Sample details: a8660d98f8c2df303f6ec97e4b646246 --

Hashes
MD5: a8660d98f8c2df303f6ec97e4b646246
SHA1: 1b1b99b8e6cf338f4f99b767f317cfd666c9c484
SHA256: a0654722b75f5de0b2b6267140b4985279be51c5392cd250890ce56c9d12cad4
SSDEEP: 12288:xaNg5EhWUGfgrq3awx4BPjsKlzBRLjQM0t2jVh7f1Sz:8C7fQK6PjsKrRvKah7
Details
File Type: PE32
Added: 2019-02-02 22:33:21
Yara Hits
YRP/Safeguard_103_Simonzh | YRP/StarForce_V3X_DLL_StarForce_Copy_Protection_System_ | YRP/StarForce_V3X_DLL_StarForce_Copy_Protection_System | YRP/Program_Protector_XP_v10_additional | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/FASM | YRP/domain | YRP/contentis_base64 |
Strings
		!This program cannot be run in DOS mode.
.idata
.reloc
#D$0;D$0
Wj@WWRV
T$4QUj
L$,QQP
L$4PU1
9\$,up
L$,;\$
GHQQPj
GXQQPj
t$ SVU
lSVh'<
FRQjHZ
WVSUVQ
|$PPWWW
QQSUVf
PQUj h
D$$9L$0
WWWWWj
pSUVWh
WWWWh4
D$ 1D$0
D$$1D$4
QQSUVWh
D$d;D$P
D$NPhI
;>v$+>
t$<WSU
PPPQPP
QQQPh4
D$@;D$D
L$(9l$,
L$@PQQ
D$LPQQQf
v8QQP1
^][YYf
D$$	D$4
9L$,v.
|;VVVVj
l$09t$,u
\$$9|$D
PPPPh4
L$(!|$$1
D$ ;t$
9_(t,j
L$PPQQQ
(SUVWh
L$@+L$
ExWWPj
t$`j)P
TSUVWh
D$@;C,
N<f9Di
f9F@t^
D$(Pj Z
QQSUVW
VVVVVj
t#9wht
D$$9F@v
D$T9D$0
j@Zj Y
D$L9|$
uDPQQj
SUVWQRj
D$ VVPW
D$$9L$0
PPPPPj
#T$03T$
T$8PRRS
QSSSWSQQ
D$ hYl
:;FPv0
t$T9t$0
YCf;D$|
D$D9D$
D$ !l$
!l$ QP
Yu-f9DY
_^][YY
D$\_WP
FH;D$x
QQSVWj
WWWQWW
tD9|$$t>
!0QQVPj
D$(f9E
L$TVSU
L$@PQQ
D$LPQQQ
9nht+j Zj
D$HWSP
l$ 9t$
D$(PVQVVW
D$ ;D$
D$89D$ 
t0hXUt
f;D$|t	G9
D$Xj0P
D$hs>B
E\$Xj)S
QQSUVWj
j@Zj Y
~(9~ t
$SVWQQ
_^][YY
t Qj j
T$4j@Y+L$ 
D$(PQh
PPPPPPh
D$pPj!j
QQQQh_
L$@PQQ
D$LPQQQ
98u#9~
PUUVSUU
D$(PUUU
`QSUVW
T$4PPUU1
w,;L$Xr&)
\$8UVW1
kQQWWW
L$ VVP
D$<9D$4r-h
QWj$Z1
SSSSh$
D$$Pj	Z
D$ j@j
T$H9*u
VVVVVj
;t$(u7
D$4PUUU
SPPPPPP
D$ h_)A
\$DPWW
D$LPWWW
QQVj Z
t$T+D$
t$,PVVV
9~0u'WWWj
@PQQUS
HSUVWh
D$LPWWW
QSUVWQ
8_^][Y
D$0(5]
D$0VVVVP
t$DPVV1
9_,uAV
T$8!t$
D$HSUVWh
\$DPWW
L$,9l$4
D$ f;LX
|$X+|$$
QSUVWh
D$tSUVW1
t$lQUh
QSUVWh
D$,;D$ 
T$,hfM)
9~,u&S
t$$WPj
t3QQUUVUUUUU1
xSVWQRj
D$0PRW
D$@SPj
Bf;D$,r=
f;D$0w"
f;D$,s
QQUSWh
QQUSQh
u	9|$8
9D$4r~w
u9j ^h
t$ PPPPRQ
t498t#f
F`QQPj
FpQQPj
t$<WQQ
L$,9l$4
VVVVVj
PPPPPj
t=9t$xt7Qj
t$DPVV1
T$,;T$
SSQQSS
`9XLu'9_
9Y0u<9_
9Y8uP9_
`SUVWh
QQWWWW
PPPQPPPPP
D$ )D$0
Wj X+D$
D$\9L$ 
L$PPQQ
YCf;D$|
t.VVVj
,SUVWh
l$8G9\$
VVVQVV
u59t$(
D$LPQQQ
D$LPQQQ
|$@PWW
D$LPWWW
|$@PWW
@dm^][
#T$03T$
t$ SVU
9~Pu:9~0u
D$pjPP
QSUVWh
D$D+D$
PQQUSQ
_^][YY
u#QUWSW1
WQSWWV
D$ !D$0
D$$!D$4
QQSUVWh
8D$ Qf
D$NPhI
9V$r$w
QSUVW1
;|$ re
D$,9D.
