Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: 202a44386877ddabd72c9cc9cac94a6b --

Hashes
MD5: 202a44386877ddabd72c9cc9cac94a6b
SHA1: f10ab6753155cf7528a2569eaab87f802a3c2f34
SHA256: 3115dd34382e6d6a58ba6a25e612ec3df138240c5b0e8d75807a77baef3d4136
SSDEEP: 6144:xC09sT4eSCBv5+f9M+znXVvRwRwRQAQjp9pvrtouyYmA:xMBuy+zJuy
Details
File Type: PE32
Yara Hits
YRP/Armadillo_v171 | YRP/Microsoft_Visual_Cpp_v60 | YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional | YRP/Microsoft_Visual_Cpp_50 | YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/Armadillo_v171_additional | YRP/Armadillo_v4x | YRP/Microsoft_Visual_Cpp | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/screenshot | YRP/keylogger | YRP/win_private_profile | YRP/win_files_operation | YRP/BLOWFISH_Constants | YRP/VC6_Random |
Parent Files
02ab5809024719afa932a420b74cb447
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
L$4PQR
T$<Rhl
D$TPh@
T$(QRP
D$ RPQ
t$ WVj
D$ RPV
D$8PQRh
D$@RPW
SUVWjT
T$0QPR
wtHHt5Ht 
SVWj PQ
L$(}cU
D$ RQWP
D$LQRP
D$LQRP
D$LQRP
D$LQRP
D$TQRP
T$TPQR
D$XQRP
RQUWh 
UWQPh 
L$ RWV
D$,URUP
D$TWVPV
T$ PQR
T$ QRP
SUVWPQ
T$ QRP
L$8RPQSW
t?;^Hu:j
p09o4u
t1UUUj
T$(RQP
Q49A8u
j@SWQP
D$,PQW
T$@RSP
L$TQSW
QRhXUD
QPWRUhXUD
Ht$Hu}j
D$4QRP
T$(PQRj
QRPVWSUh
QRPVWSUh
L$Xj$Ph
|$$USVW
HtfHt0-
T$LPQRh
Qj@PjfV
D$([_^]
T$$VRW
	It<Iui@
j j RPQ
j j PQR
T$\QRP
T$(QRhPDL
D$DRPQ
D$$RPW
T$,PQR
T$0QRP
D$(h-C
D$(h-C
D$4QRPW
D$8PWV
SUVWPQ
RPhPDL
VWhtFL
BARQWS
D$LQRP
_|*;D$
D$$RPh$DL
L$$PQh
a9W8!h
a9W8!h
D$ RPV
SUVWPQ
It,Iu.
T$HWSQVR
L$4WQUVS
L$,SUV
L$0SUV@W
|$$}$WP
O$_^][Y
l$$}-j
tSHt~H
NH_^][
u]9B$uX
uR9BduM
'9A`u"9
tv8^At
tS8^@uN
W(_^][
C(IH_^
T$@} VP
T$PPRV
T$$PRV
L$,PRQ
uYf9q uSf9q0uMf9q@uGf9qPuAf9q`u;f9qpu5
u%f9+u f9k
QRh8AC
F,_^[Y
D$ _^][
CLPWVU
D$LUPQR
L$,RPQ
\$ PVW
D$,CJF;
D$,CJF;
D$,CJF;
D$,CJF;
D$8QRP
T$TPQVR
j/j\h4uC
D$@_^]
Vjdjdj
D$tVPW
ItiIt8
T$TQRP
L$$_^]
^;54jC
^}%95<mC
B 02CV
C =02CVu
QQSVWd
t.;t$$t(
DSUVWh
HHtpHHtl
<]t_G<-uA
btHHt.
