Sample details: 1983418dadb9f15b8e3cb8d54a0a072e --

Hashes
MD5: 1983418dadb9f15b8e3cb8d54a0a072e
SHA1: 32923bb48d3924e859cc4ed4148c1bd7f2ddcc13
SHA256: a71f6acd3d0cb759d11f586bd84a3b2e575c8ea8cf92a8305b48302a0d47fdcf
SSDEEP: 3072:UkqQbCV5VnEMg5nxY6SR6JJ/LpdqaZ8Zj3oMAe/t6ZM:URQbsVnEMg5CVRGJ/ZZSMC
Details
File Type: PE32
Yara Hits
YRP/Armadillo_v1xx_v2xx_additional | YRP/Microsoft_Visual_Cpp_v70_DLL | YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/Microsoft_Visual_Cpp_60_DLL_Debug | YRP/Armadillo_v1xx_v2xx | YRP/Microsoft_Visual_Cpp_v60_DLL | YRP/Microsoft_Visual_Cpp_60 | YRP/Armadillov1xxv2xx | YRP/IsPE32 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/DebuggerException__SetConsoleCtrl | YRP/win_files_operation | YRP/Big_Numbers1 |
Source
http://103.68.190.250/Sources//Advance/WndRec/output/RecvFiles/azlogtest070AF94CB6AC85282/Client_prg/C__ifobs/c32csp.dll
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
@.reloc
5#$A2hD
#$A2_^
5#$A2V
5#$A2j 
Q5#$A2RP
tiSVWh4
5#$A2_
5#$A2W
5#$A23
#$A2WV
F<Rj SP
Gpj RP
N<Pj WQ
VdRPQV
T$<QSR
T$$RSW
T$<QSR
T$HIQR
L$xPQWSh
T$PSQR
D$@RPW
L$@PQW
D$8QRP
T$4PQRh
T$\QRP
5#$A2_
5#$A2W
D$DSUP
L$DVUQ
L$$PQR
D$,RPQ
D$ ^]Y
D$(QWPPR
\$8QVSW
\$8RVSW
T$8SVR
D$$][_^
D$$PWQV
T$dVWR
\$XVWS
L$tVWQ
L$LVQW
L$$9L$
L$DQVPW
\$$u Mt>
T$dQVRU
L$,VQW
T$,VRW
T$8QVRS
L$@PVQU
T$DVWR
l$(VWPU
T$4SQR
L$0GWQ
L$ RPQS
D$4VUP
T$ PQRS
D$8SPU
t.;t$$t(
VC20XC00U
HHtpHHtl
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
^}%95@
VWuBh@
QQSUVWj
_^][YY
>Cu28V
HSVHWtgHHtF
+ttHHtd
WQj1Pj
Vtvj0j
F PjPWj
F$PjQWj
F*PjTWj
F+PjUWj
F,PjVWj
F-PjWWj
F.PjRWj
PPPPPPPP
PPPPPPPP
tEj@Vh
F@j@Ph
It[IItM
tn<%t2
HHtiHtGH
HtHHt(
HtOHt)H
zu^SSS
QQSVWj
>:uNFV
>:u#FV
t/WWUPj
QQSVW3
bnlib 1.1 Copyright (c) 1995 Colin Plumb.
