Sample details: d6b4f7e8c8c768f6e9a01332018e0d23 --

Hashes
MD5: d6b4f7e8c8c768f6e9a01332018e0d23
SHA1: 3c8e39eae7b98f5be604192be1d62a90bbfbb141
SHA256: 17b33e9115e35d99445817a621f67ea9fe071f2197d2c0229f3b11bfba38e0e4
SSDEEP: 3072:4wRhHsG+/qXPUNORJ8yUMgBXi0CaeEFQz:3RpsF/qXPyyUMgBS0F9Fk
Details
File Type: PE32+
Yara Hits
YRP/Microsoft_Visual_Cpp_80_DLL | YRP/IsPE64 | YRP/IsConsole | YRP/IsBeyondImageSize | YRP/domain | YRP/url | YRP/contentis_base64 | YRP/ThreadControl__Context | YRP/SEH__vectored | YRP/Check_OutputDebugStringA_iat | YRP/anti_dbg |
Source
http://185.217.92.108/360t.exe
Strings
		!This program cannot be run in DOS mode.
P`.data
.rdata
`@.pdata
0@.xdata
0@.bss
.idata
8MZtxH
AUATUWVSH
[^_]A\A]
\$(w*H
Q(D;Q,};Ic
<	w^E1
A(;A,}7Hc
<_t-<nt-H
K(;K,}2Hc
_GLOBAL_L9	u3D
AWAVAUATUWVSH
H[^_]A\A]A^A_
V(A;V,}
H[^_]A\A]A^A_
AUATUWVSH
<stf<f
([^_]A\A]
([^_]A\A]
([^_]A\A]
([^_]A\A]
([^_]A\A]
$<ptg<mtcE1
<Etj<Lt9~
AUATUWVSH
H[^_]A\A]
H[^_]A\A]
H[^_]A\A]
C8;C<}
H[^_]A\A]
H[^_]A\A]
AUATUWVSH
C8;C<}uH
8[^_]A\A]
8[^_]A\A]
S8;S<}
8[^_]A\A]
S(;S,}eHc
S(;S,}
S(;S,H
u-<.t)<Rt
AWAVAUATUWVSH
([^_]A\A]A^A_
S(;S,L
<Ct2<D
S(;S,L
C(;C,|
C(D;C,
AWAVAUATUWVSH
[^_]A\A]A^A_
<$/uII
AUATUWVSH
([^_]A\A]
([^_]A\A]
([^_]A\A]
ATUWVSH
 [^_]A\
AVAUATUWVSH
@[^_]A\A]A^
@[^_]A\A]A^
@[^_]A\A]A^
@[^_]A\A]A^
AVAUATUWVSH
 [^_]A\A]A^
AWAVAUATUWVSH
([^_]A\A]A^A_
UAWAVAUATWVSH
$<;w%H
[^_A\A]A^A_]
L$(soL
D$ u!H
ATUWVSH
0[^_]A\
H3t$(D
0[^_]A\
ATUWVSH
P[^_]A\
UAWAVAUATWVSH
[^_A\A]A^A_]
ATUWVSH
 [^_]A\
([^_]H
9MZt	1
:MZu]H
tQHcJ<H
8MZuWL
tKIc@<H
8MZuRL
tFIcH<L
@' t	H
;MZuXL
tLIcC<L
AUATUWVSH
h[^_]A\A]
AWAVAUATUWVSH
[^_]A\A]A^A_
ATUWVSH
 [^_]A\
 [^_]A\
ATUWVSH
 [^_]A\
 [^_]A\
tnH;>u
ATUWVSH
 [^_]A\
 [^_]A\
AWAVAUATUWVSH
;_HsqH
([^_]A\A]A^A_
([^_]A\A]A^A_
ATUWVSH
@[^_]A\
@[^_]A\
AUATUWVSH
([^_]A\A]
([^_]A\A]
9^Hv5H
AWAVAUATUWVSH
9sHv9H
([^_]A\A]A^A_
AVAUATUWVSH
@[^_]A\A]A^
@[^_]A\A]A^
D$(H+D$ H
ATUWVSH
 [^_]A\
 [^_]A\
AUATUWVSH
H[^_]A\A]
H[^_]A\A]
AVAUATUWVSH
@[^_]A\A]A^
@[^_]A\A]A^
ATUWVSH
 [^_]A\
AWAVAUATUWVSH
8[^_]A\A]A^A_
AUATUWVSH
8[^_]A\A]
8[^_]A\A]
8[^_]A\A]
ATUWVSH
[^_]A\
[^_]A\
AUATUWVSH
H[^_]A\A]
ATUWVSH
D$Lu~H
[^_]A\
[^_]A\
p< tCv1<@t
<Pt1<0uAH
AWAVAUATUWVSH
[^_]A\A]A^A_
D$(tmM
UATWVSH
[^_A\]
ATUWVSH
 [^_]A\
UAWAVAUATVSH
bmit fulI
not enouI
gh spaceH)
l bug reI
port at H
gcc.gnu.I
 for forI
mat expaI
nsion (PI
lease suH
https://H
org/bugsH
bmit fulI
l bug reH
port at L
gcc.gnu.I
org/bugsH
https://L
([^_]H
([^_]H
AWAVAUATUWVSH
([^_]A\A]A^A_
([^_]A\A]A^A_H
ATUWVSH
 [^_]A\
 [^_]A\
ATUWVSH
 [^_]A\
 [^_]A\
AVAUATUWVSH
 [^_]A\A]A^
 [^_]A\A]A^
ATUWVSH
 [^_]A\
 [^_]A\
ATUWVSH
 [^_]A\
 [^_]A\
ATUWVSH
 [^_]A\
 [^_]A\
AVAUATUWVSH
 [^_]A\A]A^
 [^_]A\A]A^
ATUWVSH
 [^_]A\
 [^_]A\
L)L$(H
L)L$(H
L)L$(H
L)L$(H
AUATUWVSH
H[^_]A\A]
AWAVAUATUWVSH
8[^_]A\A]A^A_
AWAVAUATUWVSH
H[^_]A\A]A^A_
\$(w2H
\$(w2H
\$(w8H
\$(w8H
\$(w)H
