Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: de02c4d04088b69e64ecc30a3d9e22e5 --

Hashes
MD5: de02c4d04088b69e64ecc30a3d9e22e5
SHA1: a5f66d420b6a6ebb04242fb85ca462a99dbf89b6
SHA256: c9d28800e740a1569aec8fe27df10ef186d883f94cec15a5c228826b45a24f9d
SSDEEP: 1536:hZ7jJ13iy8Z781A9kJrVLaIYJqsghgRQquctDhyquYVuTXHze8I:i7OrUIeqZqu1TTex
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/HasModified_DOS_Message | YRP/domain | YRP/contentis_base64 | YRP/DebuggerException__SetConsoleCtrl | YRP/keylogger | YRP/win_registry | YRP/win_files_operation | YRP/CRC32_poly_Constant | YRP/BLOWFISH_Constants | YRP/RIPEMD160_Constants | YRP/SHA1_Constants |
Parent Files
07366aeaaf4cc541451e35c636f53fa4
Strings
		!this is a Windows NT (own RTL) dynamic link library
`.idata
DGROUP
.edata
@.reloc
B.rsrc
WVIDEO
]_^ZY[
Copyright by ACE Compression Software (1998-2000). U
UPSQRVW
_^ZY[X]
UPSQRVW
_^ZY[X]
USQRVW
_^ZY[]
UWVRSP
X[Z^_]
PSQRVWU
]_^ZY[X
PSQRVWU
]_^ZY[X
SQRUVWR
_^]ZY[
PSQRWV
^_ZY[X
USQRWV
^_ZY[]
 iciNWq
Ze2Zh@
A4x{%`
BFUa.X
	-f3F2
w``u N
:SQRVW
u9Vhy=D
PSQRVW
_^ZY[X
QRj0h(
]_^ZY[
SHELL32.DLL
KERNEL32.DLL
ADVAPI32.DLL
GDI32.DLL
USER32.DLL
ShellExecuteA
ShellExecuteExA
AllocConsole
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeConsole
GetCommandLineA
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemTime
GetTempPathA
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
PeekConsoleInputA
ReadConsoleInputA
ReadConsoleOutputAttribute
ReadConsoleOutputA
ReadFile
RemoveDirectoryA
ScrollConsoleScreenBufferA
SearchPathA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
SystemTimeToFileTime
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleOutputA
WriteConsoleOutputCharacterA
WriteFile
RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
CreateFontA
DeleteObject
CharToOemBuffA
CreateDialogParamA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
GetKeyState
GetWindowTextA
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MessageBeep
MessageBoxA
OemToCharBuffA
PeekMessageA
SendDlgItemMessageA
SetCursor
SetDlgItemTextA
SetFocus
SetTimer
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage
undefined member function called through debug information!
undefined constructor or destructor called!
(null)
<program name unknown>
Runtime Error!
Program: 
Microsoft Visual C++ Runtime Library
- not enough space for arguments
- not enough space for environment
abnormal program termination
- not enough space for thread data
- unexpected multithread lock error
- unexpected heap error
- unable to open console device
- not enough space for _onexit/atexit table
- pure virtual function call
- not enough space for stdio initialization
- not enough space for lowio initialization
- unable to initialize heap
DOMAIN error
SING error
TLOSS error
runtime error 
kernel32.dll
*UNREGISTERED VERSION*
**ACE**
this is just a small test *juk*..abcdefghijklmnop
Software\ACE Compression Software\ActiveAce\2.0
*?"<>|
NtQueryInformationFile
ntdll.dll
GetFileSecurityA
advapi32.dll
SetFileSecurityA
GetDiskFreeSpaceExA
kernel32.dll
Warning
This is not a fully ACE compatible archive.
Trying to decompress might fail.
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
`h````
ppxxxx
0000000000
PPPPPP@@@@@@@@@@@@@@@@@@@@
UNACEV2.DLL
ACEExtract
ACEInitDll
ACEList
ACEReadArchiveData
ACETest
___DllMainCRTStartup@12
4)4K4m4s4~4
5.53595@5F5M5S5Z5`5
5"8.8O8i8
8_9k9w9
8O9g9~9
:3;O;t;
575]5r5~5
:%;8=P=f=z=
728E8T8}8
2L3^3o3
9):2:Q:
;-;6;;;@;J;O;
<"<3<D<U<f<w<
<==E=S=~=
?#?'?+?/?3?7?K?Q?Y?h?m?
