRP/Microsoft_Visual_Cpp_v60_DLL | YRP/Microsoft_Visual_Cpp_60 | YRP/Armadillov1xxv2xx | YRP/IsPE32 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/DebuggerException__SetConsoleCtrl | YRP/win_files_operation |
Source
http://103.68.190.250/Sources//Advance/WndRec/output/RecvFiles/bktest070AF94CB6AC85282/CBankClient/EXE/libcrypt.dll
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
.data1
.reloc
BIntel(R) C++ Compiler for 32-bit applications, Version 6.0   Build 020321Z  : cpu_disp.c : -I../ -Zl -Zp8 -DVX -DWMT -c
L$@QWP
L$<QSP
L$`SQPR
L$PSQPR
\$`PWS
L$$QUP
L$HSQUP
L$HSQUP
L$XSQUP
l$Dj U
\$Dj S
T$@RQW
D$XPRQ
D$|SPR
D$`SPR
D$lSPR
L$`PQR
T$`SRP
T$lSRP
\$`QSU
E j PV
E j PV
D$4j PU
T$ PPRh
~Lj SU
}`j VS
~`j SU
|$,2D*L
~`j SU
NDWQj 
F$j PU
FDj PR
D$$j j
T$DRUQ
T$8RUQ
T$4QSRP
WDWRVP
FDjdPS
_DjdRS
uRFGHt
btHHt.
DSUVWh
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
QSUVW3
>:uNFV
>:u#FV
t-Ht!Ht
VWuBh4D
"WWSh@D
t/WWUPj
t.;t$$t(
VC20XC00U
QQSVW3
PRQSWVU
0]^_[YZX
C =02CVu
B 02CV
runtime error 
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program: 
<program name unknown>
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetLastError
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
ReadFile
HeapFree
CloseHandle
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
DisableThreadLibraryCalls
WriteFile
CreateFileA
HeapAlloc
SetStdHandle
FlushFileBuffers
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind
CompareStringA
CompareStringW
SetEnvironmentVariableA
KERNEL32.dll
SetConsoleCtrlHandler
libcrypt.dll
CrypC_FillByRandom_
CrypC_ForceRandom_
CrypC_G28147_1989_block_clear
CrypC_G28147_1989_block_decrypt
CrypC_G28147_1989_block_encrypt
CrypC_G28147_1989_block_init
CrypC_G28147_1989_gamma_clear
CrypC_G28147_1989_gamma_crypt
CrypC_G28147_1989_gamma_init
CrypC_G28147_1989_gamma_ofb_clear
CrypC_G28147_1989_gamma_ofb_decrypt
CrypC_G28147_1989_gamma_ofb_encrypt
CrypC_G28147_1989_gamma_ofb_init
CrypC_G28147_1989_mac_clear
CrypC_G28147_1989_mac_file_const
CrypC_G28147_1989_mac_final
CrypC_G28147_1989_mac_init
CrypC_G28147_1989_mac_update
CrypC_Gen_SecretKey_
CrypC_InitRandom_
CrypC_LCheck
CrypC_LCuAdd
CrypC_LCuDub
CrypC_LCuPower
CrypC_LDH_PKA_clear
CrypC_LDH_PKA_clear_public_key
CrypC_LDH_PKA_clear_secret_key
CrypC_LDH_PKA_gen_mutual_key
CrypC_LDH_PKA_gen_public_key
CrypC_LDH_PKA_gen_secret_key
CrypC_LDH_PKA_get_parms
CrypC_LDH_PKA_get_public_key
CrypC_LDH_PKA_get_secret_key
CrypC_LDH_PKA_set_parms
CrypC_LDH_PKA_set_secret_key
CrypC_LIntToMont
CrypC_LMontToInt
CrypC_LR34_10_1994_clear
CrypC_LR34_10_1994_clear_public_key
CrypC_LR34_10_1994_clear_secret_key
CrypC_LR34_10_1994_gen_public_key
CrypC_LR34_10_1994_gen_secret_key
CrypC_LR34_10_1994_get_parms
CrypC_LR34_10_1994_get_public_key
CrypC_LR34_10_1994_get_secret_key
CrypC_LR34_10_1994_set_parms
CrypC_LR34_10_1994_set_public_key
CrypC_LR34_10_1994_set_secret_key
CrypC_LR34_10_1994_sign
CrypC_LR34_10_1994_verify
CrypC_LR34_10_2001_clear
CrypC_LR34_10_2001_clear_public_key
CrypC_LR34_10_2001_clear_secret_key
CrypC_LR34_10_2001_gen_mutual_key
CrypC_LR34_10_2001_gen_public_key
CrypC_LR34_10_2001_gen_secret_key
CrypC_LR34_10_2001_get_parms
CrypC_LR34_10_2001_get_public_key
CrypC_LR34_10_2001_get_secret_key
CrypC_LR34_10_2001_set_parms
CrypC_LR34_10_2001_set_public_key
CrypC_LR34_10_2001_set_secret_key
CrypC_LR34_10_2001_sign
CrypC_LR34_10_2001_verify
CrypC_LSign
CrypC_R34_11_1994_clear
CrypC_R34_11_1994_final
CrypC_R34_11_1994_init
CrypC_R34_11_1994_update
CrypC_Random_Fill
CrypC_TestCryptoFunctions_
CrypC_TestSignFunctions_
CrypC__GOSTE_
rdtick
:kp+;w
(hm!E"
:kp+;w
(hm!E"
:kp+;w
(hm!E"
<2P2e2z2
9V9k9~9
;6<K<W<m<y<
=C>]>p>|>
?)?<?O?b?v?
2/343h3
3U4c4t4
8&898L8]8p8
j2z2j6z6
9 919B9j9u9N;^; >%>
8X9p9w9
:b:h:l:p:t:
=%=0===J=W=d=k=z=
505D5t5|5
6"6)636L6T6Y6e6j6
788o8u8
8#9-9N9c9
>">(>8>?>F>N>u>
>A?M?W?k?y?
3"3H3U3c3n3
4+474S4h4~4
5"5.565>5D5N5]5c5j5{5
6!6+6U6|6
7'737@7H7O7W7_7i7r7z7
81999Q9Z9l9x9
:":-:A:G:U:^:o:
;,<3<R<_<j<p<
>#>/>C>|>
?/?6?K?_?w?
0)030@0F0a0z0,1e1n1y1
2L2R2Y2b2i2q2w2
5!515<5N5a5l5r5w5}5
9%959>9X9i9o9
?+?8?E?X?b?k?
0'0?0T0Z0f0m0x0
1"1'1,111J1P1
2:2H2U2e2
3&3+3<3X3x4
5*6B6H6T6
9 9$9(9,9094989
: :':,:0:4:Q:{:
; ;$;(;,;{;
>(>@>`>
2(3C3Z3
4Z5h5v5
7!8'8b8h8t8
=!=&=/=4=W=]=c=o=
L4P4X4\4d4h4t4x4
= ><>D>L>T>\>d>l>t>|>