VVVVQ9t$0
D$(PQVVW
D$(Pj	Z
D$X)D$ 
]UVQSj
8UVQSj
QQSVWh
D$Pf1%
lSUVWh
DSUVWh
9\$$w]
<G+t$\
QQSUVW
Vj Yf	
L$ SUj
WWWQWW
QQSUVW
#T$03T$
D$ ;t$
C7~$2+wJ
S-kh]_j
sPO;|9ET
*=^GMoP
EvOwU'{
kwn9gjX
a?Zi!t
uaWf~#M`
zBR\#Q
7{<ODC
]h'lf\
[m|]I/
QkQLZ9G
+#Wu4dM
*l)$3R
UmjsrV
T!9lgV
H%VK~x
:c(EsF
l3{V@et
"=tDpo
--+Irv
$*	_7p
%&r3Sm<
bj{\. ;
<mR+T?
xh(Wl&-
P#L>bj
oo\YYv
^aC3N/Q}
e`Yi42
R$9LFW
t('mb~
oSe=%d
a$>C6op
?QC Co
E]gMIX	
@6<L2H-
-Qz	uW
9T?]S_
|L,^oF
L@Ib;m&U
,=f	=E"
_3*T\(c~c 
T+2q-Wx{'
ylkT/R
[hWYR5Z(
S[:fZc
pA:7n4
Q+&#y>
5B/@QQdx%#
 9:7c=
=d f<|	*
'h'q'9u
A^A]A\_^]
A_A^A\
A_A^A]A\_^]
A_A^A]A\_
` UAVAW
L!t$(E
L9d$XfD
X8A+@(H
K UVWATAUAVAWH
D$pL!l$0L!l$8D!l$tH
A_A^A\
A^A]A\_^]f
WATAUAVAWH
HcT$pHc
WATAUAVAWH
A^A]A\_^[]
UVWATAUAVAWH
!|$8H!|$0
D$@I9B
t$ WATAUAVAWH
D9(u;H
@A_A^A]A\
UVWATAUAVAWH
USVWATAUAVAWH
D3]0E!
!l$(E1
D!D$ E1
WATAUAVAWf
A_A^A]A\]
USVWATAVAWH
UVWATAUAVAWH
T$H!L$D1
A_A^A]A\_^][
L9x8u6
L!d$(E1
A_A^A\_f
t-H9{Hu'H!|$ 
H9{Ht|
VWATAUAVAWH
ATAVAWf
WAVAWH
A_A^A]A\]
USVWATAUAVAWH
WATAUAVAW
UVWATAUAVAWH
SW)%z#
]`D)5]
A_A^A]_]
 A_A^A\H
u`D;pXr
E9&u#A
`A_A^A]A\_
A_A^A]A\_^[]
+D$ D9
+D$(D9
A^A]A\_^
USVWATAVAWH
t$hD9u
D3E8E1
WAVAWH
 A_A^_
` UAVAWH
 A^_^[]
UVWATAUAVAWH
dAUAVAWH
D!l$ A
A^A]A\_^]
USVWAT
L$pD!|$ A
SUVWATAVAWH
H!|$ L
A_A^A]A\_^]
D3]0E!
