Sample details: 70804ac16e1efd470a7b685aa673d71b --

Hashes
MD5: 70804ac16e1efd470a7b685aa673d71b
SHA1: a0795e19af09162c457cb40e67c778af76d06fa0
SHA256: 8694c39f34cef59352acb6bd4ad09534e7a984e0f7cf14ea2b8d6700858af9ce
SSDEEP: 1536:IHYDuXEgoSXAf3soA0CNLBlVdshMb+KR0Nc8QsJq39:HbgrUsoAxJ8e0Nc8QsC9
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/network_tcp_socket | YRP/win_mutex | YRP/win_files_operation | YRP/BASE64_table | YRP/Str_Win32_Winsock2_Library |
Source
http://miicrosoft.cloud/msupdate.png
http://miicrosoft.cloud/msupdate.png
Strings
          	            !This program cannot be run in DOS mode.
`.rdata
@.data
fU}UMj:R
P9Rs|C
EURPVh`
AEQPPRhXF
PRhhK@
"PPQh7
[RPWWQh
K.WPh 
nj	P?&K
usPPPqE
z^[_E( 0
_d3U[]
@9HjgC
t^Ht0H
-[|A,XI
q*Yp:t
qp>P|)'
+Q/5-2
~0000g
F5F:[<.
<</t"<
SSSSSSSS
EL#^[]
;T$YwCr
(null)
0123456789abcdef
0123456789ABCDEF
0123456789abcdef
0123456789ABCDEF
0123456789
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@>@@@?456789:;<=@@@@@@@
@@@@@@
 !"#$%&'()*+,-./0123@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
fprintf
strchr
_pctype
__mb_cur_max
_isctype
printf
signal
malloc
calloc
fflush
fclose
perror
strncpy
strstr
strncmp
_errno
__p__wenviron
__p__environ
realloc
strspn
strerror
wcscpy
wcslen
_close
wcsncmp
strrchr
MSVCRT.dll
__dllonexit
_onexit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
SetLastError
FreeEnvironmentStringsW
GetEnvironmentStringsW
GlobalFree
GetCommandLineW
TlsAlloc
TlsFree
DuplicateHandle
GetCurrentProcess
SetHandleInformation
CloseHandle
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetTimeZoneInformation
FileTimeToLocalFileTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
FormatMessageA
GetLastError
WaitForSingleObject
CreateEventA
SetStdHandle
SetFilePointer
CreateFileA
CreateFileW
GetOverlappedResult
DeviceIoControl
GetFileInformationByHandle
LocalFree
GetFileType
CreateMutexA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
ReleaseMutex
SetEvent
LeaveCriticalSection
TerminateProcess
GetExitCodeProcess
GetVersionExA
GetProcAddress
LoadLibraryA
WriteFile
ReadFile
PeekNamedPipe
KERNEL32.dll
AllocateAndInitializeSid
FreeSid
ADVAPI32.dll
WSOCK32.dll
WSASend
WSARecv
WS2_32.dll
_strnicmp
_strdup
%s: Cannot use concurrency level greater than total number of requests
%s: Invalid Concurrency [Range 0..%d]
%s: invalid URL
%s: wrong number of arguments
User-Agent:
Accept:
Proxy-Authorization: Basic 
Proxy credentials too long
Authorization: Basic 
Authentication credentials too long
Cookie: 
Cannot mix PUT and HEAD
Cannot mix POST and HEAD
Cannot mix POST/PUT and HEAD
Invalid number of requests
n:c:t:b:T:p:u:v:rkVhwix:y:z:C:H:P:A:g:X:de:Sq
bgcolor=white
Total of %d requests completed
..done
Finished %d requests
apr_socket_connect()
Test aborted after 10 failures
Server timed out
apr_poll
apr_sockaddr_info_get() for %s
error creating request buffer: out of memory
INFO: %s header == 
Request too long
%s %s HTTP/1.0
%s%s%sContent-length: %u
Content-type: %s
text/plain
%s %s HTTP/1.0
%s%s%s%s
Connection: Keep-Alive
Accept: */*
User-Agent: ApacheBench/
Host: 
apr_pollset_create failed
(be patient)%s
[through %s:%d] 
Benchmarking %s 
%s: %s (%d)
Send request failed!
Send request timed out!
%s	%I64d	%I64d	%I64d	%I64d	%I64d
starttime	seconds	ctime	dtime	ttime	wait
Cannot open gnuplot output file
%d,%.3f
Percentage served,Time in ms
Cannot open CSV output file
  %d%%  %5I64d
 100%%  %5I64d (longest request)
 0%%  <0> (never)
Percentage of the requests served within a certain time (ms)
Total:      %5I64d %5I64d%5I64d
Processing: %5I64d %5I64d%5I64d
Connect:    %5I64d %5I64d%5I64d
              min   avg   max
WARNING: The median and mean for the total time are not within a normal deviation
        These results are probably not that reliable.
ERROR: The median and mean for the total time are more than twice the standard
       deviation apart. These results are NOT reliable.
