Sample details: b7541f9e384d89ebb3bb85b3fcaea6f1 --

Hashes
MD5: b7541f9e384d89ebb3bb85b3fcaea6f1
SHA1: 22092dcda100cb062a3764d038c379f98cee7087
SHA256: abe2420b06c896678271324d7b8f58a4262dd01e95a2e33bef8bce297c694536
SSDEEP: 384:eTEYJbxNHqJFwk78XpeA0g5C4PkGUqi1VX3V5hTJa31Wny0uDtQ13mRt01GmBbKH:eTEbmZvB1PGcvkBIpQJmZ9mEqUaocAhN
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/Borland_Delphi_30_additional | YRP/Borland_Delphi_30_ | YRP/Borland_Delphi_v40_v50 | YRP/Borland_Delphi_v30 | YRP/Borland_Delphi_DLL | YRP/IsPE32 | YRP/IsDLL | YRP/IsConsole | YRP/HasOverlay | YRP/HasDigitalSignature | YRP/HasDebugData | YRP/HasRichSignature | YRP/domain | YRP/url | YRP/contentis_base64 | YRP/anti_dbg |
Parent Files
9cf06b8902e9b91e11c1d6eeb5ad5b8d
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
.gfids
@.rsrc
@.reloc
Unknown exception
chrono::steady_clock
string too long
invalid string position
chrono::thread_clock
chrono::process_real_cpu_clock
chrono::process_user_cpu_clock
chrono::process_system_cpu_clock
chrono::process_cpu_clock
bad allocation
bad array new length
D:\P4\Core\AMSP\Dev\AMSP-5.5\AMSP\3rd_party\boost\boost_1_62_0\bin.v2\libs\chrono\build\msvc-14.0\release\debug-store-database\debug-symbols-on\threading-multi\boost_chrono-vc140-mt-1_62.pdb
.text$mn
.text$x
.idata$5
.00cfg
.CRT$XCA
.CRT$XCZ
.CRT$XIA
.CRT$XIZ
.CRT$XPA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$r
.rdata$sxdata
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata$x
.edata
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.gfids$y
boost_chrono-vc140-mt-1_62.dll
??4process_cpu_clock@chrono@boost@@QAEAAV012@$$QAV012@@Z
??4process_cpu_clock@chrono@boost@@QAEAAV012@ABV012@@Z
??4process_real_cpu_clock@chrono@boost@@QAEAAV012@$$QAV012@@Z
??4process_real_cpu_clock@chrono@boost@@QAEAAV012@ABV012@@Z
??4process_system_cpu_clock@chrono@boost@@QAEAAV012@$$QAV012@@Z
??4process_system_cpu_clock@chrono@boost@@QAEAAV012@ABV012@@Z
??4process_user_cpu_clock@chrono@boost@@QAEAAV012@$$QAV012@@Z
??4process_user_cpu_clock@chrono@boost@@QAEAAV012@ABV012@@Z
??4steady_clock@chrono@boost@@QAEAAV012@$$QAV012@@Z
??4steady_clock@chrono@boost@@QAEAAV012@ABV012@@Z
??4system_clock@chrono@boost@@QAEAAV012@$$QAV012@@Z
??4system_clock@chrono@boost@@QAEAAV012@ABV012@@Z
??4thread_clock@chrono@boost@@QAEAAV012@$$QAV012@@Z
??4thread_clock@chrono@boost@@QAEAAV012@ABV012@@Z
?from_time_t@system_clock@chrono@boost@@SA?AV?$time_point@Vsystem_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0JIJGIA@@boost@@@23@@23@_J@Z
?is_steady@process_cpu_clock@chrono@boost@@2_NB
?is_steady@process_real_cpu_clock@chrono@boost@@2_NB
?is_steady@process_system_cpu_clock@chrono@boost@@2_NB
?is_steady@process_user_cpu_clock@chrono@boost@@2_NB
?is_steady@steady_clock@chrono@boost@@2_NB
?is_steady@system_clock@chrono@boost@@2_NB
?is_steady@thread_clock@chrono@boost@@2_NB
?now@process_cpu_clock@chrono@boost@@SA?AV?$time_point@Vprocess_cpu_clock@chrono@boost@@V?$duration@U?$process_times@_J@chrono@boost@@V?$ratio@$00$0DLJKMKAA@@3@@23@@23@AAVerror_code@system@3@@Z
?now@process_cpu_clock@chrono@boost@@SA?AV?$time_point@Vprocess_cpu_clock@chrono@boost@@V?$duration@U?$process_times@_J@chrono@boost@@V?$ratio@$00$0DLJKMKAA@@3@@23@@23@XZ
?now@process_real_cpu_clock@chrono@boost@@SA?AV?$time_point@Vprocess_real_cpu_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0DLJKMKAA@@boost@@@23@@23@AAVerror_code@system@3@@Z
?now@process_real_cpu_clock@chrono@boost@@SA?AV?$time_point@Vprocess_real_cpu_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0DLJKMKAA@@boost@@@23@@23@XZ
