Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: c89e401800de62e5702e085d898eed20 --

Hashes
MD5: c89e401800de62e5702e085d898eed20
SHA1: 72fb4f088c6ac02097b55fb267c76fbf5e0fa1f7
SHA256: de83c9d9203050b40c098e4143ef8f577aa90016c7a64d4f2931b57a4c43e566
SSDEEP: 3072:h+qD1Cd/Oa5kXFlqkFGr3CAP7LCyInPEggen5Ez:hlCd/OaaFEjCAPKyOE6na
Details
File Type: PE32
Yara Hits
YRP/fasm_Tomasz_Grysztar_additional | YRP/Microsoft_Visual_Cpp_vxx | YRP/fasm_Tomasz_Grysztar | YRP/Microsoft_Visual_Cpp_DLL | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/Armadillo_v4x | YRP/IsPE32 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/win_files_operation |
Parent Files
714a658c266c2a4e644e42d4a983a500
Source
Strings
		!This program cannot be run in DOS mode.
`.data
@.reloc
A<e A<epB<e
B<epB<e0?<e`C<e
C<e@C<ePC<e
F<e0?<e
C<e0?<e
=epF<e
F<e0?<e
C<eP?<e@?<e0?<e
?<ep?<e
@<e ><e
C<e0D<e
A<e A<epB<e
B<epB<e0?<e`C<e
C<e@C<ePC<e
F<e0?<e
C<e0?<epg<epF<e
F<e0?<e
C<eP?<e@?<e0?<e
?<ep?<e
`<e`j<e`J<e
BM<eHM<e
A<e A<epB<e
B<epB<e0?<e`C<e
C<e@C<ePC<e
F<e0?<e
C<e0?<e
o<epF<e
F<e0?<e
j<e@?<e0?<e
?<ep?<e
@<e@h<e
C<e0D<e
%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz
&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz
FIsTNT
kernel32.dll
(Press Retry to debug the application - JIT must be enabled)
For information on how your program can cause an assertion
failure, see the Visual C++ documentation on asserts
Microsoft Visual C++ Runtime Library
Expression: 
Line: 
File: 
<program name unknown>
Program: 
Assertion failed!
runtime error 
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Runtime Error!
Program: 
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
L5=e`5=e
?IsProcessorFeaturePresent
KERNEL32
`h````
ppxxxx
(null)
LC_TIME
LC_NUMERIC
LC_MONETARY
LC_CTYPE
LC_COLLATE
LC_ALL
1#QNAN
1#SNAN
united-states
united-kingdom
united states
united kingdom
turkey
taiwan
switzerland
sweden
south-korea
south korea
singapore
russia
pr-china
pr china
portugal
poland
norway
new-zealand
new zealand
netherlands
mexico
ireland
iceland
hungary
hong-kong
hong kong
holland
greece
great britain
germany
france
finland
england
denmark
canada
britain
brazil
belgium
austria
australia
america
turkish
swedish
spanish-modern
spanish-mexican
spanish
slovak
russian
portuguese-brazilian
portuguese
polish
norwegian-nynorsk
norwegian-bokmal
norwegian
korean
japanese
italian-swiss
italian
irish-english
icelandic
hungarian
german-swiss
german-austrian
german
french-swiss
french-canadian
french-belgian
french
finnish
english-usa
english-us
english-uk
english-nz
english-ire
english-can
english-aus
english-american
english
dutch-belgian
danish
chinese-traditional
chinese-singapore
chinese-simplified
chinese-hongkong
chinese
canadian
belgian
australian
american-english
american english
american
H:mm:ss
dddd, MMMM dd, yyyy
M/d/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
` <e_^
A<e'B<e
~d;~ds
~d_^][
hX#<ehX
@(0`<e
h#<et	P
h@$<ehX
M<e*K<exK<e
K<eGL<e~L<e
L<e&L<e*K<e	K<e
s _^][Y
s _^][Y
s _^][Y
<!t2<,t
R<eqR<e
`<e_^][
P`<e_^][
0`<e_^][
5t <e3
t(It"Iu"
Fx;F`s
ItZIt0IIt
HtLHt@HHt3
(j	YQVP
(j	ZRQP
(j	ZRQP
YtcHt6Hu]8_
v|90~.