`h````
ppxxxx
(null)
GAIsProcessorFeaturePresent
KERNEL32
__GLOBAL_HEAP_SELECTED
__MSVCRT_HEAP_SELECT
runtime error 
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program: 
<program name unknown>
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
LC_TIME
LC_NUMERIC
LC_MONETARY
LC_CTYPE
LC_COLLATE
LC_ALL
1#QNAN
1#SNAN
Paraguay
Uruguay
Ecuador
Argentina
Colombia
Venezuela
Dominican Republic
South Africa
Panama
Luxembourg
Costa Rica
Switzerland
Guatemala
Canada
Spanish - Modern Sort
Australia
English
Austria
German
Belgium
Mexico
Spanish
Basque
Sweden
Swedish
Iceland
Icelandic
France
French
Finland
Finnish
Spanish - Traditional Sort
united-states
united-kingdom
trinidad & tobago
south-korea
south-africa
south korea
south africa
slovak
puerto-rico
pr-china
pr china
new-zealand
hong-kong
holland
great britain
england
britain
america
swedish-finland
spanish-venezuela
spanish-uruguay
spanish-puerto rico
spanish-peru
spanish-paraguay
spanish-panama
spanish-nicaragua
spanish-modern
spanish-mexican
spanish-honduras
spanish-guatemala
spanish-el salvador
spanish-ecuador
spanish-dominican republic
spanish-costa rica
spanish-colombia
spanish-chile
spanish-bolivia
spanish-argentina
portuguese-brazilian
norwegian-nynorsk
norwegian-bokmal
norwegian
italian-swiss
irish-english
german-swiss
german-luxembourg
german-lichtenstein
german-austrian
french-swiss
french-luxembourg
french-canadian
french-belgian
english-usa
english-us
english-uk
english-trinidad y tobago
english-south africa
english-nz
english-jamaica
english-ire
english-caribbean
english-can
english-belize
english-aus
english-american
dutch-belgian
chinese-traditional
chinese-singapore
chinese-simplified
chinese-hongkong
chinese
canadian
belgian
australian
american-english
american english
american
H:mm:ss
dddd, MMMM dd, yyyy
M/d/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
DisableThreadLibraryCalls
InitializeCriticalSection
GlobalMemoryStatus
QueryPerformanceCounter
GetCurrentProcessId
GetProcessTimes
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
KERNEL32.dll
MessageBoxA
USER32.dll
RtlUnwind
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
ExitProcess
FatalAppExitA
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
InterlockedDecrement
InterlockedIncrement
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
SetConsoleCtrlHandler
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FlushFileBuffers
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CloseHandle
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
C32CSP.DLL
CSPDHCreateCtx
CSPDHDestroyCtx
CSPDHDuplicateCtx
CSPDHGenerateParameters
CSPDHGenerateXY
CSPDHGetKeyG
CSPDHGetKeyP
CSPDHGetKeyX
CSPDHGetKeyY
CSPDHGetSharedKey
CSPDHSetDefaultByteOrder
CSPDHSetParameters
CSPDHSetX
CSPDHSetY
CSPDeInitialize
CSPG28147Begin
CSPG28147CreateCtx
CSPG28147DestroyCtx
CSPG28147DuplicateCtx
CSPG28147GenerateKey
CSPG28147GetGamma
CSPG28147GetImit
CSPG28147GetKey
CSPG28147GetSync
CSPG28147ProcessData
CSPG28147SetImit
CSPG28147SetKey
CSPG28147SetMode
CSPG28147SetSblock