6;50jC
Y;5@LM
0B=0kC
"WWSh(
t/WWUPj
sO;>|C;~
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
VC20XC00U
t+Ht$Ht
t-Ht!Ht
QQSVW3
89=lIM
+ttHHtd
HHtYHHtF
?UUUUUU
?VUUUUU
%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz
&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz
?u='@^
GAIsProcessorFeaturePresent
KERNEL32
`h````
ppxxxx
(null)
__GLOBAL_HEAP_SELECTED
__MSVCRT_HEAP_SELECT
_hypot
runtime error 
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program: 
<program name unknown>
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
1#QNAN
1#SNAN
mciGetErrorStringA
mciSendCommandA
timeGetTime
PlaySoundA
WINMM.dll
DrawDibOpen
DrawDibClose
DrawDibEnd
DrawDibDraw
DrawDibRealize
DrawDibSetPalette
DrawDibBegin
MSVFW32.dll
GetProcAddress
LoadLibraryA
FreeLibrary
SetFileAttributesA
GetTickCount
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
GetDateFormatA
GetLocalTime
DeleteFileA
GetTempFileNameA
GetTempPathA
GetPrivateProfileStructA
GetLastError
GetVersionExA
MultiByteToWideChar
KERNEL32.dll
ReleaseDC
SetDlgItemTextA
SetWindowTextA
SendMessageA
GetDlgItem
LoadIconA
EndDialog
FindWindowA
DialogBoxParamA
KillTimer
MoveWindow
ClientToScreen
SetTimer
CreateWindowExA
GetDlgItemTextA
InvalidateRect
SetRect
GetSystemMetrics
DrawTextA
CreateDialogParamA
DestroyWindow
EnableWindow
MessageBoxA
EndPaint
BeginPaint
SetCursor
GetKeyState
CloseClipboard
EmptyClipboard
OpenClipboard
GetClientRect
DefWindowProcA
RegisterClassA
IntersectRect
ShowWindow
SetFocus
CloseWindow
PostQuitMessage
WindowFromPoint
GetWindowRect
WaitMessage
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
UpdateWindow
AdjustWindowRectEx
LoadCursorA
PostMessageA
IsDialogMessageA
FillRect
GetWindowLongA
SetWindowLongA
BringWindowToTop
CopyRect
USER32.dll
DeleteDC
DeleteObject
SelectObject
GdiFlush
CreateDIBSection
CreateCompatibleDC
GetDeviceCaps
CreateHalftonePalette
BitBlt
RealizePalette
SelectPalette
SetTextColor
SetBkColor
CreateSolidBrush
GetStockObject
SetBkMode
GetTextCharset
CreateFontA
GetTextMetricsA
CreatePen
LineTo
MoveToEx
Rectangle
GetClipBox
CreateFontIndirectA
GDI32.dll
comdlg32.dll
ShellExecuteA
SHELL32.dll
OleInitialize
OleUninitialize
CoGetClassObject
ole32.dll
OLEAUT32.dll
CreateDirectoryA
RemoveDirectoryA
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
SetEnvironmentVariableA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
ReadFile
CloseHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
WriteFile
WideCharToMultiByte
LCMapStringA
LCMapStringW
RaiseException
FlushFileBuffers
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
CreateFileA
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetEndOfFile
GradientBottom
sfiles/skin.ini
BACKGROUND
GradientTop
img/lttl_pzzl.img
img/background.jpg
sfiles/baddress.tmp
sfiles/bdesc.tmp
sfiles/bmidi.mid
sfiles/bimage.tmp
sfiles/bimage2.tmp
sfiles/config.ini
OldScreenSize
%i %i %i %i %i %i
sfiles/ml
FeedBackSupport
curves/c_%i.crv
curve->n>MAX_CONTROLPOINTS
curve_get: type out of range(%i)
Jigs@w Puzzle Lite Pro
img/font20.img
img/font15.img
img/font12.img
UserInterface
sfiles/lang.ini
lt_init: charset not found (%s)
CharSet
lt_init: old version of texts (%s)
lt_init: version not found (%s)
Version
lt_get: lti %i is NULL
button_register: where is for %s BS_RGFIRST?