T;^ Y|
;F YY|
tGHtkH
~H_^[]
								
T;^ Y|
X9A\u39
%9A`u 9
tp8^At
8^Au&8_
8^AYYu	SV
tA8^@u<
8^Jt;9^tu68^Pt
8^AYuO8_
)E ;] v
+j	XPWR
tLIIt-It
58XJt$9^
F`+~\;
)E ;} v
<eY9Nd~
<e_^][
NL9NLu!
GQSWVP
_p_^[]
hh0<eP
t.;t$$t(
VC20XC00U
C =02CVu
B 02CV
=e 6=e
 <e^][
=etBjtj
HSUVWh
L <ef9|$F
 <e_^][
-\ <eVW
D$ _^]
=eSUVW3
 <e_^][
5T <eP
d <e_]
 <e_^3
QSUVW3
/=ew/=e
=| <eh
>etShx4<eV
hd4<eV
<=e	==er==e
>=eE==eT==e6==e'==ec==e
>=e(>=e
A=es?=e
=ew<j	
=\ <eS
<St	<C
:L$Lw3
|$(HUS
pK=ezK=e=K=e`K=ezK=e'K=efK=ejK=evK=e
O=ehL=e
N=e|L=e
L$ _^]+
i=e|i=eti=eli=edi=e\i=eTi=eLi=e
Hj=ehj=e
k=e'k=e
@k=eHk=eXk=elk=e
>eVj	P
!<eUVWuNj
hd5<ej
hd5<ej
hh5<ej
hh5<ej
D$,WQVURP
D$<VPj
T$<VPQRj
D$4UQRP
d <e_^[
5$!<e;
hh5<ej
hd5<ej
T$(SSSSWQh 
VUWPh 
T$$WSR
5 !<eW3
hd5<ej
L$ RQP
WWURj	S
hh5<ej
(!<eUVW
hd5<eh
hh5<eh
VRWSUP
D$0PVQh 
D$TRVP
T$DQPR
L$ PQF
KK<5|1;
/;t$$u
VPj1Sj
G Pj*Sj
G,Pj-Sj
G@PjFSj
GLPjISj
GXPjLSj
GdPjOSj
GpPj:Sj
G|Pj=Sj
S RjPVj
C$PjQVj
C*PjTVj
C-PjWVj
 SUVW3
PPPPPPPP
PPPPPPPP
T$(SUVf
f9|$(w
9D$*u,9D$.
zuTVVVSU
T$$PPj
T$,PQj
ReleaseStgMedium
ole32.dll
UnionRect
USER32.dll
DeleteObject
PatBlt
GetCurrentObject
SelectObject
CreateSolidBrush
GetObjectA
GetNearestPaletteIndex
SetDIBColorTable
GetNearestColor
SelectPalette
SetDIBitsToDevice
StretchDIBits
SetStretchBltMode
SetMapMode
SetDIBits
GDI32.dll
InterlockedIncrement
InitializeCriticalSection
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
lstrlenA
GlobalDeleteAtom
GlobalAddAtomA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapFree
GetModuleFileNameA
RtlUnwind
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
LoadLibraryA
FlushFileBuffers
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CloseHandle
ReadFile
GetLocaleInfoA
GetLocaleInfoW
KERNEL32.dll
ASYCFILT.dll
DllCanUnloadNow
FilterCreateInstance
d:\OA\src\stdtypes\filtbase.cpp
NULL != m_dib
d:\OA\src\stdtypes\filtbase.cpp
NULL != m_dc
d:\OA\src\stdtypes\filtbase.cpp
NULL != new_brush
d:\OA\src\stdtypes\filtgif.cpp
d:\OA\src\stdtypes\filtgif.cpp
NULL != hdr
d:\OA\src\stdtypes\filtgif.cpp
NULL != sd
d:\OA\src\stdtypes\filtgif.cpp
pal_entries <= MAX_GIF_PALETTE_ENTRIES
d:\OA\src\stdtypes\filtgif.cpp
NULL != m_bminfo
d:\OA\src\stdtypes\filtgif.cpp
bytes_read == bytes_needed
d:\OA\src\stdtypes\filtgif.cpp
m_decompress_info.first_code < m_decompress_info.clear_code
d:\OA\src\stdtypes\filtgif.cpp
*(m_decompress_info.code_sp) < m_decompress_info.clear_code
d:\OA\src\stdtypes\filtgif.cpp
m_decompress_info.code_sp < &(m_decompress_info.code_stack[GIF_STACK_SIZE])
d:\OA\src\stdtypes\filtgif.cpp
code != m_decompress_info.code_table[0][code]
d:\OA\src\stdtypes\filtgif.cpp
*(m_decompress_info.code_sp) < m_decompress_info.clear_code
