Sample details: 99a7a301a29441db95bf25f2d6e7037d --

Hashes
MD5: 99a7a301a29441db95bf25f2d6e7037d
SHA1: f4a32d76aa2d5e77c6632769f5fe3ea95669c47b
SHA256: 3b7a0ef0ca48ff2c3d9511303003bb778df7842c5e782e9d9443d400b67eb791
SSDEEP: 6144:AzfSuP18PD8rP/C0SGIBXnnEmIPIAGfeC0fn0DmZHEPAE:ifSEPkEmIZw
Details
File Type: PE32
Yara Hits
YRP/MingWin32_GCC_3x | YRP/Microsoft_Visual_Cpp_v71_DLL_Debug_additional | YRP/MingWin32_v_h_additional | YRP/MinGW_GCC_3x_additional | YRP/Microsoft_Visual_Cpp_v71_DLL_Debug | YRP/MinGW_GCC_3x | YRP/MingWin32_GCC_3x_additional | YRP/MingWin32_v_h | YRP/MingWin32_Dev_Cpp_v4x_h_additional | YRP/MingWin32_v | YRP/MingWin32_Dev_Cpp_v4x_h | YRP/MinGWGCC3x | YRP/IsPE32 | YRP/IsConsole | YRP/MinGW_1 | YRP/domain | YRP/url | YRP/contentis_base64 | YRP/escalate_priv | YRP/win_registry | YRP/win_token | YRP/CRC32_poly_Constant |
Strings
		!This program cannot be run in DOS mode.
`.data
.rdata
.idata
L$89L$Hv9
L$09L$@v%
D$,9T$,
;T$<w5r
;D$8w-
rH;D$0vB
<qtP<s
El@;Et
\$P9t$h
D$D(9D$h
P0;T$,
P0;T$,
D$09L$4
s$;t$l
9T$,sP
\$,9T$,r
\$09\$
D$49D$d
)\$,;D$8
\$h9L$4
l$ 9l$$
D$ 9D$$
l$ 9l$$
D$ 9D$$
D$ 9D$$s
D$ 9D$$
D$x9D$t
|$t;l$,
D$,x%1
D$\)T$0
F8D$'u
T$L;D$
T$L;D$
<ft)<p
L$$9L$ |
;D$0un
T$H9T$D
T$09T$ 
T$H9T$D
+D$<u	
D$(;L$T
D$1<)v
;D$tuO
9T$lt>
L$\9L$P
T$(9D$ 
v@;D$L
D$/JuZ
L$l9L$`
T$89D$0
v@;D$\
}<ot%<rt=
t$89l$8
9|$(st
t$ 93vO
T$p;D$0
D$$9|$$
;\$8}7
9\$$~O
L$,9t$,
F;t$ r
F;t$ r
9D$0t~
|$4d~+
l$,9D$,}J
D$,9T$,|
F;t$0r
|$@?~p
F;t$8r
L$(A;L$ 
L$(A;L$ 
L$(A;L$ 
L$(A;L$ 
L$(A;L$ 
L$(A;L$ 
L$(A;L$ 
L$(A;L$ wS
;L$ w$
B4CUNG
;D$dv$
+D$`t-
D$\9D$`
+D$`t-
D$\9D$`r'
+D$`t-
+D$`t-
+D$Pt-
vp	D$<
D$L9D$P
+D$Pt-
D$L9D$Pr'
+D$Pt-
+D$Pt-
+D$0t-
D$,9D$0
+D$0t-
D$,9D$0r'
+D$0t-
+D$0t-
;D$Tt8
																
ERROR: can't alloc %lu memory bytes
ERROR: can't close file %s
SparseDecompression?
tempfile
arc.ini
[External compressor:
--noarcext
  http://freearc.org  2010-05-20
Usage: unarc command [options] archive[.arc] [filenames...]
Available commands:
  l - display archive listing
  v - display verbose archive listing
  e - extract files into current directory
  x - extract files with pathnames
  t - test archive integrity
Available options:
  -ap{Path}   - set base directory inside archive
  -dp{Path}   - set destination path
  -w{Path}    - set temporary files directory
  -ld{Mem}    - limit memory used for decompression (-ld- means no limit)
  -o+         - overwrite existing files
  -o-         - don't overwrite existing files
  --noarcext  - don't add default extension to archive name
  -cfg{Path}  - config file name (default: arc.ini, -cfg- means no config)
  --          - no more options
ERROR: file %s failed CRC check
ERROR: archive structure corrupted (decompression of control block failed)
ERROR: unsupported compression method "%s"
ERROR: archive structure corrupted (control block failed CRC check)
ERROR: can't read %lu bytes
ERROR: archive structure corrupted (bad data)
ERROR: archive structure corrupted (bad string)
ERROR: this is not FreeArc archive or this archive is corrupt
ERROR: file write operation failed
Skipping
Testing
Extracting
ERROR: can't open file %s
ERROR: unsupported compression method %s
ERROR: archive data corrupted (decompression fails)
%s %s\
%s %s (%llu bytes)
All OK
Listing
. %s archive: %s
Valid answers: Y - yes, N - no, A - overwrite all, S - skip all, Q - quit
Overwrite %s ?
(Y)es / (N)o / (A)lways / (S)kip all / (Q)uit? 
Extraction aborted
Date/time              Attr            Size          Packed      CRC Filename
-----------------------------------------------------------------------------
Date/time                  Size Filename
----------------------------------------
-----------------------------------------------------------------------------
%.0lf files, %.0lf bytes, %.0lf compressed
----------------------------------------
_.D.....
.......