?now@process_system_cpu_clock@chrono@boost@@SA?AV?$time_point@Vprocess_system_cpu_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0DLJKMKAA@@boost@@@23@@23@AAVerror_code@system@3@@Z
?now@process_system_cpu_clock@chrono@boost@@SA?AV?$time_point@Vprocess_system_cpu_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0DLJKMKAA@@boost@@@23@@23@XZ
?now@process_user_cpu_clock@chrono@boost@@SA?AV?$time_point@Vprocess_user_cpu_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0DLJKMKAA@@boost@@@23@@23@AAVerror_code@system@3@@Z
?now@process_user_cpu_clock@chrono@boost@@SA?AV?$time_point@Vprocess_user_cpu_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0DLJKMKAA@@boost@@@23@@23@XZ
?now@steady_clock@chrono@boost@@SA?AV?$time_point@Vsteady_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0DLJKMKAA@@boost@@@23@@23@AAVerror_code@system@3@@Z
?now@steady_clock@chrono@boost@@SA?AV?$time_point@Vsteady_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0DLJKMKAA@@boost@@@23@@23@XZ
?now@system_clock@chrono@boost@@SA?AV?$time_point@Vsystem_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0JIJGIA@@boost@@@23@@23@AAVerror_code@system@3@@Z
?now@system_clock@chrono@boost@@SA?AV?$time_point@Vsystem_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0JIJGIA@@boost@@@23@@23@XZ
?now@thread_clock@chrono@boost@@SA?AV?$time_point@Vthread_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0DLJKMKAA@@boost@@@23@@23@AAVerror_code@system@3@@Z
?now@thread_clock@chrono@boost@@SA?AV?$time_point@Vthread_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0DLJKMKAA@@boost@@@23@@23@XZ
?to_time_t@system_clock@chrono@boost@@SA_JABV?$time_point@Vsystem_clock@chrono@boost@@V?$duration@_JV?$ratio@$00$0JIJGIA@@boost@@@23@@23@@Z
?system_category@system@boost@@YAABVerror_category@12@XZ
boost_system-vc140-mt-1_62.dll
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
MSVCP140.dll
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetCurrentThread
GetThreadTimes
GetProcessTimes
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
KERNEL32.dll
_purecall
__std_terminate
__std_exception_copy
__std_exception_destroy
memmove
_CxxThrowException
__CxxFrameHandler3
memcpy
__std_type_info_destroy_list
memset
_except_handler4_common
VCRUNTIME140.dll
_invalid_parameter_noinfo_noreturn
_errno
_callnewh
malloc
_except1
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
api-ms-win-crt-runtime-l1-1-0.dll
api-ms-win-crt-time-l1-1-0.dll
api-ms-win-crt-heap-l1-1-0.dll
api-ms-win-crt-math-l1-1-0.dll
.?AVruntime_error@std@@
.?AVexception@std@@
.?AV?$clone_impl@U?$error_info_injector@Vsystem_error@system@boost@@@exception_detail@boost@@@exception_detail@boost@@
.?AU?$error_info_injector@Vsystem_error@system@boost@@@exception_detail@boost@@
.?AVsystem_error@system@boost@@
.?AVexception@boost@@
.?AVclone_base@exception_detail@boost@@
.?AVtype_info@@
.?AVbad_alloc@std@@
.?AVbad_array_new_length@std@@
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD
<0`0g0v0
373t3z3
3&4,4R4o4
565E5e5t5}5
6(6f6s6
7/767=7
8B8V8b8w8~8
9*:X:_:
=;=P=o=
4-4P4d4
4F5W5t5
7D7V7e7
7;8H8f8u8
929:9v9
9&:5:S:j:~:
:V;e;w;
;&<5<S<`<h<r<
="=4=f=u=
>F>U>g>~>
?*?>?a?l?r?
666;6H6
8(9E9Z9c9n9u9
:&:0:@:P:`:i:
<$<7<C<S<d<
<&=3=Z=b={=
>0>8>M>Y>e>k>q>}>
2)242=2P2\2b2h2n2t2z2
14181<1D1H1L1P1T1X1\1`1d1
3 3$3(3<3@3D3`3d3
40444D4H4P4h4x4|4
5(5,545L5\5`5p5t5|5
6,606@6D6H6L6P6T6X6\6d6|6
7,70747<7T7d7h7x7|7
<$<0<P<\<|<
=<=D=L=T=`=
> >@>L>l>t>
?$?8?@?T?\?p?x?