NULL != m_dib
NULL != m_dc
d:\OA\src\stdtypes\filtgif.cpp
d:\OA\src\stdtypes\filtjpeg.cpp
NULL != m_bminfo
d:\OA\src\stdtypes\filtjpeg.cpp
NULL != m_pCurLine
d:\OA\src\stdtypes\filtjpeg.cpp
NULL != m_buffer
d:\OA\src\stdtypes\filtjpeg.cpp
NULL != m_dc
d:\OA\src\stdtypes\filtjpeg.cpp
NULL != m_dib
MS_AsyncImage_DCWait
MS_AsyncImage_Display
MS_AsyncImage_Abnormal
MS_AsyncImage_Finished
Bogus message code %d
Sorry, there are legal restrictions on arithmetic coding
ALIGN_TYPE is wrong, please fix
MAX_ALLOC_CHUNK is wrong, please fix
Bogus buffer control mode
Invalid component ID %d in SOS
IDCT output block size %d not supported
Bogus input colorspace
Bogus JPEG colorspace
Bogus marker length
Sampling factors too large for interleaved scan
Invalid memory pool code %d
Unsupported JPEG data precision %d
Invalid progressive parameters Ss=%d Se=%d Ah=%d Al=%d
Invalid progressive parameters at scan script entry %d
Bogus sampling factors
Invalid scan script at entry %d
Improper call to JPEG library in state %d
Bogus virtual array access
Buffer passed to JPEG library is too small
Suspension not allowed here
CCIR601 sampling not implemented yet
Too many color components: %d, max %d
Unsupported color conversion request
Bogus DAC index %d
Bogus DAC value 0x%x
Bogus DHT counts
Bogus DHT index %d
Bogus DQT index %d
Empty JPEG image (DNL not supported)
Read from EMS failed
Write to EMS failed
Didn't expect more than one scan
Input file read error
Output file write error --- out of disk space?
Fractional sampling not implemented yet
Huffman code size table overflow
Missing Huffman code table entry
Maximum supported image dimension is %u pixels
Empty input file
Premature end of input file
Cannot transcode due to multiple use of quantization table %d
Scan script does not transmit all data
Invalid color quantization mode change
Not implemented yet
Requested feature was omitted at compile time
Backing store not supported
Huffman table 0x%02x was not defined
JPEG datastream contains no image
Quantization table 0x%02x was not defined
Not a JPEG file: starts with 0x%02x 0x%02x
Insufficient memory (case %d)
Cannot quantize more than %d color components
Cannot quantize to fewer than %d colors
Cannot quantize to more than %d colors
Invalid JPEG file structure: two SOF markers
Invalid JPEG file structure: missing SOS marker
Unsupported JPEG process: SOF type 0x%02x
Invalid JPEG file structure: two SOI markers
Invalid JPEG file structure: SOS before SOF
Failed to create temporary file %s
Read failed on temporary file
Seek failed on temporary file
Write failed on temporary file --- out of disk space?