%s %s %15.0lf %15.0lf %08x
%s       -dir-
%s %11.0lf
+serpent-
+blowfish-
+twofish-
_ERROR: archive structure corrupted (descriptor failed CRC check)
ERROR: archive structure corrupted (strange descriptor)
ERROR: archive structure corrupted (footer block not found)
FreeArc 0.666 unpacker
Error(s) found
All OK
-c1 -M4000m -K80m                       
Allocated %4d mb, addr=%p
There is  %*ld percent of memory in use.
There are %*I64d total Mbytes of physical memory.
There are %*I64d free Mbytes of physical memory.
There are %*I64d total Mbytes of paging file.
There are %*I64d free Mbytes of paging file.
There are %*I64d total Mbytes of virtual memory.
There are %*I64d free Mbytes of virtual memory.
There are %*I64d free Mbytes of extended memory.
GlobalMemoryStatusEx
%Y-%m-%d %H:%M:%S
GetLargePageMinimum
ERROR: can't alloc %lu memory bytes
ERROR: can't close file %s
encryption?
GetCompressionMem
GetDecompressionMem
UpdateCRC
SetCompressionThreads
Set_compress_all_at_once
ERROR: can't alloc %lu memory bytes
INTERNAL ERROR: Overflow of compression methods table
INTERNAL ERROR: Overflow of external compression methods table
storing
progress
has_progress?
lzma_decompress
fastest
normal
dict_decompress
delta_decompress
SparseDecompression?
rep_decompress
VeryFast?
lzp_decompress
Z2fQ`write
ppmd_compress2
ppmd_decompress2
ppmd_de_compress
ERROR: can't alloc %lu memory bytes
ERROR: can't close file %s
external?
nosolid?
freearc
tempfile
data7777
Compressing
%s %s bytes with %s
Errorlevel=%d
quasiwrite
Unpacking
{options}
option
$$arcdatafile$$.tmp
$$arcdatafile$$.pmm
ppmonstr e -o%d -m%d -r%d %s
ppmonstr d %s
[External compressor:
$$arcpackedfile$$.tmp
packcmd
unpackcmd
datafile
packedfile
default
{compressor}
[External compressor:tempfile]
nosolid?
%d*%d%s
nosolid?
------------------------------------------------------------
Error:   insufficient memory available
Error:   unknown command '%s'
Error:   not compatible file format
Error:   file is corrupted
Error:   file(s) not found '%s'
Error:   problem creating directory '%s'
Error:   can't open file '%s'
Error:   can't write to output file
Error:   can't read from input file
tta_decompress
%d*%d%s
ERROR: can't alloc %lu memory bytes
quasiwrite
Fatal error: putbuf %d in buffer of size %d
Fatal error: HuffmanTree::n=%d is larger than maximum allowed value %d
Fatal error: DistanceCoder::_extra_bits[%d] = %d is lower than minimum allowed value 8
Fatal error: DataTables::add() called with _table_type=%d that is larger than maximum allowed %d
Fatal error: DataTables::shift() called when list of tables contains more than one entry
Fatal error: DataTables::shift() was called with reversed arguments order
VeryFast?
Fatal error: encode_table() isn't implemented in this coder
data error
ERROR: can't alloc %lu memory bytes
grzip_decompress
ERROR: can't alloc %lu memory bytes
has_progress?
progress
flags != fERR
../Compression/DisPack/DisPack.cpp
dispack
pure virtual method called
-LIBGCCW32-EH-3-SJLJ-GTHR-MINGW32
w32_sharedptr->size == sizeof(W32_EH_SHARED)
../../gcc-3.4.5/gcc/config/i386/w32-shared-ptr.c
GetAtomNameA (atom, s, sizeof(s)) != 0
N10__cxxabiv117__class_type_infoE
N10__cxxabiv120__si_class_type_infoE
N10__cxxabiv121__vmi_class_type_infoE
St10bad_typeid
St13bad_exception
St8bad_cast
St9bad_alloc
St9exception
St9type_info
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
AddAtomA
CloseHandle
CreateEventW
CreateFileW
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindAtomA
GetAtomNameA
GetCommandLineW
GetConsoleTitleW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
GetFileAttributesW
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetProcessTimes
GetProcessWorkingSetSize
GetStartupInfoW
GetSystemInfo
GetTempPathW
GetThreadPriority
GetThreadTimes
GetTickCount
GlobalMemoryStatus
GlobalMemoryStatusEx
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryW
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
ResetEvent
SetConsoleTitleW
SetEvent
SetFileAttributesW
SetFileTime
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
WaitForSingleObject
lstrlenW
_close
_stricmp
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_beginthreadex
_cexit
_filelengthi64
_flsbuf
_isctype
_lrotr
_lseeki64
_onexit
_pctype
_setmode
_waccess
_wmkdir
_wopen
_wremove
_wrename
_wrmdir
atexit
calloc
fprintf
gmtime
localtime
longjmp
malloc
memchr
memcpy
memmove
memset
printf
realloc
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strftime
strlen
strncmp
strncpy
strstr
tolower
wcschr
wcscmp
wcscpy
wcslen
wcsrchr
CoInitializeEx
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW
CharToOemW
ExitWindowsEx
GetActiveWindow
GetCapture
GetCaretPos
GetClipboardOwner
GetClipboardViewer
GetCursorPos
GetDesktopWindow
GetFocus
GetInputState
GetMessagePos
GetMessageTime
GetOpenClipboardWindow
GetProcessWindowStation
OemToCharW
ADVAPI32.DLL
KERNEL32.dll
msvcrt.dll
msvcrt.dll
OLE32.dll
SHELL32.DLL
USER32.dll