WARNING: The median and mean for the waiting time are not within a normal deviation
        These results are probably not that reliable.
ERROR: The median and mean for the waiting time are more than twice the standard
       deviation apart. These results are NOT reliable.
WARNING: The median and mean for the processing time are not within a normal deviation
        These results are probably not that reliable.
ERROR: The median and mean for the processing time are more than twice the standard
       deviation apart. These results are NOT reliable.
WARNING: The median and mean for the initial connection time are not within a normal deviation
        These results are probably not that reliable.
ERROR: The median and mean for the initial connection time are more than twice the standard
       deviation apart. These results are NOT reliable.
Total:      %5I64d %4I64d %5.1f %6I64d %7I64d
Waiting:    %5I64d %4I64d %5.1f %6I64d %7I64d
Processing: %5I64d %4I64d %5.1f %6I64d %7I64d
Connect:    %5I64d %4I64d %5.1f %6I64d %7I64d
              min  mean[+/-sd] median   max
Connection Times (ms)
                        %.2f kb/s total
                        %.2f kb/s sent
Transfer rate:          %.2f [Kbytes/sec] received
Time per request:       %.3f [ms] (mean, across all concurrent requests)
Time per request:       %.3f [ms] (mean)
Requests per second:    %.2f [#/sec] (mean)
HTML transferred:       %I64d bytes
Total PUT:              %I64d
Total POSTed:           %I64d
Total transferred:      %I64d bytes
Keep-Alive requests:    %d
Non-2xx responses:      %d
Write errors:           %d
   (Connect: %d, Receive: %d, Length: %d, Exceptions: %d)
Failed requests:        %d
Complete requests:      %d
Time taken for tests:   %.3f seconds
Concurrency Level:      %d
Document Length:        %u bytes
Document Path:          %s
Server Port:            %hu
Server Hostname:        %s
Server Software:        %s
</table>
<tr %s><th %s>Total:</th><td %s>%5I64d</td><td %s>%5I64d</td><td %s>%5I64d</td></tr>
<tr %s><th %s>Processing:</th><td %s>%5I64d</td><td %s>%5I64d</td><td %s>%5I64d</td></tr>
<tr %s><th %s>Connect:</th><td %s>%5I64d</td><td %s>%5I64d</td><td %s>%5I64d</td></tr>
<tr %s><th %s>&nbsp;</th> <th %s>min</th>   <th %s>avg</th>   <th %s>max</th></tr>
<tr %s><th %s colspan=4>Connnection Times (ms)</th></tr>
<tr %s><td colspan=2 %s>&nbsp;</td><td colspan=2 %s>%.2f kb/s total</td></tr>
<tr %s><td colspan=2 %s>&nbsp;</td><td colspan=2 %s>%.2f kb/s sent</td></tr>
<tr %s><th colspan=2 %s>Transfer rate:</th><td colspan=2 %s>%.2f kb/s received</td></tr>
<tr %s><th colspan=2 %s>Requests per second:</th><td colspan=2 %s>%.2f</td></tr>
<tr %s><th colspan=2 %s>HTML transferred:</th><td colspan=2 %s>%I64d bytes</td></tr>
<tr %s><th colspan=2 %s>Total PUT:</th><td colspan=2 %s>%I64d</td></tr>
<tr %s><th colspan=2 %s>Total POSTed:</th><td colspan=2 %s>%I64d</td></tr>
<tr %s><th colspan=2 %s>Total transferred:</th><td colspan=2 %s>%I64d bytes</td></tr>
<tr %s><th colspan=2 %s>Keep-Alive requests:</th><td colspan=2 %s>%d</td></tr>
<tr %s><th colspan=2 %s>Non-2xx responses:</th><td colspan=2 %s>%d</td></tr>
<tr %s><td colspan=4 %s >   (Connect: %d, Length: %d, Exceptions: %d)</td></tr>
<tr %s><th colspan=2 %s>Failed requests:</th><td colspan=2 %s>%d</td></tr>
<tr %s><th colspan=2 %s>Complete requests:</th><td colspan=2 %s>%d</td></tr>
<tr %s><th colspan=2 %s>Time taken for tests:</th><td colspan=2 %s>%.3f seconds</td></tr>
<tr %s><th colspan=2 %s>Concurrency Level:</th><td colspan=2 %s>%d</td></tr>
<tr %s><th colspan=2 %s>Document Length:</th><td colspan=2 %s>%u bytes</td></tr>
<tr %s><th colspan=2 %s>Document Path:</th><td colspan=2 %s>%s</td></tr>
<tr %s><th colspan=2 %s>Server Port:</th><td colspan=2 %s>%hu</td></tr>
<tr %s><th colspan=2 %s>Server Hostname:</th><td colspan=2 %s>%s</td></tr>
<tr %s><th colspan=2 %s>Server Software:</th><td colspan=2 %s>%s</td></tr>
<table %s>
socket receive buffer
socket send buffer
socket nonblock
socket
Completed %d requests
Content-length:
Content-Length:
keep-alive
Keep-Alive
LOG: Response code = %s
WARNING: Response code not 2xx (%s)
Server:
LOG: header received:
apr_socket_recv
 Licensed to The Apache Software Foundation, http://www.apache.org/<br>
 Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/<br>
 This is ApacheBench, Version %s <i>&lt;%s&gt;</i><br>
$Revision: 655654 $
Licensed to The Apache Software Foundation, http://www.apache.org/
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
This is ApacheBench, Version %s
2.3 <$Revision: 655654 $>
    -h              Display usage information (this message)
    -r              Don't exit on socket receive errors.