Application transferred too few scanlines
Unsupported marker type 0x%02x
Virtual array controller messed up
Image too wide for this implementation
Read from XMS failed
Write to XMS failed
Copyright (C) 1995, Thomas G. Lane
6  2-Aug-95
Caution: quantization tables are too coarse for baseline JPEG
Adobe APP14 marker: version %d, flags 0x%04x 0x%04x, transform %d
Unknown APP0 marker (not JFIF), length %u
Unknown APP14 marker (not Adobe), length %u
Define Arithmetic Table 0x%02x: 0x%02x
Define Huffman Table 0x%02x
Define Quantization Table %d  precision %d
Define Restart Interval %u
Freed EMS handle %u
Obtained EMS handle %u
End Of Image
        %3d %3d %3d %3d %3d %3d %3d %3d
JFIF APP0 marker, density %dx%d  %d
Warning: thumbnail image size does not match data length %u
Unknown JFIF minor revision number %d.%02d
    with %d x %d thumbnail image
Skipping marker 0x%02x, length %u
Unexpected marker 0x%02x
        %4u %4u %4u %4u %4u %4u %4u %4u
Quantizing to %d = %d*%d*%d colors
Quantizing to %d colors
Selected %d colors for quantization
At marker 0x%02x, recovery action %d
Smoothing not supported with nonstandard sampling ratios
Start Of Frame 0x%02x: width=%u, height=%u, components=%d
    Component %d: %dhx%dv q=%d
Start of Image
Start Of Scan: %d components
    Component %d: dc=%d ac=%d
  Ss=%d, Se=%d, Ah=%d, Al=%d
Closed temporary file %s
Opened temporary file %s
Unrecognized component IDs %d %d %d, assuming YCbCr
Freed XMS handle %u
Obtained XMS handle %u
Unknown Adobe color transform code %d
Inconsistent progression sequence for component %d coefficient %d
Corrupt JPEG data: %u extraneous bytes before marker 0x%02x
Corrupt JPEG data: premature end of data segment
Corrupt JPEG data: bad Huffman code
Warning: unknown JFIF revision number %d.%02d
Premature end of JPEG file
Corrupt JPEG data: found marker 0x%02x instead of RST%d
Invalid SOS parameters for sequential JPEG
Application transferred too many scanlines
JPEGMEM
Assertion failed: %s, file %s, line %d
=e`j<e`j<e
k=e\5<eL5<e 	-
>epZ<e
=et5<e
=el5<e
<<e|<<ex<<et<<ep<<el<<ed<<e\<<eT<<eH<<e<<<e4<<e(<<e$<<e <<e
;<el;<ed;<e
2 2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
3 3$3(3,3034383<3@3D3H3L3P3T3`3h3l3p3t3x3
4 4$4(4,4044484D4H4P4T4X4\4`4h4l4p4t4x4|4
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
=.=;=E=[=h=
>H>Q>X>_>f>m>
242X2\2`2d2h2
5+505C5V5b5
6E6`657
8$8+82898@8
9)9G9e9
:Y;^;_=
f0k0f2m2
:$:;:r<
11=1P1a1
7,7<7N7
8k8t8{8
8	9.9@9^9|9
<'>,>J>O>f>
^0e0l0s0z0
2!2&2-232:2@2G2M2U2b2g2{2
0%01080F0N0
;<<E<T<]<
"1*1B1X4
:O:K?R?Y?`?g?w?
; ;';.;5;<;C;J;Q;X;_;{;
/151:1X1^1g1n1
212<2E2
2%3A3P3p3
404<4B4H4N4Y4f4
9)9.9;9l9
:0:9:A;
?!?,?1?>?C?
0$0@0J0
1*1;1K1U1\1k1t1
2X3`3y3
40484K4[4q4
5N5V5t5
5$676b6z6
7 747;7
<+<3<9<C<I<O<g<
=%=.=5=V=e=o=z=
>#>(>A>I>U>~>
0%010@0R0{0
272Q2X2a2j2r2
373E3L3h3o3
4%4@4r4
62696A6V6
>S?Z?`?i?y?
1 1$1L1
676U6e6
6@8K8_8
%0_0?1]1t1
5(5,5054585l5p5t5x5|5
8+8:8I8
;#;4<;<b<v<
0^0Q1g1
1 353n3
6 6$6(6,6064686<6
<[<"?7?
&0A0y0
9%9,9094989<9@9D9H9
:0:7:<:@:D:a:
:*;0;4;8;<;
;0<K<i<t<
=$>1>Z>q>|>
0(0R0o0_1l1a2m2y2
:):2:D:
2	2#2Q2w2
5(5074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7
9'9N9[9~9
111;1A1E1P1b1~1
118@8L8`8t8
9!9)9.979=9J9V9e9w9}9
;%;+;2;6;A;S;k;
<!=<=E=K=
5&6I6q6z6
7,7J7v7
869<9J9
;$;,;4;<;\;l;|;
< <$<(<,<0<4<8<<<P>T>
2 2(20282@2H2P2X2`2h2p2x2
3 3(30383@3H3P3X3`3h3p3x3
4 4(40484@4H4P4X4`4h4p4x4
5 5(50585@5H5P5X5`5h5p5x5
6 6(60686@6H6P6X6`6h6p6x6
7 7(70787@7H7P7X7`7h7p7x7
: :$:(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
asycfilt.dbg
asycfilt.dll