CSPG28147SetSync
CSPG3410CreateCtx
CSPG3410DestroyCtx
CSPG3410DuplicateCtx
CSPG3410EnableTestMode
CSPG3410GenerateParameters
CSPG3410GenerateXY
CSPG3410GetKeyA
CSPG3410GetKeyP
CSPG3410GetKeyQ
CSPG3410GetKeyX
CSPG3410GetKeyY
CSPG3410GetLastUsedSeed
CSPG3410ProcedureA
CSPG3410ProcedureB
CSPG3410ProcedureC
CSPG3410SetDefaultByteOrder
CSPG3410SetKeyK
CSPG3410SetKeyX
CSPG3410SetKeyY
CSPG3410SetParameters
CSPG3410Sign
CSPG3410VerifySign
CSPG3411Begin
CSPG3411CreateCtx
CSPG3411DestroyCtx
CSPG3411DuplicateCtx
CSPG3411Final
CSPG3411FinalEx
CSPG3411GetHesh
CSPG3411SetHesh
CSPG3411Update
CSPGetMemAllocationsCount
CSPGetVersion
CSPGetbnMemAllocationsCount
CSPImitBegin
CSPImitCreateCtx
CSPImitDestroyCtx
CSPImitDuplicateCtx
CSPImitFinal
CSPImitGet
CSPImitSetImit
CSPImitSetKey
CSPImitUpdate
CSPInitialize
CSPIsInitialized
CSPRandomCreateCtx
CSPRandomDestroyCtx
CSPRandomDuplicateCtx
CSPRandomGenerateBuffer
CSPRandomUpdateSeed
CSPReverseKey
CSPRunInternalTests
CSPSetDefaultSblock
DllGetVersion
_CSPDHCreateCtx@4
_CSPDHDestroyCtx@4
_CSPDHDuplicateCtx@8
_CSPDHGenerateParameters@8
_CSPDHGenerateXY@4
_CSPDHGetKeyG@12
_CSPDHGetKeyP@12
_CSPDHGetKeyX@12
_CSPDHGetKeyY@12
_CSPDHGetSharedKey@20
_CSPDHSetDefaultByteOrder@8
_CSPDHSetParameters@20
_CSPDHSetX@12
_CSPDHSetY@12
_CSPDeInitialize@0
_CSPG28147Begin@4
_CSPG28147CreateCtx@16
_CSPG28147DestroyCtx@4
_CSPG28147DuplicateCtx@8
_CSPG28147GenerateKey@4
_CSPG28147GetGamma@8
_CSPG28147GetImit@12
_CSPG28147GetKey@12
_CSPG28147GetSync@8
_CSPG28147ProcessData@12
_CSPG28147SetImit@8
_CSPG28147SetKey@8
_CSPG28147SetMode@8
_CSPG28147SetSblock@8
_CSPG28147SetSync@8
_CSPG3410CreateCtx@4
_CSPG3410DestroyCtx@4
_CSPG3410DuplicateCtx@8
_CSPG3410EnableTestMode@8
_CSPG3410GenerateParameters@8
_CSPG3410GenerateXY@4
_CSPG3410GetKeyA@12
_CSPG3410GetKeyP@12
_CSPG3410GetKeyQ@12
_CSPG3410GetKeyX@12
_CSPG3410GetKeyY@12
_CSPG3410GetLastUsedSeed@12
_CSPG3410ProcedureA@32
_CSPG3410ProcedureB@28
_CSPG3410ProcedureC@36
_CSPG3410SetDefaultByteOrder@8
_CSPG3410SetKeyK@12
_CSPG3410SetKeyX@12
_CSPG3410SetKeyY@12
_CSPG3410SetParameters@28
_CSPG3410Sign@16
_CSPG3410VerifySign@12
_CSPG3411Begin@4
_CSPG3411CreateCtx@8
_CSPG3411DestroyCtx@4
_CSPG3411DuplicateCtx@8
_CSPG3411Final@12
_CSPG3411FinalEx@20
_CSPG3411GetHesh@12
_CSPG3411SetHesh@12
_CSPG3411Update@12
_CSPGetMemAllocationsCount@0
_CSPGetVersion@0
_CSPGetbnMemAllocationsCount@0
_CSPImitBegin@4
_CSPImitCreateCtx@12
_CSPImitDestroyCtx@4
_CSPImitDuplicateCtx@8
_CSPImitFinal@12
_CSPImitGet@12
_CSPImitSetImit@8
_CSPImitSetKey@8
_CSPImitUpdate@12
_CSPInitialize@0
_CSPIsInitialized@0
_CSPRandomCreateCtx@4
_CSPRandomDestroyCtx@4
_CSPRandomDuplicateCtx@8
_CSPRandomGenerateBuffer@12
_CSPRandomUpdateSeed@12
_CSPReverseKey@8
_CSPRunInternalTests@4
_CSPSetDefaultSblock@4
_DllGetVersion@4
_plyCipherCoderGamma
_plyCipherCoderGammaFB
_plyCipherCoderSS
_plyCipherExpandSblock
_plyCipherGetCPUTimeStamp
_plyCipherMakeImit
plyCipherCoderGamma
plyCipherCoderGammaFB
plyCipherCoderSS
plyCipherExpandSblock
plyCipherGetCPUTimeStamp
plyCipherMakeImit
 C32CSP.DLL. 