:>B>M>Z>m>v>
?+?3?:?D?J?[?`?f?x?
?.080?0^0d0s0
1!141>1G1O1a1m1s1y1
2'262=2C2M2W2a2k2u2
30363G3U3l3}3
4-4Q4V4t4{4
525K5Y5d5x5
6"6.636
6"747P7
949E9L9b9i9
:*:/:G:L:e:m:
; ;(;/;@;H;S;X;i;o;u;
<$<,<2<9<?<H<R<\<f<n<v<
='=,=B=T=
>4>@>J>[>f>k>p>
>%?1?;?[?f?m?r?w?
0:0@0[0c0t0|0
0&161A1I1V1j1r1}1
2)212>2D2Z2`2f2l2r2}2
3+3=3O3U3[3f3t3
31484?4u4
5f5o5u5}5
6'646=6J6b6k6
7"7-7:7M7V7o7|7
878X8a8u8}8
9$969>9G9f9l9v9|9
:+:U:l:
;$;*;8;>;F;L;R;X;`;f;n;w;};
<,<><E<J<]<o<t<|<
=2=:=?=I=S=X=v=}=
?,?2?7?A?L?T?Z?_?e?z?
0$0*00060A0G0P0Y0f0m0r0x0
1$1.141Q1W1d1j1o1
1!2+252?2I2S2]2g2q2{2
3"323>3T3_3m3w3}3
6-63686>6L6Q6\6f6l6v6|6
7#7(737=7C7K7R7\7a7o7s7w7{7
838>8G8L8X8q8
9*909d9q9~9
:-:M:X:b:}:
;%;M;\;
<?<F<|<
='=0=L=Q=y=
>,>2>N>T>k>v>
0(020:0@0F0L0\0f0p0z0
1&1,111:1E1N1Z1`1f1p1}1
8I8t8{8
;#;C;I;\;s;
;'<\<k<w<
>->5>;>@>F>K>P>V>[>a>f>l>
?"?:?C?L?j?r?
070m0r0
1"1M1U1_1n1s1
3C3L3V3{3
3&4;4@4K4
5'5/545L5`5f5r5x5
6(6-63696H6k6p6u6
747<7B7J7\7f7l7v7{7
9E9N9_9e9
:#:1:W:0;P;\;b;k;x;
<"<)<4<9<F<W<m<w<
=*=5=C=P=d=
0/1A1G1M1S1X1b1k1r1w1
2 2$2(2,2024282<2@2D2H2L2P2T2
4 8&8i8t8
:):3:=:G:Q:[:e:o:y:
;#;,;8;A;G;P;\;e;k;
<$<2<8<><D<J<X<^<i<o<z<
>+>4>j>p>|>
>-?E?I?M?Q?U?Y?]?l?t?
0&0,0O0]0f0s0y0
1,11181Y1c1l1q1|1
2!2M2W2\2c2
2%363?3^3m3u3
4$42464<4F4K4R4W4^4c4h4m4t4y4
546J6N6R6V6Z6^6b6f6j6}6
7'767H7R7_7n7z7
8D8W8c8j8
9 9/9;9C9O9n9
;.;?;R;_;i;x;
;/<8<?<D<N<S<]<
='=/=5=U=Y=_=c=|=
?%?@?I?R?_?h?u?{?
0,0?0S0g0
1)1/1?2S2n2
363L3V3`3u3
6 6%6*6:6Y6
7 7'7,71777<7B7H7M7S7X7]7b7g7l7r7|7
8(989L9U9k9
=z=t=n=h=b=\=V=P=J=D=>=8=2=,=&= =
<~<x<r<l<f<`<Z<T<N<H<B<<<6<0<*<$<
;|;v;p;j;d;^;X;R;L;F;@;:;4;.;(;";
7X9`9h9p9x9