button_register: next BS_RGFIRST for %s
button.cpp: load_faze %s
%s_%i.img
cache_done: filename:%s lock:%i
precache_file: memfiles[] is full
ideal_clip: not found idealclip for %i
dp_open: fread packfiles (%s)
dp_open: invalid magic (%s)
dp_open: fread of packhead (%s)
dp_open: not found (%s)
dp_open: datapacks id full
dp_get_hfile: file not found (%s)
dp_get_index: fileinfos is full
dp_fopen: next open
dp_fseek: file is not open
dp_fread: %s
%i %i %i
transparent
GalleryOutline
CreateCurvePreview
CreateDeskPresentSize
CreateDeskOutline
CreateDesk
Selection
RoomTitleBarTextShadow
RoomTitleBarText
RoomTitleBar
PreviewSurprise
PreviewBottomTextShadow
PreviewBottomText
PreviewNumberOfPiecesTextShadow
PreviewNumberOfPiecesText
PreviewOutlineInactive
PreviewOutlineActive
MsgBoxTextShadow
MsgBoxText
EditBoxBackground
EditBoxText
WindowTitleTextShadow
WindowTitleText
TrackbarTextShadow
TrackbarText
ButtonTextShadow
ButtonTextHover
ButtonTextInactive
ButtonTextActive
Bevel_RB
Bevel_B
Bevel_LB
Bevel_R
Bevel_L
Bevel_RT
Bevel_T
Bevel_LT
ge_init: color %s not found
COLORS
img/active.img
img/inactive.img
All Formats
*.JPG;*.JPE;*.JIF;*.JPEG;*.JFIF;*.TIF;*.TIFF;*.BMP;*.RLE;*.DIB
BMP (*.BMP;*.RLE;*.DIB)
*.BMP;*.RLE;*.DIB
JPEG (*.JPG;*.JPE;*.JIF;*.JPEG;*.JFIF)
*.JPG;*.JPE;*.JIF;*.JPEG;*.JFIF
TIFF (*.TIF;*.TIFF) uncompressed
*.TIF;*.TIFF
jpg_loader: gformat_jpg_read %s
img_draw: jine rozliseni nez screen
img_draw_shadow: stin by mel byt IMG_8BIT
window_register: windows[] is full
window_focus: invalid style
window_focus_modal: invalid style
window_focus_modal: only one modal
twindow: post_event: fevents[] is full
io_debug_init: Win Debug not found
TIBODBWIN
application.log
io_dialog_end: ???
io_dialog_invalidate: ???
fbmouse.dll
fbmouse_done
fbmouse_applause_start
fbmouse_bound_stop
fbmouse_bound_set
fbmouse_bound_start
fbmouse_pop_start
fbmouse_init
io_gdi_create_font: invalid font family
io_gdi_set_pen: invalid pen style
link.dat
abrakadabra
index.scr
TSADBANNERALT
TSADBANNER
The display resolution has changed. It is recommended to restart this program.
Exit?.
TSJPCLASSLITE
io_mem_done: ngetmem!=nfreemem
io_mem_done: nfreemem = %i
io_mem_done: ngetmem = %i
io_mem_alloc: no memory (%li)
io_mem_realloc: no memory (%li)
sequencer
play_midi play
play_midi open
PlatformId:%i, MajorVersion:%i, MinorVersion:%i
Shell_TrayWnd
video driver: DrawDib
video driver: Windows
io_video_begin_paint: screen.buf is not NULL
io_video_end_paint: screen.buf is NULL
 iciNWq
Ze2Zh@
A4x{%`
BFUa.X
	-f3F2
w``u N
ABCDEFGHJKLMNPQRSTUVWXYZ23456789
JIGSAWPUZZLELITEPROCLASS
%i.%02i
Charset
Create
PUZZLE
Puzzle
ColorS
ColorL
ColorH
ALTFONT
BANNER
EnableAfterSolving
JPLiteScript
lfFaceName
lfPitchAndFamily
lfQuality
lfClipPrecision
lfOutPrecision
lfCharSet
lfStrikeOut
lfUnderline
lfItalic
lfWeight
lfOrientation
lfEscapement
lfWidth
lfHeight
img/connected.img
GhostVisible
PictureWin
PLAYROOM
CPanelWin
PictureIZoom
connect.wav
?Application transferred too many scanlines
Invalid SOS parameters for sequential JPEG
Corrupt JPEG data: found marker 0x%02x instead of RST%d
Premature end of JPEG file
