Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: 71fd74df7bf558f85462c60a40b4ac92 --

Hashes
MD5: 71fd74df7bf558f85462c60a40b4ac92
SHA1: 55a03eb940b5d2159b5ab62c3f6be066424e8686
SHA256: f3af7eed8a943311eac8536c3e7591f18571051694bc031d1a30e38793611fa0
SSDEEP: 3072:BFwB2OBi2FXU2SoaLvzhXC1/ZDO0lTlaw7tJB5ulnp82oUA:BFw4yi26oaLrpaZ9lFWJoU
Details
File Type: PE32
Yara Hits
YRP/Armadillo_v1xx_v2xx_additional | YRP/Microsoft_Visual_Cpp_v70_DLL | YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/Microsoft_Visual_Cpp_60_DLL_Debug | YRP/Armadillo_v1xx_v2xx | YRP/Microsoft_Visual_Cpp_v60_DLL | YRP/Microsoft_Visual_Cpp_60 | YRP/Armadillov1xxv2xx | YRP/IsPE32 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/CRC32_poly_Constant | YRP/CRC32b_poly_Constant | YRP/RijnDael_AES_CHAR | YRP/RijnDael_AES_LONG |
Parent Files
07366aeaaf4cc541451e35c636f53fa4
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
@.reloc
2AABBf;
CCEEf;
F(;F0r
ItSItFIt>It2It!Iux
9~|~!;~pt
8_htAh
u/!F0!F4
Nt}NtFNt1Nt
t4Ht"Ht
x0C;^D|
_^][YY
u ;~D|
tXIt>It0It
Su(8L$
L$,_^]
t$,_^]3
T$<SUV
L$<_^][d
L$ _^][d
QSVh`L
#T$0#D$,
/AE;L$8u
;L$ds7
;T$hs-
D$(;D$
D$(;D$
L$(;L$
9F _^]
9NLtr;
T$0_^]
D$0_^]
L$0_^]
D$0_^]
L$0_^]
D$0)t$
D$4]_^[
QQSVWd
t.;t$$t(
uRFGHt
FLVh`x
VC20XC00U
sO;>|C;~
uf9=8~
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
HSVHWtgHHtF
PPPPPPPP
PPPPPPPP
^}%95|R
 (08@P`p
 (08@P`p
__GLOBAL_HEAP_SELECTED
__MSVCRT_HEAP_SELECT
runtime error 
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program: 
<program name unknown>
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
H:mm:ss
dddd, MMMM dd, yyyy
M/d/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
CharUpperA
CharUpperW
USER32.dll
OLEAUT32.dll
MultiByteToWideChar
WideCharToMultiByte
GetLastError
CloseHandle
SetLastError
WriteFile
GetSystemInfo
GetProcAddress
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
GetVersionExA
DeleteCriticalSection
VirtualAlloc
VirtualFree
WaitForSingleObject
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
HeapAlloc
RaiseException
HeapFree
RtlUnwind
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetCommandLineA
GetVersion
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
KERNEL32.dll
7zxa.dll
CreateObject
GetHandlerProperty2
GetHandlerProperty
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode
.?AVCNewException@@
.?AUCSystemException@@
.?AUCInBufferException@@
.?AUCOutBufferException@@
.?AVCInArchiveException@N7z@NArchive@@
.?AVtype_info@@
""""""""""""""""""""""""""""""
0yyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"0
0yyyyyyyyyyyyyyy
000000000
0yyyyyyyyyyyyy
0yyyyy
3333333
DDDDD;
3333333333333330;
DDDDDDDD;
DDDDDDDD;
D33333333D
DDDDDDDD
DDDDDDDD
1(1F1R1
=F>M>T>[>b>i>p>
?7?T?q?
T0f0m0t0{0
2%292k2
3?4W4o4
1!2H2m2
5 6>6I6Y6~6
0!0<0L0
5!6'696%717
788J8p8
=;=T=">
5s7O9a;
3(4-474T4e4
4)5<5Q5
>">)>0>U>
<#=I=h=W?|?
070W0w0
1'1Q1c1
5=6D6K6R6Y6|6
=!>G>N>U>\>c>x>
0(1H1L1P1T1X1\1C6
1(2N2m2
3W3^3e3l3s3
;Q;a;q;w;
<	<$<<<N<T<
=*>H?U?\?
758E8v8{8
:#:J:Q:
;%;2;`;l;
<"<.<5<A<H<
=5=A=S=b=p=
> >/>N>Y>g>y>
?#?5?A?P?n?{?
020H0\0s0
696A6U6s6|7
9$94999]9
?%?,?0?4?8?<?@?D?H?
00070<0@0D0a0
0*1014181<1
1#212:2?2
3%3,3034383<3@3D3H3
40474<4@4D4a4
4*5054585<5
7,888B8f8k8
8'9R9G:N:]:e:p:v:|:
<'</<7<M<U<]<e<m<
?-?P?V?b?r?y?
0,030;0A0G0R0Z0
323=3C3H3N3[3x3~3
7&777=7P7
7R;^;m;s;
=2>8>Q>
+0A2W2d2j2o2v2|2
;6;B;H;U;e;k;s;
;D<\<b<n<s<
< =+=0=:=?=w=
0:1@1J1r1w1
11272i2v2
5&6-6B6t6~6
7A7G7T7u7
7=8I8S8g8u8
879|9_:x:
;$<1<?<J<]<
=/=D=Z=a=
3(4:4I4j4p4
5.5:5D5O5Y5c5i5
5S6Y6w6
7&787F7U7f7t7}7
9&9,929s9
;6<s<x<
?'?8?K?c?
3.314E4Y4m4
5!5-5W5
5	6I6]6t6
7-7C7W7
8)8=8Q8e8y8
:%:W:i:
>)>M>a>u>
>$?A?]?
131[1m1
595Q5a5
5	6)6L6i6
014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2
4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
5 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5
6 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
: :$:(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
:4;8;L<P<`<l<
= =0=8=<=D=H=T=X=h=p=t=
1 1$1,101
3 3<3D3L3T3t3
4$404L4T4t4
5 5<5D5d5h5|5
6$606L6T6\6h6
7$707L7T7\7d7l7x7
8 8<8D8P8l8x8
949<9D9L9T9`9|9
: :<:H:d:p:
;$;,;4;<;D;L;T;\;d;l;t;|;
<$<,<4<<<D<L<T<`<|<
=4=@=\=h=p=
>8>L>\>l>x>
?$?0?L?X?t?|?
0,040@0\0d0l0t0|0
1$1@1T1`1h1
2$2,242<2H2d2p2x2
343<3H3P3
4,484T4`4|4
5(5D5P5l5x5
646<6D6L6T6\6d6l6t6|6
7$7,747@7\7d7l7t7|7
8,888T8`8|8
9,989T9`9|9
:$:0:L:X:t:|:
;,;8;T;`;h;
; <4<<<D<T<\<d<t<
= =<=D=L=T=\=h=
> ><>H>d>l>t>
?$?,?<?H?P?
0,080@0p0|0
1(1D1L1X1t1
2$202L2X2t2
0 0$0(0,0004080<0@0D0H0L0P0\0`0d0x0
101X1`1
40848@8P8T8`8p8t8
909@9`9d9p9
?$?,?4?<?D?L?T?\?d?l?
4 4$4(4,4044484<4@4D4H4L4P4`4d4h4l4p4t4x4|4