Sample details: 85b4c9bed9996aa7681972b4411b7a3d --

Hashes
MD5: 85b4c9bed9996aa7681972b4411b7a3d
SHA1: 0034808dd893f7462a577ce883157fcdb97d873d
SHA256: a857ebb10e424e3f4f2d648ccc5685fc0ab827d54b3260a962dace20a44347bb
SSDEEP: 768:uAS6oUeA5rNfuoFob6rZc49a9nNXejTMiMGBcPdo++:uAc4JNfuoFoz49+GyP
Details
File Type: PE32
Added: 2018-03-07 05:47:49
Yara Hits
YRP/Borland_Cpp_additional | YRP/Borland_Cpp_for_Win32_1995_additional | YRP/Borland_Cpp_for_Win32_1995 | YRP/Borland_Cpp | YRP/Borland | YRP/IsPE32 | YRP/IsConsole | YRP/domain | YRP/contentis_base64 | YRP/DebuggerException__SetConsoleCtrl | YRP/win_files_operation | YRP/Big_Numbers0 |
Source
http://201.6.146.2/albino//rrz.exe
http://201.6.146.2/albino/rrz.exe
Strings
		This program must be run under Win32
.idata
.edata
@.reloc
P.rsrc
_^[YY]
**BCCxh1U
_^[YY]
typeinfo *
Bad_typeid
Bad_cast
typeinfo
_^[YY]
_^[YY]
G<ru	3
_^[YY]
_^[YY]
_^[YY]
<a|	<z
tcJt:Jtp
Borland C++ - Copyright 1995 Borland Intl.
00000000
0000|0000|000000|0000|0000|0000|0000|00000000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000|00000000000000
00000000|000000
000000|0000|000000|000000
00000000000000000000|00.000.000/0000-00|000
@(#) rrz - Copyright (c) 2014 - Recupera Dados de Redu
           Release: %d.%02d em Apr  7 2014 13:55:41
_0003.209
_0003.213
_0003.303
_0003.208
_0003.113
_0003.204
_0003.211
_0003.219
_0003.210
_0003.214
Uso: rrz diret
rio_trace prefixo_trace arquivo_LOG
mero de par
metros inv
Tamanho de prefixo inv
lido (1 a 3 caracteres)
Nenhum arquivo v
lido encontrado
Erro no acesso ao arquivo '%s'
Errno = %d - %s
Erro na aloca
o de mem
Errno = %d - %s
Arquivo TRACE corrompido - n
o recuperou dados de comando
Falta comando no arquivo TRACE: '%s' %s;
  Trace %s%04d  
quina %s
Erro na pesquisa por arquivos (%d)
pia: %s)
(%s -> %s)
pia: %s)
pia: %s)
Unknown error
<notype>
**BCCxh1
__GetExceptDLLinfo
Stack Overflow!
Error 0
Invalid function number
No such file or directory
Path not found
Too many open files
Permission denied
Bad file number
Memory arena trashed
Not enough memory
Invalid memory block address
Invalid environment
Invalid format
Invalid access code
Invalid data
Bad address
No such device
Attempted to remove current directory
Not same device
No more files
Invalid argument
Arg list too big
Exec format error
Cross-device link
Too many open files
No child processes
Inappropriate I/O control operation
Executable file in use
File too large
No space left on device
Illegal seek
Read-only file system
Too many links
Broken pipe
Math argument
Result too large
File already exists
Possible deadlock
Operation not permitted
No such process
Interrupted function call
Input/output error
No such device or address
Resource temporarily unavailable
Block device required
Resource busy
Not a directory
Is a directory
Filename too long
Unknown error
(null)
),(((((),(((
         !!!!!                  
@@@@@@@@@@@@@@@
@@@@@@@
@@@@@@
printf : floating point formats not linked
scanf : floating point formats not linked
%02d/%02d/%04d %2d:%02d:%02d.%02d 
kernel32.dll
GetProcAddress
Borland32
Abnormal program termination
No space for copy of command line
No space for command line argument vector
No space for command line argument
Out of memory in _setargv0
Could not allocate memory for environment block
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
KERNEL32.dll
USER32.dll
GetModuleFileNameA
DeleteFileA
EnterCriticalSection
CloseHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
CreateFileA
GetCommandLineA
GetCurrentDirectoryA
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
FindNextFileA
ExitProcess
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetTimeZoneInformation
GetVersion
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile
GetLocalTime
MessageBoxA
EnumThreadWindows
rrz.exe
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo
0.060>0G0]0i0
10151B1N1S1X1f1{1
2 2A2H2Q2X2_2f2m2{2
3*30353J3O3\3f3n3t3
4+40454D4I4[4`4o4t4
5!5&5,515Q5_5e5~5
6&6/646A6F6L6Q6g6{6
7!7&7,797>7D7Q7V7\7i7n7t7
8 8+8}8
:6:I:N:~:
;	;$;7;>;T;g;l;
<"<2<9<O<_<d<z<
=F?S?Z?_?
2f4|4{5
0W0	1s1z1
2M2S2W2]2a2n2v2
?'?.?5?C?Q?V?c?q?v?
9<9I9[9n9U:~:
>&>1>@>J>X>c>s>
?%?+?/?x?
0c0j0v0~0
9N9`9q9v9
;#;0;6;>;R;o;w;
?J?U?y?
0 020g0l0v0|0
2C2M2h2s2
3.4:4P4:5B5R5^5j5=6}6
6$7L7Z7b7
7f8r8}8
:N;T;Z;`;f;y;
<$<J<|<
<E=U=j=p=
>'>O>}>
0,0C0~0
2<2F2O2^2h2
2D3K3Q3v3
5V5e5o5
7J9P9V9\9b9h9n9t9z9
:":(:.:4:::@:
,0004080D0H0L0T0t0x0|0
0t2x2|2
646D6d6
> >$>(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>
5<6@6D6L6x7|7
8<9@9V9\9b9h9n9t9z9