ATUWVSH
0[^_]A\
ATUWVSH
0[^_]A\
AWAVAUATUWVSH
8[^_]A\A]A^A_
ATUWVSH
 [^_]A\
ATUWVSH
0[^_]A\
ATUWVSH
++CCUNGH
++CCUNG
AWAVAUATUWVSH
L+\$xI
L+L$xI
H9t$xtFA
H+L$xI
H9t$xt
L+T$xI
H9t$xt
L+\$xI
H+T$xI
H+D$xI9
[^_]A\A]A^A_
basic_string::_M_construct null not valid
xmrigMiner.exe
basic_string::append
 --daemonized
0123456789
basic_string::_M_create
%s: __pos (which is %zu) > this->size() (which is %zu)
basic_string::at: __n (which is %zu) >= this->size() (which is %zu)
basic_string::erase
basic_string::_M_replace_aux
basic_string::insert
basic_string::replace
basic_string::_M_replace
basic_string::assign
basic_string::append
basic_string::copy
basic_string::compare
basic_string::_M_construct null not valid
basic_string::basic_string
string::string
basic_string::substr
std::bad_alloc
std::bad_cast
std::bad_typeid
__gnu_cxx::__concurrence_lock_error
__gnu_cxx::__concurrence_unlock_error
std::exception
std::bad_exception
pure virtual method called
deleted virtual method called
terminate called recursively
terminate called after throwing an instance of '
terminate called without an active exception
  what():  
%s: __pos (which is %zu) > this->size() (which is %zu)
basic_string::at: __n (which is %zu) >= this->size() (which is %zu)
basic_string::copy
basic_string::compare
basic_string::_S_create
basic_string::erase
basic_string::_M_replace_aux
basic_string::insert
basic_string::replace
basic_string::assign
basic_string::append
basic_string::resize
basic_string::_S_construct null not valid
basic_string::basic_string
basic_string::substr
/dev/urandom
default
/dev/random
random_device::random_device(const std::string&)
mt19937
basic_string::_M_construct null not valid
(anonymous namespace)
string literal
decltype(auto)
{default arg#
JArray
vtable for 
VTT for 
construction vtable for 
typeinfo for 
typeinfo name for 
typeinfo fn for 
non-virtual thunk to 
virtual thunk to 
covariant return thunk to 
java Class for 
guard variable for 
TLS init function for 
TLS wrapper function for 
reference temporary #
hidden alias for 
transaction clone for 
non-transaction clone for 
_Accum
_Fract
operator
operator 
java resource 
decltype (
{parm#
global constructors keyed to 
global destructors keyed to 
{lambda(
{unnamed type#
 [clone 
 restrict
 volatile
 const
 transaction_safe
 noexcept
 throw
complex 
imaginary 
 __vector(
_GLOBAL_
std::allocator
allocator
std::basic_string
basic_string
std::string
std::basic_string<char, std::char_traits<char>, std::allocator<char> >
std::istream
std::basic_istream<char, std::char_traits<char> >
basic_istream
std::ostream
std::basic_ostream<char, std::char_traits<char> >
basic_ostream
std::iostream
std::basic_iostream<char, std::char_traits<char> >
basic_iostream
alignof 
const_cast
delete[] 
dynamic_cast
delete 
operator"" 
reinterpret_cast
sizeof...