x UATAUAVAWH
H!\$`H
H!\$hH
D3E8A1
D9t$htzH
A_A^_^]
p WATAUAVAWH
D$PfM)
A_A^A]A\_
AUAVAWH
t$ W1%
A^A\_^
L$ UVWATAUAVAWH
t$ WATAUAVAWH
H!|$ L
H!|$XL
AUAVAWH
L$ VWATAVAWH
L!&M!&H
A_A^A]A\]
USVWATAUAVAWH
D9qPuDD9w
D9q`uED9w
A_A^A]A\_
AUAVAWH
A^A]A\_^]
A_A^A]A\
9](t,H
A]A\_^
A_A^A]A\_
A_A^A]A\_^
A^A]A\
A_A^A]A\_^]
H!\$0H!\$8!\$t
@A_A\_^]
 A_A^_
H!|$pH
H!|$xH
O@H!|$(D
H!|$ H
WATAUAVAWH
A_A^A]A\]
WAVAWH
UWATAVAWH
UVWAVAWH
D!t$ O
0A_A^_
0A_A^_
WATAUAVAWH
D$0D!|$(D
UVWATAUAV
D$pfD9
A_A^A]
ATAUAVAWH
D$\M9,$
UVWAVAWH
A^A]A\_^]
H!t$ L
A_A^A]A\_
A_A^A]A\_^]
`A_A^A]A\_^]
A_A^A]A\]
ATAUAVAWH
^lD3E8L
D3]0E!
USVWAVH
C 9/u#
D$`L9p u
VWATAVAWH
A_A^A]_]
UATAUAVAWH
UWAUAVAWH
A_A^A]
uBfD9s
A_A^A]A\_
p UWATAVAWH
@0_[^D
UVWATAUAVAWH
WAVAWH
WAVAWH
UVWAVAWH
Z8|?H9
UVWATAUAVAW
x ATAVAWH
x AUAVAWH
WATAUAVAWH
A]A\_^]
`A_A\_^]
A_A^A]A\_[]
WAVAWH
H9{xuUH9{Hu
H!|$ E1
D#E0D!
0A_A^A]A\_
UAVAWH
|$ AVH
A_A^A]A\_^][
A_A^A]A\_
x UATAUAVAWH
H!\$@H
H!t$(H
A_A^A]A\
x ATAVAWH
aHcL$P
SUVWATAUAVAWH
USVWATAUAVAW
0A_A^A]_^][
WAVAWH
LcD$xH
D$p!|$pE1
 A_A^A\
D#E0D!
t$ WAVAWH
PA_A^A]A\_^]
 A_A^_
UVWATAUAVAWf
USVWAVH
USVWAVH
H VWAVH
A_A^A]A\]
WAVAWH
A_A^A\_]
 A_A^_
L$ UVWH
A_A^A]A\_^]
0A_A^_^]
A_A^A]A\]
WATAUAVAWH
WATAUAVAWH
WATAUAVAWH
D!d$ A
 A_A^A\_
UWAUAVAWH
x UATAUf
UATAUAVAWH
 A_A^_
AUAVAWH
WAVAWH
pA_A^A]A\_^]f
0A__^[]
\$ L9;
VD3M0L
D#M0A!
UVWATAUAVAWH
H!|$HH
SUVWATAUAVAWf
A_A^A]A\_^]
D!d$ E1
H UATH
A_A^A]
UWATAVAWH
!t$(E1
!t$ E1
YA]A\_
AUAVAWH
WAUAVAWH
VWATAVAWH
H!\$ H
A^A\_^
D$XfA9
UVWATAUAVAWH
H9K t|H
A_A^A]A\]
0A_A^A]A\_^]
UVWATAUAVAW
L!t$0H
EhL!t$(L
L!t$`H
L!t$hH
L$PD!u
f+D$pD
ATAVAWH
A_A^A]A\_
UVWAVAWH
x ATAVAWH	
UVWATAU
0t>90u
A_A^A]A\_^
A_A^A]A\_^]
A_A^A]A\_
 A_A^_
VWATAUAVAWH
CHH98t
`A^_^[]
UVWATAUAVAWH
u$f9>u
A_A^_D
WAVAWH
AUAVAWH
t$ WATAUAV
WAVAWH
@A_A^A\_]
A8HcH<I
PW=WAVH
A_A^A\_^[]
x*D9eHt$H
kA_A^A\_^[]
UVWATAUAVAWf
L$lD9t$p
 A_A^_
WATAUAVAWH
H+L$8A
|$PH+|$8H
A_A^A]A\_^]
L$ USVW
A_A^A]A\]H
H UWATAVAW
t'H!|$ 
A\_^[]
t2H!|$ 