Warning: unknown JFIF revision number %d.%02d
Corrupt JPEG data: bad Huffman code
Corrupt JPEG data: premature end of data segment
Corrupt JPEG data: %u extraneous bytes before marker 0x%02x
Inconsistent progression sequence for component %d coefficient %d
Unknown Adobe color transform code %d
Obtained XMS handle %u
Freed XMS handle %u
Unrecognized component IDs %d %d %d, assuming YCbCr
JFIF extension marker: RGB thumbnail image, length %u
JFIF extension marker: palette thumbnail image, length %u
JFIF extension marker: JPEG-compressed thumbnail image, length %u
Opened temporary file %s
Closed temporary file %s
  Ss=%d, Se=%d, Ah=%d, Al=%d
    Component %d: dc=%d ac=%d
Start Of Scan: %d components
Start of Image
    Component %d: %dhx%dv q=%d
Start Of Frame 0x%02x: width=%u, height=%u, components=%d
Smoothing not supported with nonstandard sampling ratios
At marker 0x%02x, recovery action %d
Selected %d colors for quantization
Quantizing to %d colors
Quantizing to %d = %d*%d*%d colors
        %4u %4u %4u %4u %4u %4u %4u %4u
Unexpected marker 0x%02x
Miscellaneous marker 0x%02x, length %u
    with %d x %d thumbnail image
JFIF extension marker: type 0x%02x, length %u
Warning: thumbnail image size does not match data length %u
JFIF APP0 marker: version %d.%02d, density %dx%d  %d
        %3d %3d %3d %3d %3d %3d %3d %3d
End Of Image
Obtained EMS handle %u
Freed EMS handle %u
Define Restart Interval %u
Define Quantization Table %d  precision %d
Define Huffman Table 0x%02x
Define Arithmetic Table 0x%02x: 0x%02x
Unknown APP14 marker (not Adobe), length %u
Unknown APP0 marker (not JFIF), length %u
Adobe APP14 marker: version %d, flags 0x%04x 0x%04x, transform %d
Caution: quantization tables are too coarse for baseline JPEG
6b  27-Mar-1998
Copyright (C) 1998, Thomas G. Lane
Write to XMS failed
Read from XMS failed
Image too wide for this implementation
Virtual array controller messed up
Unsupported marker type 0x%02x
Application transferred too few scanlines
Write failed on temporary file --- out of disk space?
Seek failed on temporary file
Read failed on temporary file
Failed to create temporary file %s
Invalid JPEG file structure: SOS before SOF
Invalid JPEG file structure: two SOI markers
Unsupported JPEG process: SOF type 0x%02x
Invalid JPEG file structure: missing SOS marker
Invalid JPEG file structure: two SOF markers
Cannot quantize to more than %d colors
Cannot quantize to fewer than %d colors
Cannot quantize more than %d color components
Insufficient memory (case %d)
Not a JPEG file: starts with 0x%02x 0x%02x
Quantization table 0x%02x was not defined
JPEG datastream contains no image
Huffman table 0x%02x was not defined
Backing store not supported
Requested feature was omitted at compile time
Not implemented yet
Invalid color quantization mode change
Scan script does not transmit all data
Cannot transcode due to multiple use of quantization table %d
Premature end of input file
Empty input file
Maximum supported image dimension is %u pixels
Missing Huffman code table entry
Huffman code size table overflow
Fractional sampling not implemented yet
Output file write error --- out of disk space?
