Sample details: 726ceae15f81c1c3d92570ea7751afe8 --

Hashes
MD5: 726ceae15f81c1c3d92570ea7751afe8
SHA1: 89c632684f5cdca3b9aeb2a8a6eec859b7b641ad
SHA256: 6a942eddab96d6ba75f8604f989e215ab9aa106d66bcbcd7378af2457f6f99e8
SSDEEP: 6144:BeTaNaibprnoOsimjjd2Cu+rr9CMqqWTiqqpFKmcw5:BeeNauoOs1yMqqL
Details
File Type: PE32
Yara Hits
YRP/Borland_Cpp_DLL | YRP/Borland_Cpp_for_Win32_1999 | YRP/Borland_Cpp_DLL_additional | YRP/Borland | YRP/IsPE32 | YRP/IsConsole | YRP/IsBeyondImageSize | YRP/borland_cpp | YRP/domain | YRP/contentis_base64 | YRP/DebuggerException__SetConsoleCtrl | YRP/escalate_priv | YRP/win_registry | YRP/win_token | YRP/win_files_operation | YRP/Big_Numbers3 | YRP/CRC32_poly_Constant | YRP/RIPEMD160_Constants | YRP/SHA1_Constants |
Parent Files
07366aeaaf4cc541451e35c636f53fa4
Strings
		This program must be run under Win32
`.data
.rdata
P.idata
@.edata
@.rsrc
fb:C++HOOK
_^[YY]
_^[YY]
C,;C$s2
_^[YY]
K43K 333K
K83s$3K$3s
K<3s(3K(3s
3s,3K,3s
3s83K83s 3K 3s
3s<3K<3s$3K$3s
3s(3K(3s 3K 
3s$3K,3K$
3s(3K03K(
3s43K43s,3K,
3s83K83s03K0
3s<3K<3s43K4
s43K 3s 3K
K83s$3K$3s
K<3s(3K(3s
3s43K43s
3s83K83s 3K 3s
3s<3K<3s$3K$3s
333s(3s 
3{$3s,3s$
3{03s03{(3s(
3{43s43{,3s,
3{83s83{03s0
3s<3s4
3{8333s8
3{<3s<
s43{ 3s 3{
s83{$3s$3{
s<3s(3s
33s,3{
3{03s03{
3{43s43{
3{83s83{ 3s 3{
3s<3s$3s
333s(3s 
3{,3s,3{$3s$
3{03s03{(3s(
3{43s43{,3s,
3s03K83K0
3s43K<3K4
3s83K8
3s<3K<
K43s 3K 3s
K83K$3s
K<3K(3s
3s,3K,3s
3s03K03s
3s43K43s
3s(3K(3s 3K 
3K,3s,3K$
3s03K03s(3K(
3s,3K43K,
3s03K83K0
3s<3K<3s43K4
3s83K8
3s<3K<
Y_^[Y]
_^[YY]
_^[YY]
t Kt<Kt[
_^[YY]
_^[YY]
Rt7HtO
DtcHtl
t-hA\C
T$(;T$,
);l$8u
;D$Tt\
L$\)L$T
YZ]_^[
YZ]_^[
D$,;D$0u	
;Z$sa;Z
M;Z4s+;Z,s
std::bad_alloc
bad_alloc *
std::exception
_^[YY]
**BCCxh1
_^[YY]
_^[YY]
QVhxjC
RQh$ B
QPh$ B
H_^[Y]
e@FBC;u
BF;5plC
QUVWRSPT
0_^[Y]
tBorland C++ - Copyright 1999 Inprise Corporation
WinRAR
Software\WinRAR\Paths
AppData
?*<>|"
kernel32.dll
GetDiskFreeSpaceExA
%.*s(%d)%s
rtmp%d
SeShutdownPrivilege
rarlng.dll
__rar_
0123456789abcdef
%02.2d
a538f494a2afdb0ca5c008d34100dc71cb684672c0c511da8d95d38642fc2360
70c2441db366d92ea7be1342b3bf629026ba92bb675f06e684bdd34511097434
System Volume Information\
%s%c%s
%02u-%02u-%u %02u:%02u
%02u-%02u-%02u %02u:%02u
FFF))EE	FFFF))))))
[%c]%s
default.sfx
rar.ini
switches=
rar.log
7z;ace;arj;bz2;cab;gz;jpeg;jpg;lha;lzh;mp3;rar;taz;tgz;z;zip
%d.%02d %s %d
%d.%02d
FUADPXETK
*messages***
SeSecurityPrivilege
SeRestorePrivilege
%5lu %16s %8s %3d%%
       
%5lu %16s %8s %3d%%
 %8s %8s 
  %c....B  
 %8.8X
 %d.%d
Win95/NT
%22s %8s %4s
%22s %s
*<-?->
 %c%c%c%c%c%c%c  
%c%c%c%c%c%c%c%c%c
 (08@P`p
 (08@P`p
rar.lng
Illegal mode in _vector_delete_
Illegal mode in _vector_new_
Illegal dtorMode in _vector_new_
borlndmm
hrdir_b.c: LoadLibrary != mmdll borlndmm failed
borlndmm
@Borlndmm@SysGetMem$qqri
@Borlndmm@SysFreeMem$qqrpv
@Borlndmm@SysReallocMem$qqrpvi
no named exception thrown
bad exception thrown
bad alloc exception thrown
rwstderr
<notype>
<notype>
___CPPdebugHook
Stack Overflow!