    -e filename     Output CSV file with percentages served
    -g filename     Output collected data to gnuplot format file.
    -S              Do not show confidence estimators and warnings.
    -d              Do not show percentiles served table.
    -k              Use HTTP KeepAlive feature
    -V              Print version number and exit
    -X proxy:port   Proxyserver and port number to use
    -P attribute    Add Basic Proxy Authentication, the attributes
                    are a colon separated username and password.
    -A attribute    Add Basic WWW Authentication, the attributes
                    Inserted after all normal header lines. (repeatable)
    -H attribute    Add Arbitrary header line, eg. 'Accept-Encoding: gzip'
    -C attribute    Add cookie, eg. 'Apache=1234. (repeatable)
    -z attributes   String to insert as td or th attributes
    -y attributes   String to insert as tr attributes
    -x attributes   String to insert as table attributes
    -i              Use HEAD instead of GET
    -w              Print out results in HTML tables
    -v verbosity    How much troubleshooting info to print
                    Default is 'text/plain'
                    'application/x-www-form-urlencoded'
    -T content-type Content-type header for POSTing, eg.
    -u putfile      File containing data to PUT. Remember also to set -T
    -p postfile     File containing data to POST. Remember also to set -T
    -b windowsize   Size of TCP send/receive buffer, in bytes
    -t timelimit    Seconds to max. wait for responses
    -c concurrency  Number of multiple requests to make
    -n requests     Number of requests to perform
Options are:
Usage: %s [options] [http://]hostname[:port]/path
SSL not compiled in; no https support
https://
http://
ab: Could not read POST data file: %s
ab: Could not allocate POST data buffer
ab: Could not stat POST data file (%s): %s
ab: Could not open POST data file (%s): %s
apr_global_pool
%d.%d%c
KMGTPE
%s: illegal option -- %c
%s: option requires an argument -- %c
CommandLineToArgvW
apr_initialize
0123456789.
0.0.0.0
bogus %p
No host data of that type was found
Host not found
Graceful shutdown in progress
WSAStartup not yet called
Winsock version out of range
Network system is unavailable
Too many levels of remote in path
Stale NFS file handle
Disc quota exceeded
Too many users
Too many processes
Directory not empty
No route to host
Host is down
File name too long
Too many levels of symbolic links
Connection refused
Connection timed out
Too many references, can't splice
Can't send after socket shutdown
Socket is not connected
Socket is already connected
No buffer space available
Connection reset by peer
Software caused connection abort
Net connection reset
Network is unreachable
Network is down
Can't assign requested address
Address already in use
Address family not supported
Protocol family not supported
Operation not supported on socket
Socket type not supported
Protocol not supported
Bad protocol option
Protocol wrong type for socket
Message too long
Destination address required
Socket operation on non-socket
Operation already in progress
Operation now in progress
Operation would block
Too many open sockets
Invalid argument
Bad address
Permission denied
Bad file number
Interrupted system call
APR does not understand this error code
Error string not specified yet
passwords do not match
This function has not been implemented on this platform
There is no error, this value signifies an initialized error code
Shared memory is implemented using a key system
Shared memory is implemented using files
Shared memory is implemented anonymously
Could not find specified socket in poll list.
End of file found
Missing parameter for the specified command line option
Bad character specified on command line
Partial results are valid but processing is incomplete
The timeout specified has expired
The specified child process is not done executing
The specified child process is done executing
The specified thread is not detached
The specified thread is detached
Your code just forked, and you are currently executing in the parent process
Your code just forked, and you are currently executing in the child process
Internal error
The process is not recognized.
The given path contained wildcard characters
The given path is misformatted or contained invalid characters
The given path was above the root path
The given path is incomplete
The given path is relative
The given path is absolute
The specified network mask is invalid.
The specified IP address is invalid.
DSO load failed
No shared memory is currently available
No thread key structure was provided and one was required.
No thread was provided and one was required.
No socket was provided and one was required.
No poll structure was provided and one was required.
No lock was provided and one was required.
No directory was provided and one was required.
No time was provided and one was required.
No process was provided and one was required.
An invalid socket was returned
An invalid date has been provided
A new pool could not be created.
Unrecognized Win32 error code %d
CancelIo
GetCompressedFileSizeA
GetCompressedFileSizeW
ZwQueryInformationFile
GetSecurityInfo
GetNamedSecurityInfoA
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
ntdll.dll
shell32
ws2_32
mswsock
advapi32
kernel32
C:\local0\asf\release\build-2.2.14\support\Release\ab.pdb