Input file read error
Didn't expect more than one scan
Write to EMS failed
Read from EMS failed
Empty JPEG image (DNL not supported)
Bogus DQT index %d
Bogus DHT index %d
Bogus DAC value 0x%x
Bogus DAC index %d
Unsupported color conversion request
Too many color components: %d, max %d
CCIR601 sampling not implemented yet
Suspension not allowed here
Buffer passed to JPEG library is too small
Bogus virtual array access
JPEG parameter struct mismatch: library thinks size is %u, caller expects %u
Improper call to JPEG library in state %d
Invalid scan script at entry %d
Bogus sampling factors
Invalid progressive parameters at scan script entry %d
Invalid progressive parameters Ss=%d Se=%d Ah=%d Al=%d
Unsupported JPEG data precision %d
Invalid memory pool code %d
Sampling factors too large for interleaved scan
Wrong JPEG library version: library is %d, caller expects %d
Bogus marker length
Bogus JPEG colorspace
Bogus input colorspace
Bogus Huffman table definition
IDCT output block size %d not supported
DCT coefficient out of range
Invalid component ID %d in SOS
Bogus buffer control mode
MAX_ALLOC_CHUNK is wrong, please fix
ALIGN_TYPE is wrong, please fix
Sorry, there are legal restrictions on arithmetic coding
Bogus message code %d
JPEGMEM
IMG loader: unknown error
IMG saver: unknown error
-debug
-videodriver
Initializing Play Room
english.ini
kernel_init: invalid copy of %s
skin.ini
sfiles
puzzles
data.pck
Version: %s
sfiles/a.tmp
The puzzle %s.pzl not found.
file://
</%s></%s>
alt="%s"
<img border="0" src="%s" 
<%s href="%s" target="_blank">
<TD width="100%%" align="%s">
<TD width="1"><IMG src="sp.gif" width="1" height="64"></TD>
<%s border="0" cellpadding="0" cellspacing="0" width="100%%">
background="%s"
<%s bgcolor="#%02x%02x%02x" 
center
<%s><%s><%s>Banner</%s></%s>
<FRAME src="banner.htm" name="lista" scrolling="no" marginwidth="0" marginheight="0" frameborder="0" noresize>
<%s rows="64" style="border: 0px none">
FRAMESET
<%s><%s><%s>Index</%s></%s>
banner.htm
index.htm
TS_HTMLCTRL_CLASSNAME
K288,2
18,&22#m
$&7* 888
288,,88,1"
u88&,88,&Y827"
88&28,%Q
DY88,,+
Q%2zY88*
"$%&,&$
%&,2222*"
Y88887)"
888881)""YS,7)
Y888881
088YY*"
zY8888882888Yz1
"M,,2882&,,+*"DC
C$882&22
18888&&
 888882
28888+
288888&
,88888%*"
,888882
888882,0#"
28888&
&888888
288882&81)"
28888,
&888888&
,88888&87
,88888&
&YYY88,21"
&88888&
&8888&%
&22&+#
#YY88888,,,1)
"1$$88YY8888887#C
z888887#
Y88888
Y888870
888882+"
{u}}}}}}/T/}}}}}}}}}}}}}}}}}}}}
S}}}}}}}}}}}}}}}}}}}}/5555555Q
}}}}}}}}}}}}}}}}}}}}61111132
L>*%}}}}}}}}}}}}}}}}}}}50000349KNR$
}}}}}}}}}}}}}}}}}5000318YDO}+ 
}}}}}}}}}}500032
GBP}}$
/}}}}}}}}}50032
JBI>}}+ 
{}}}}}}}}}5034
L@BO}}}}$
z	}}}}}}}}}5318KEBBP}}}}+ 
T}}}}}}}}}502
DBBI>}}}}}$
}}}}}}}}}52
JBBDLT/}}}}+ 
}}}}}}}}7
u}}}}}$
"Y/}}}}}}}
)!z{}}}}}}
zu}}}}}}
T}}}}}}}}Xssnb_`xKCO
Q}}}}}}}}f_a_i_l
}}}}}}}fiii_kzMBCK
))"Y/}}}}}}}fiii_t
)!zS}}}}}}}fii_k
zu}}}}}}}fiiivYEDYy
T}}}}}}}fi_k
Q}}}}}}}fiivK@J
y;FHzs
}}}}}}fil
l`zJBMxt;FG
)"Y/}}}}}}fin
ts;FJz`q
!zS}}}}}}fiap
ks<CLxie
u}}}}}}friinliiv<BLxit<E<vi_s
u}}}}}}fmmm]]]dzGB=t]tME=v]]p
S}}}}}}}[ggggg[u
}}}}}}}}}}}}}}}
	}}}}}}}}}}}}}}}}}}}}}}
}}}}}}}}}