0$0D0P0
1 1(1<1T1X1
001X1x1
Salt Lake City1
The USERTRUST Network1!0
http://www.usertrust.com1
UTN-USERFirst-Object0
151231000000Z
190709184036Z0
Greater Manchester1
Salford1
COMODO CA Limited1*0(
!COMODO SHA-1 Time Stamping Signer0
1http://crl.usertrust.com/UTN-USERFirst-Object.crl05
http://ocsp.usertrust.com0
VeriSign, Inc.1705
.Class 3 Public Primary Certification Authority0
061108000000Z
211107235959Z0
VeriSign, Inc.1
VeriSign Trust Network1:08
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
<VeriSign Class 3 Public Primary Certification Authority - G50
 http://crl.verisign.com/pca3.crl0
https://www.verisign.com/cps0
[0Y0W0U
	image/gif0!0
#http://logo.verisign.com/vslogo.gif04
http://ocsp.verisign.com0>
VeriSign, Inc.1
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA0
160329000000Z
170628235959Z0g1
Taiwan1
Taipei1
Trend Micro, Inc.1
Trend Micro, Inc.0
http://sf.symcb.com/sf.crl0a
https://d.symcb.com/cps0%
https://d.symcb.com/rpa0
http://sf.symcd.com0&
http://sf.symcb.com/sf.crt0
VeriSign, Inc.1
VeriSign Trust Network1:08
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
<VeriSign Class 3 Public Primary Certification Authority - G50
100208000000Z
200207235959Z0
VeriSign, Inc.1
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA0
https://www.verisign.com/cps0*
https://www.verisign.com/rpa0
[0Y0W0U
	image/gif0!0
#http://logo.verisign.com/vslogo.gif04
#http://crl.verisign.com/pca3-g5.crl04
http://ocsp.verisign.com0
VeriSignMPKI-2-80
VeriSign, Inc.1
VeriSign Trust Network1;09
2Terms of use at https://www.verisign.com/rpa (c)101.0,
%VeriSign Class 3 Code Signing 2010 CA
G0bH8$
BRo,S*
Salt Lake City1
The USERTRUST Network1!0
http://www.usertrust.com1
UTN-USERFirst-Object
170113072042Z0#
Symantec Corporation1
Symantec Trust Network100.
'Symantec Class 3 SHA256 Code Signing CA0
160330000000Z
170628235959Z0g1
Taiwan1
Taipei1
Trend Micro, Inc.1
Trend Micro, Inc.0
N9qZdV
http://sv.symcb.com/sv.crl0a
https://d.symcb.com/cps0%
https://d.symcb.com/rpa0
http://sv.symcd.com0&
http://sv.symcb.com/sv.crt0
VeriSign, Inc.1705
.Class 3 Public Primary Certification Authority0
061108000000Z
211107235959Z0
VeriSign, Inc.1
VeriSign Trust Network1:08
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
<VeriSign Class 3 Public Primary Certification Authority - G50
 http://crl.verisign.com/pca3.crl0
https://www.verisign.com/cps0
[0Y0W0U
	image/gif0!0
#http://logo.verisign.com/vslogo.gif04
http://ocsp.verisign.com0>
VeriSign, Inc.1
VeriSign Trust Network1:08
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
<VeriSign Class 3 Public Primary Certification Authority - G50
131210000000Z
231209235959Z0
Symantec Corporation1
Symantec Trust Network100.
'Symantec Class 3 SHA256 Code Signing CA0
+ojr\`
http://s2.symcb.com0
http://www.symauth.com/cps0(
http://www.symauth.com/rpa00
http://s1.symcb.com/pca3-g5.crl0
SymantecPKI-1-5670
Symantec Corporation1
Symantec Trust Network100.
'Symantec Class 3 SHA256 Code Signing CA
HYZ#Jf
20170113072044Z0
Symantec Corporation1
Symantec Trust Network110/
(Symantec SHA256 TimeStamping Signer - G1
VeriSign, Inc.1
VeriSign Trust Network1:08
1(c) 2008 VeriSign, Inc. - For authorized use only1806
/VeriSign Universal Root Certification Authority0
160112000000Z
310111235959Z0w1
Symantec Corporation1
Symantec Trust Network1(0&
Symantec SHA256 TimeStamping CA0
https://d.symcb.com/cps0%
https://d.symcb.com/rpa0.
http://s.symcd.com06
%http://s.symcb.com/universal-root.crl0
TimeStamp-2048-30
Symantec Corporation1
Symantec Trust Network1(0&
Symantec SHA256 TimeStamping CA0
160112000000Z
270411235959Z0
Symantec Corporation1
Symantec Trust Network110/
(Symantec SHA256 TimeStamping Signer - G10
https://d.symcb.com/cps0%
https://d.symcb.com/rpa0@
/http://ts-crl.ws.symantec.com/sha256-tss-ca.crl0
http://ts-ocsp.ws.symantec.com0;
/http://ts-aia.ws.symantec.com/sha256-tss-ca.cer0(
TimeStamp-2048-40
Symantec Corporation1
Symantec Trust Network1(0&
Symantec SHA256 TimeStamping CA
170113072044Z0/
/1(0&0$0"