0A_A^_^]
WAVAWH
0A_A^A]A\_^]
UVWATAUAVAWH
H!|$ E1
H9{Hto
fE9,Nu
A_A^A]A\_^]
ATAUAVAWH
D!t$@A
D!t$XL
VWAVAWH
H!\$(H
H!\$ L
UVWATAUAVAWH
USVWAT
UVWATAWH
 A_A^A\_^
 A_A^A\
VWATAVH
A_A^A\_H
UVWATAUAVAWH
!>M!<$
L$@L!|$XL
D$XD!|$@H
A_A^A\
A_A^A]A\]
WATAUAVAWH
A_A^A]A\_^]
D3E8E1
AUAVAWH
0A_A^_
s WATAUAVAWH
WATAUAVAWH
UATAUAVAWH
D$0c3F
@A_A^A\_^
H!\$8H
WAVAWH
VWATAVAWH
xA^A]A\_^[]
ATAVAWH
19SUVWATAUf
u0!D$@L
D!D$ E1
WAVAWH
x ATAVAWH
UWATAVAWH
 A_A^_
0A_A^H
WATAUAVAW
 A_A^_
0A_A^A]_^
H!\$ L
lATAUAVAWH
 A_A^_
F<D3E8E1
A_A^A]A\_^]
ATAUAV
WAVAWH
VWATAV
WAVAWf
D!|$@M
A_A^A]A\_^][
!|$8H!|$0
@A_A^A\_^]
A_A^A]A\_
D$0fM)
ATAUAVAWH
t,H!|$ 
A_A^A]D
D$pfD98
UVWAVAWH
H!t$8H
L$ !t$tH
:;Clv$L
)shD){X
L$ UVWATAUAVAWH
D$`L9p
!s@9s8t
!s89s@
A_A^A]A\_
WAVAWH
0A_A^A]A\_
\$ UVWATAUAVAWH
A_A^_^]
A_A^A]A\]
A_A^A\
A]A\_^
WATAUAVAWH
UVWATAUD
A^A\_^
VWATAV
C@D9@HtmH
0A_A^A]A\_
C8L9c8
`A_A^A]_^[]
f9GBtB
UVWATAUAVAWH
VWATAVAW
fE9$Fu
!\$8!\$0A
WATAUAVAWH
A^A]A\_^
u!!|$8
v<(YL;
|$@!|$8
VAVAWH
A_A^A]A\]
A_A^A\_]
A_A^A\_
UATAUAV
H!l$(E1
A^_]fD
UWATAVAWH
AUAVAWH
0A_A^A]A\_^]
h VWAVH
USVWATAUAVAWH
H!|$@H
WAVAWH
 A_A^A]A\_
t$0!\$(!\$ D
 A_A^_
WAVAWH
A^A]A\_^[]
A_A^A]A\
VWATAUAVAWH
x AVAW1
0A_A^A]A\_
0A_A^A]
SUVWAUAVAWH
I90t	A91
L$ UVWATAUAV
` UAUAWH
ATAUAV
A_A^A]A\_^][
PA_A^A]A\_
WATAWH
}wfD	=
!\$8@0-Kw
VWATAVAWH
ATAUAVAWL1
0A_A^_
D3]0E!
\$`D9d$h
CxD9(|
WAVAWH
D#E0D!
C@L9(u
A_A^A]A\_^]
H!t$0E1
D$(!t$ 
A_A^A]A\_^[]
VWATAVAWH
VWATAUAVAWH
A_A^A]A\_^[
EPD9s`v
pA_A^A]A\
USVWAWH
H!\$(H
uPD9uHrBD
H!\$hL
D$@!\$8H!\$0D)56W
D$(H!\$ 
A_A^A]A\]
t$ WAVAWH
H!\$0D
H!\$8)=GH
L$ !\$tH
H!D$ H
L$`!l$(E1
H!} H9=
H!\$hI
D$(H!\$ 
H!\$8H
D$HD9t$Pt.D
D$ fM)
|$0A_A^
A_A^A]A\_
UATAUAVAW
L!d$(E
VDdku	H
0A_A^A]A\_
` UAVAWH
L$ UVW
t<fD9#u6H
A_A^A\_^
EH3E0A1
T$(LcD$xD
A_A^A]L
D$8D9`
UATAUAVAWH
ndh{m>
;m}246
@\l"~I
(}+839
O!"7:?`
HS$r3 b
H:6mlxEWN
dIH@P!)
wI7V03
^Vm9Aa
"&Vf[i
jiTQUX
4#S?]. 
D:vI6Eu
{=Y1NH
uC+CF-
(Q]G {$f
}^WF.i
-")^l. 
USER32.DLL
MessageBoxW