Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: 3e5d078ebf7820978331d2a5ea6d0f1d --

Hashes
MD5: 3e5d078ebf7820978331d2a5ea6d0f1d
SHA1: 1277ed469d6543502cf9323d3d4c6541a0fbddc2
SHA256: bec473cfbc7ff7dd21449dc0584b8c279803d312d5ea6ef4f950a92e2a4f5783
SSDEEP: 768:2eZlW/p7Sld3l3Yjybk3c+8BPQpTM0lufCVviL0Dg:llW/p62FtwuufTLMg
Details
File Type: PE32+
Yara Hits
YRP/Microsoft_Visual_Cpp_80_DLL | YRP/IsPE64 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/win_registry |
Parent Files
07366aeaaf4cc541451e35c636f53fa4
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
t$pt4H
Lc\$PHcL$0J
|$Ft8fff
@8|$&H
d$PH95
K H;H t
K(H;H(t
K0H;H0t
K8H;H8t
K@H;H@t
KHH;HHt
WinRAR
WinRAR
RarExtMapFile%u
Software\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe
\rarext.dll
\RarExtLoader.exe
RarLdrTitle%u
"%s" %s#%s
ExtLdrWindow
CorExitProcess
mscoree.dll
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
kernel32.dll
runtime error 
TLOSS error
SING error
DOMAIN error
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program: 
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
InitializeCriticalSectionAndSpinCount
GetProcessWindowStation
GetUserObjectInformationA
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
SetThreadStackGuarantee
ReleaseStgMedium
ole32.dll
LocalFree
FormatMessageA
MultiByteToWideChar
FreeLibrary
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
LoadLibraryExA
lstrcpynW
lstrcpynA
WideCharToMultiByte
lstrcpyW
CreateProcessA
GetTickCount
KERNEL32.dll
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
ADVAPI32.dll
MessageBoxA
SendMessageA
IsWindow
InsertMenuItemA
CreatePopupMenu
CopyImage
GetSysColor
LoadImageA
WaitForInputIdle
FindWindowA
wsprintfA
USER32.dll
DeleteDC
SetPixel
GetPixel
SelectObject
CreateCompatibleDC
GetObjectA
DeleteObject
GDI32.dll
DragQueryFileW
DragQueryFileA
SHGetPathFromIDListW
SHELL32.dll
COMCTL32.dll
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
GetProcAddress
GetModuleHandleA
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
LeaveCriticalSection
EnterCriticalSection
RtlUnwindEx
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RAREXT64.dll
DllCanUnloadNow
DllGetClassObject