Sample details: 704cdb27117cc3087de93533818002b1 --

Hashes
MD5: 704cdb27117cc3087de93533818002b1
SHA1: 0ee58f2a62ce8b577cae6ea0e75b9fdd86006594
SHA256: d0dcad9e8ad7ecdf76c5d874cd246613dd9d55ec55ffaefd59c1a93fafdeba8d
SSDEEP: 384:Pd7PSIAkj4dbjii8MprR1Ni/MCjlEyKz1JT7VD0aoCC:17PSIAkj4ZP1U/DGp1JT7V4aoCC
Details
File Type: PE32
Yara Hits
YRP/Armadillo_v171 | YRP/Microsoft_Visual_Cpp_v60 | YRP/Installer_VISE_Custom_additional | YRP/Microsoft_Visual_Cpp_v50v60_MFC_additional | YRP/Microsoft_Visual_Cpp_50 | YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/Armadillo_v171_additional | YRP/Installer_VISE_Custom | YRP/Armadillo_v4x | YRP/Microsoft_Visual_Cpp | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/Dropper_Strings | YRP/win_registry |
Parent Files
6e1078156a9456706e5655dbe7cf9c1b
Strings
		!This program cannot be run in DOS mode.
Rich.w
`.rdata
@.data
D$8jkP
YYh `@
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
DSUVWh
t.;t$$t(
VC20XC00U
[Sh8T@
"WWSh4T@
^Vh8T@
PVh4T@
tPhxT@
__GLOBAL_HEAP_SELECTED
__MSVCRT_HEAP_SELECT
runtime error 
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program: 
<program name unknown>
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
lstrcpyA
lstrlenA
GetTickCount
GetModuleFileNameA
KERNEL32.dll
DispatchMessageA
TranslateMessage
GetMessageA
LoadStringA
RegisterClassExA
LoadCursorA
LoadIconA
UpdateWindow
ShowWindow
CreateWindowExA
PostQuitMessage
DefWindowProcA
DestroyWindow
PostMessageA
FindWindowA
wsprintfA
USER32.dll
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
ADVAPI32.dll
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
/NOTIFY
/CU_UNINSTALL
/CU_INSTALL
/UNINSTALL
/INSTALL
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"%s" /%s "%s" "%s" "%s"
NOTIFY