Tm 3hel2ise ssnb agyigttsehe ,=s
fThis is message, length=32 bytesSuppose the original message has length = 50 bytes
F0D81C2872A14B25D25BE0640808E160RC
_>0BE16AE4BCA7E36C9174E41D6BE2AE45
0!0-02080]0q0
222M2m2
3*3G3_3u3
444L4f4
;(;<;\;t;
<.<B<Z<u<
>$>/>I>
2&2F2^2
333>3I3T3b3m3{3
434J4Z4
5<5L5{5
7+767A7
4#4J4W4@5Z5
6)6K6U6a6
;'<F<z<
=:=?=[=g=l=
>'>,>u>
>5?T?x?}?
2(2T2a2
5 5&5*50545:5>5D5H5N5R5X5\5b5f5l5p5v5z5
::@:D:H:L:
? ?$?*?.?3?=?C?J?
0R1X1z1
3X3p3w3
4b4h4l4p4t4
0F0a0q0
3c4j4z4
5V5}5"6)686[6a6m6}6
7.777P7n7
8$8/878
; ;%;+;8;U;[;f;k;t;y;
;y<f>q>y>
.3<3S3Y3^3m3s3
40484W4
6.7F7Q7]7l7r7
91:7:P:
;*<(>3>8?}?
0!0N0i0y0
1!1(181>1E1O1h1p1u1
252A2G2T2d2j2r2
2C3[3a3i3o3
4!4S4]4~4
4 5&535T5y5
6(626F6T6a6f6l6
7[7>8W8
8	9Y9l9
:):<:c:r:
;#;9;@;N;[;h;p;
<;<W<j<
? ?1?M?\?n?w?
1)1/164E4
5L5^5q5
=?>V>n>
1A2G2U2
3!4=4J4W4j4s4
5$5/545<5S5h5n5v5~5
556?6D6I6N6g6m6
7$797W7e7r7
7H8`8g8o8t8x8|8
9R9X9\9`9d9
:!:K:}:
:J;S;Y;e;j;t;{;
>)>1>}>
?(?J?w?
@0l0s0
1*1/1<1H11282Q2
4`5k5}5
6$6?6H6M6T6\6f6p6v6
6-7?7q7
:(:.:8:O:U:]:
:X;];e;j;r;w;
; <%<B<H<
=*=1=C=K=[=l=
>?>D>c>p>}>
374S4$5<5n5
<\<b<m<y<
2)202=2J2[2`2g2m2u2{2
3)313C3M3V3
4&4/474=4A4L4W4k4
6&61666
8"8'828>8E8o9
9):P:`:f:y:
:A;L;Y;l;t;{;
<,<<<N<`<h<n<v<~<
=*=;=D=L=T=_=n=u=
>9>N>X>g>x>
?-?B?L?[?w?~?
0,0U0u0
1F1Q1\1f1p1z1
4F5P5l5
759?9E9M9r9
:-;5;q;
;4<<<V<[<q<
=Z=d=l=
3	3%383?3Q3Y3i3
7&8K8f8
:%:3:9:C:K:Q:_:f:m:y:
;8;T;p;z;
<$</<9<G<
=(=0=8=@=J=S=[=r={=
> >N>Y>
?$?5?B?U?[?a?o?t?
1G2[2}2
3%3/373B3P3
9/:5:p:v:
< <&<,<2<8<><D<J<P<V<\<b<h<n<t<z<
="=(=.=4=:=@=F=
?$?(?4?8?@?D?P?\?
(646T6d6t6$7,747<7D7L7T7\7d7l7t7|7
1$1,1P1X1|1
2,242X2`2
343<3`3h3
4<4D4h4p4
5 5D5L5x5
6 6(60686@6H6P6X6`6h6p6x6
7 7(70787@7H7P7X7`7h7p7x7
8 8(80888@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
9(9x<|<
N:\CERT\V10~1.4\SOURCE\C\C32CSP\OBJVCD\Release\c32csp.pdb