),(((((),(((
Error 0
Invalid function number
No such file or directory
Path not found
Too many open files
Permission denied
Bad file number
Memory arena trashed
Not enough memory
Invalid memory block address
Invalid environment
Invalid format
Invalid access code
Invalid data
Bad address
No such device
Attempted to remove current directory
Not same device
No more files
Invalid argument
Arg list too big
Exec format error
Cross-device link
Too many open files
No child processes
Inappropriate I/O control operation
Executable file in use
File too large
No space left on device
Illegal seek
Read-only file system
Too many links
Broken pipe
Math argument
Result too large
File already exists
Possible deadlock
Operation not permitted
No such process
Interrupted function call
Input/output error
No such device or address
Resource temporarily unavailable
Block device required
Resource busy
Not a directory
Is a directory
Directory not empty
Unknown error
(null)
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
%H:%M:%S
%m/%d/%y
%A, %B %d, %Y
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday
January
February
August
September
October
November
December
printf : floating point formats not linked
scanf : floating point formats not linked
printf : floating point formats not linked
scanf : floating point formats not linked
Error: system code page access failure; MBCS table not initialized
%02d/%02d/%04d %02d:%02d:%02d.%03d 
kernel32.dll
GetProcAddress
Borland32
Abnormal program termination
No space for command line argument vector
No space for command line argument
No space for copy of command line
No space for copy of command line
Out of memory in _setargv0
GetEnvironmentStrings failed
Could not allocate memory for environment block
___CPPdebugHook
**BCCxh1
ADVAPI32.DLL
KERNEL32.DLL
SHELL32.DLL
USER32.DLL
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
SetFileSecurityA
SetFileSecurityW
CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DeviceIoControl
ExitProcess
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FormatMessageA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemTime
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsDBCSLeadByte
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
LocalFree
MoveFileA
MultiByteToWideChar
RaiseException
ReadConsoleA
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetEndOfFile
SetErrorMode
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetThreadPriority
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
CharLowerA
CharLowerW
CharToOemA
CharToOemBuffA
CharUpperA
CharUpperW
EnumThreadWindows
ExitWindowsEx
LoadStringA
MessageBoxA
OemToCharA
OemToCharBuffA
wsprintfA
unrar.exe
__GetExceptDLLinfo
___CPPdebugHook
NHr,g 
N0RS_MR
g~bW[&{2N
Rpencb`
\Pbkkb
X[ch^\'`
O(uS_MR
y(u(u7b
bc:N'Y
SibU\^\'`
y(u@b	g
OYu_cOW
:NUSMO
vW[xQ'Y
y:NUSMO
Rpencb`
Spenc(
Q@b	gwS
kwSKNMR
:N_cOW
O>f:y)
g~bwS 
(u7b-N
ceQ&^	g 
ck(WKm
ck(W Rd
0OHr,g,
ck(W Rd
ck(W Rd
ck(W Rd
ck(WKm
O(uS_MR
ck(WKm
ck(WSbpS 
~X[(W,
N4Y_cOW
N4Y_cOW
4Y_cOW
pencb`
Y4Y_cOW
ck(W Rd
ck(W Rd
U_X[(W
ibU\^\'`
~penc:
ibU\^\'`
[hQpenc
N4Y_cOW,
ck(Wkb
spencb`
spencb`
Rpencb`
penc_cOW
vpenc 
[hQpenc
[hQpenc
[hQpenc_cOW
[hQpenc
Ampenc_cOW
Ampenc
ibU\^\'`_cOW
vibU\^\'`
ibU\^\'`0R 
vibU\^\'`
ibU\^\'`
vpenc4Y,
vpenc4Y<h
pencWW
penc4Y{|
wS"N1Y
*NW[&{
{@b	gwS
{<:y&q?	
{<:y&q?	
PADDINGXXPADDINGPADDINGXXPADDINGPADD