Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: a2b9715a3cdad07debd8ba80ed109848 --

Hashes
MD5: a2b9715a3cdad07debd8ba80ed109848
SHA1: 7a4391b35c542f5d0d5cd11b7c43277085e1a031
SHA256: b4a34378d9e030ff962c4ae49edd56152f2a418267c36e30f5fd2e7e76a2e00f
SSDEEP: 1536:CnMZZDhgVVmTe4gxH43cxWRE/4hGAGDi:CnMpgVVmqq3iDi
Details
File Type: PE32
Yara Hits
YRP/Borland_Cpp_DLL | YRP/Borland_Cpp_for_Win32_1999 | YRP/Borland | YRP/IsPE32 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/domain | YRP/contentis_base64 | YRP/DebuggerException__SetConsoleCtrl | YRP/win_files_operation |
Parent Files
07366aeaaf4cc541451e35c636f53fa4
Strings
		This program must be run under Win32
`.data
.idata
@.edata
@.rsrc
@.reloc
fb:C++HOOK
ERR_TYPES
_^[YY]
**BCCxh1
_^[YY]
_^[YY]
_^[YY]
A<ru	3
9+u <tt
_^[YY]
QVh0Gt
_^[YY]
QUVWRSPT
0_^[Y]
Borland C++ - Copyright 1999 Inprise Corporation
SIMULATE_TLS: A second thread was about to be created and the c0s32 startup code is in use
Nonshared DATA segment required
Cannot run multiple instances of a DLL under WIN32s
lzh|lha
borlndmm
hrdir_b.c: LoadLibrary != mmdll borlndmm failed
borlndmm
@Borlndmm@SysGetMem$qqri
@Borlndmm@SysFreeMem$qqrpv
@Borlndmm@SysReallocMem$qqrpvi
creating heap lock
<notype>
<notype>
___CPPdebugHook
Stack Overflow!
allocating handle lock table
creating handle lock
creating global handle lock
),(((((),(((
Error 0
Invalid function number
No such file or directory
Path not found
Too many open files
Permission denied
Bad file number
Memory arena trashed
Not enough memory
Invalid memory block address
Invalid environment
Invalid format
Invalid access code
Invalid data
Bad address
No such device
Attempted to remove current directory
Not same device
No more files
Invalid argument
Arg list too big
Exec format error
Cross-device link
Too many open files
No child processes
Inappropriate I/O control operation
Executable file in use
File too large
No space left on device
Illegal seek
Read-only file system
Too many links
Broken pipe
Math argument
Result too large
File already exists
Possible deadlock
Operation not permitted
No such process
Interrupted function call
Input/output error
No such device or address
Resource temporarily unavailable
Block device required
Resource busy
Not a directory
Is a directory
Directory not empty
Unknown error
creating global stream lock
allocating stream lock table
creating stream lock
%H:%M:%S
%m/%d/%y
%A, %B %d, %Y
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday
January
February
August
September
October
November
December
printf : floating point formats not linked
scanf : floating point formats not linked
printf : floating point formats not linked
scanf : floating point formats not linked
Error: system code page access failure; MBCS table not initialized
%02d/%02d/%04d %02d:%02d:%02d.%03d 
kernel32.dll
GetProcAddress
Borland32
Abnormal program termination
No space for copy of command line
No space for copy of command line
creating atexit lock
An exception (%08X) occurred during DllEntryPoint or DllMain in module:
creating thread data lock
Semaphore error 
___CPPdebugHook
**BCCxh1
KERNEL32.DLL
USER32.DLL
CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalFileTimeToFileTime
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WriteFile
EnumThreadWindows
MessageBoxA
OemToCharA
wsprintfA
lzh.dll
Extract
GetListItem
Prepare
___CPPdebugHook
{<:y&q?	
:;:B:d:
;+;S<o;j=G<s=
=*>1>@>D>H>L>P>X>
>">s>|>
>I?2?Y?k?y?
3C4z4Y3
737'7V7c7o797y7A7
0$0+010:0G0S0g0m0
1%1B1U1^1
2(252;2O2
3#30383
3)3K3Q3g3l3
?07V7c7}7
8G8g8P8Z8p8|8
;O<e<9>
>%>0>@>F>^>p>
>4?=?W?z?
2 212D2e2u2
3&3-3F3L3U3y3
4)5D5f5r5w5
<<=C=b=j=v=|=
7+8?8L8Y8
999J9V9_9n9}9
:$:5:::R:[:k:
:E;c;w;
<3<;<G<M<X<
3 3.3Q3Y3a3r3z3
474w4R4i4
5!5)5G5j5o5
6A6;6G6m6M6S6^6
0!0+050=0I0U0]0i0u0
1$121M1U1j1t1
2(202?2H2P2[2c2m2s2{2
0>0J0U0
0<1M1[1
2-282x2
:C=7?*?3?=?F?J?W?d?j?x?
0 060u0
1@2I2R2^2h2V2b2l2u2
9<9,:1:u:
=_=u=#>:>>>
<j=0>0<A=Q=y=
5U3e3x3
5,5b566
:<;E;O;
3 353J3_342V2u3
;&=0=*=4=
0P1Y1c1r1{1
2(2"2,2
5E6N6X6g6p6z6
h<p<~<
?8?E?M?S?j?{?v0
1(131@1i1u1
433-4U4
6$686T8
8>7B7F7J7N7R7V7
95;D;!;*;
0,070M0Y0e0t0{0
1O3 5+5
6 6&6,62686>6D6J6P6V6\6b6h6n6t6z6
4 4$4t4
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=
0 0&0,02080>0D0J0P0V0\0b0h0n0t0z0
2 2,282<2@2D2H2L2P2
7T9X9\9
4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4