static_cast
sizeof 
throw 
signed char
boolean
double
long double
__float128
unsigned char
unsigned int
unsigned
unsigned long
__int128
unsigned __int128
unsigned short
wchar_t
long long
unsigned long long
decimal32
decimal64
decimal128
char16_t
char32_t
decltype(nullptr)
Argument domain error (DOMAIN)
Argument singularity (SIGN)
Overflow range error (OVERFLOW)
Partial loss of significance (PLOSS)
Total loss of significance (TLOSS)
The result is too small to be represented (UNDERFLOW)
Unknown error
_matherr(): %s in %s(%g, %g)  (retval=%g)
Mingw-w64 runtime failure:
Address %p has no image-section
  VirtualQuery failed for %d bytes at address %p
  VirtualProtect failed with code 0x%x
  Unknown pseudo relocation protocol version %d.
  Unknown pseudo relocation bit size %d.
.pdata
%p not found?!?!
Error cleaning up spin_keys for thread 
 once %p is %d
T%p %d %s
T%p %d V=%0X H=%p %s
../mingw-w64/mingw-w64-libraries/winpthreads/src/rwlock.c
(((rwlock_t *)*rwl)->valid == LIFE_RWLOCK) && (((rwlock_t *)*rwl)->busy > 0)
Assertion failed: (%s), file %s, line %d
RWL%p %d %s
RWL%p %d V=%0X B=%d r=%ld w=%ld L=%p %s
C%p %d %s
C%p %d V=%0X w=%ld %s
N10__cxxabiv115__forced_unwindE
N10__cxxabiv117__class_type_infoE
N10__cxxabiv119__foreign_exceptionE
N10__cxxabiv120__si_class_type_infoE
N9__gnu_cxx24__concurrence_lock_errorE
N9__gnu_cxx26__concurrence_unlock_errorE
St10bad_typeid
St11logic_error
St11range_error
St12domain_error
St12length_error
St12out_of_range
St13bad_exception
St13runtime_error
St14overflow_error
St15underflow_error
St16invalid_argument
St8bad_cast
St9bad_alloc
St9exception
St9type_info
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev2, Built by MSYS2 project) 7.1.0
GCC: (Rev2, Built by MSYS2 project) 7.1.0
GCC: (Rev2, Built by MSYS2 project) 7.1.0
GCC: (Rev2, Built by MSYS2 project) 7.1.0
GCC: (Rev2, Built by MSYS2 project) 7.1.0
GCC: (Rev2, Built by MSYS2 project) 7.1.0
GCC: (Rev2, Built by MSYS2 project) 7.1.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
GCC: (Rev1, Built by MSYS2 project) 7.2.0
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetProcessAffinityMask
GetStartupInfoA
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
__C_specific_handler
__dllonexit
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_fmode
_initterm
_onexit
_setjmp
_strdup
_ultoa
_unlock
_write
calloc
fprintf
fwrite
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
printf
realloc
signal
sprintf
strcmp
strlen
strncmp
strtoul
system
vfprintf
KERNEL32.dll
msvcrt.dll
hhh#YYYWUUU
YYYSmmm
ccc7TTT
ZZZ[QQQ
___CQQQ
ccc)PPP
___;NNN
___=NNN
bbb-NNN
ooo)SSS
\\\cLLL
\\\cLLL
\\\cLLL
YYYqWWW
\\\cLLL
\\\cLLL
\\\cLLL
\\\cLLL
\\\cLLL
\\\cLLL
\\\cLLL
\\\cLLL
^^^aZZZo
\\\3SSSuPPP
SSSq\\\/
SSSwOOO
SSSqkkk
UUUgNNN
\\\KPPP
UUU#OOO
RRRuMMM
PPPwLLL
PPPwLLL
RRR5RRR;LLL
PPPwLLL
RRR;LLL
SSSeRRR5
RRR;QQQa
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
  <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
    <application>
      <!--The ID below indicates application support for Windows Vista -->
      <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
      <!--The ID below indicates application support for Windows 7 -->
      <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
      <!--The ID below indicates application support for Windows 8 -->
      <supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
      <!--The ID below indicates application support for Windows 8.1 -->
      <supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/> 
      <!--The ID below indicates application support for Windows 10 -->
      <supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/> 
    </application>
  </compatibility>
</assembly>