Analysis Date2015-03-12 13:21:47
MD5f3ce9a605a618ea98c91eba380d3da76
SHA1017e5372c1fac03692a8dc25f3e0f16bcfd85ae8

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: 4d5a625d4596d51ed86fd28d3e57d855 sha1: 48cde3e44b3e213d8a8b33cba79c0cf75f037419 size: 29184
Section.rdata md5: 4a055cf3dbbf0a482f304f6bd4db41d8 sha1: c993b378ceb7ecfadfc82ce8c3b03180b543438b size: 14848
Section.data md5: 46a750e4d1e136cf3cd360892393fb99 sha1: 40e04ba36a7bf43166909231b9b12cfc915f0321 size: 3584
Section.1 md5: bf619eac0cdf3f68d496ea9344137e8b sha1: 5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5 size: 512
Section.rsrc md5: 9417096b14e7e700e710d5668e9ba965 sha1: f5c4aec2189dca40b19dbca47e3ddec01d6e9338 size: 159744
Timestamp2014-11-06 22:14:07
VersionLegalCopyright: Copyright (C) 2011
InternalName: HD Tune Pro
FileVersion: 5, 0, 0, 0
CompanyName: EFD Software
PrivateBuild:
LegalTrademarks:
Comments:
ProductName: HD Tune Pro
SpecialBuild:
ProductVersion: 5, 0, 0, 0
FileDescription: HD Tune Pro
OriginalFilename: HDTunePro.EXE
PackerMicrosoft Visual C++ ?.?
PEhash266c1702a153a592aab53ab75ab633f715293283
IMPhash0054dbecf62700a97b61d324f61dba6a
AV360 Safeno_virus
AVAd-AwareGen:Variant.Symmi.49779
AVAlwil (avast)Injector-CFJ [Trj]
AVArcabit (arcavir)Gen:Variant.Symmi.49779
AVAuthentiumno_virus
AVAvira (antivir)no_virus
AVBullGuardGen:Variant.Symmi.49779
AVCA (E-Trust Ino)Win32/Carberp.NePXGfB
AVCAT (quickheal)no_virus
AVClamAVno_virus
AVDr. Webno_virus
AVEmsisoftGen:Variant.Symmi.49779
AVEset (nod32)Win32/Injector.BOZR
AVFortinetW32/Injector.MMTU!tr
AVFrisk (f-prot)no_virus
AVF-SecureGen:Variant.Symmi.49779
AVGrisoft (avg)Inject2.BDNE
AVIkarusTrojan-Downloader.Win32.Goo
AVK7Trojan ( 004b07781 )
AVKaspersky 2015Trojan.Win32.Inject.sbkd
AVMalwareBytesTrojan.Agent.ED
AVMcafeeDownloader-FALX!F3CE9A605A61
AVMicrosoft Security Essentialsno_virus
AVMicroWorld (escan)Gen:Variant.Symmi.49779
AVRisingno_virus
AVSophosMal/Wonton-S
AVSymantecno_virus
AVTrend Microno_virus
AVVirusBlokAda (vba32)TrojanDownloader.Genome

Runtime Details:

Network Details:


Raw Pcap

Strings
.CC
 

040904b0
5, 0, 0, 0
- abort() has been called
April
- Attempt to initialize the CRT more than once.
- Attempt to use MSIL code from this assembly during native code initialization
August
Comments
CompanyName
Copyright (C) 2011
- CRT not initialized
dddd, MMMM dd, yyyy
December
DOMAIN error
EFD Software
February
FileDescription
FileVersion
- floating point support not loaded
Friday
                                 H
         (((((                  H
HD Tune Pro
HDTunePro.EXE
         h((((                  H
HH:mm:ss
InternalName
January
July
June
KERNEL32.DLL
LegalCopyright
LegalTrademarks
MAINICON
March
@Microsoft Visual C++ Runtime Library
MM/dd/yy
Monday
mscoree.dll
- not enough space for arguments
- not enough space for environment
- not enough space for locale information
- not enough space for lowio initialization
- not enough space for _onexit/atexit table
- not enough space for stdio initialization
- not enough space for thread data
November
October
OriginalFilename
PrivateBuild
ProductName
ProductVersion
Program: 
<program name unknown>
- pure virtual function call
R6002
R6008
R6009
R6010
R6016
R6017
R6018
R6019
R6024
R6025
R6026
R6027
R6028
R6030
R6031
R6032
R6033
runtime error 
Runtime Error!
Saturday
September
SING error
SpecialBuild
StringFileInfo
Sunday
This indicates a bug in your application.
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Thursday
TLOSS error
Translation
Tuesday
- unable to initialize heap
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
VarFileInfo
VS_VERSION_INFO
Wednesday
WUSER32.DLL
                          
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
1wwwr"gf@
1wwwr"vv@
;7|G;p
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
ADVAPI32.dll
August
.?AVbad_alloc@std@@
.?AVbad_exception@std@@
.?AVexception@std@@
.?AVlength_error@std@@
.?AVlogic_error@std@@
.?AVout_of_range@std@@
.?AVtype_info@@
bad allocation
bad exception
 Base Class Array'
 Base Class Descriptor at (
__based(
BuildCommDCBAndTimeoutsW
__cdecl
CharToOemA
ChooseColorA
ChooseColorW
ChooseFontA
ChooseFontW
 Class Hierarchy Descriptor'
CloseHandle
__clrcall
COMDLG32.dll
CommDlgExtendedError
 Complete Object Locator'
`copy constructor closure'
CorExitProcess
CreateDialogParamA
CreateMenu
CreateProcessW
CryptContextAddRef
CryptCreateHash
CryptDecrypt
CryptGenKey
@.data
dddd, MMMM dd, yyyy
DdeGetData
December
DecodePointer
`default constructor closure'
 delete
 delete[]
DeleteCriticalSection
DeleteMetaFile
DeleteObject
DescribePixelFormat
DestroyCaret
DlgDirListA
DlgDirListComboBoxA
DrawEscape
`dynamic atexit destructor for '
`dynamic initializer for '
__eabi
`eh vector constructor iterator'
`eh vector copy constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`eh vector vbase copy constructor iterator'
Ellipse
EncodePointer
EndDoc
EnterCriticalSection
ExitProcess
__fastcall
February
FindResourceW
FindTextA
FindTextW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FreeEnvironmentStringsW
Friday
GDI32.dll
GetACP
GetActiveWindow
GetClipboardOwner
GetCommandLineW
GetComputerNameExA
GetCPInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDCEx
GetEnvironmentStringsW
GetFileTitleA
GetFileTitleW
GetFileType
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetForegroundWindow
GetGuiResources
GetKeyboardType
GetLastActivePopup
GetLastError
GetMenuItemID
GetMessageA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateA
GetOEMCP
GetOpenFileNameA
GetOpenFileNameW
GetParent
GetProcAddress
GetProcessHandleCount
GetProcessWindowStation
GetSaveFileNameA
GetSaveFileNameW
GetShellWindow
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTempFileNameA
GetThreadContext
GetTickCount
GetUserObjectInformationW
GetVolumePathNameA
GetWindowPlacement
Gggfv@
GlobalFindAtomA
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
HH:mm:ss
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
invalid string position
IsDebuggerPresent
IsDlgButtonChecked
IsProcessorFeaturePresent
IsValidCodePage
January
j@j ^V
kernel32
KERNEL32.dll
LCMapStringW
LeaveCriticalSection
LoadLibraryW
LoadResource
LocalFlags
`local static guard'
`local static thread guard'
`local vftable'
`local vftable constructor closure'
LockFile
`managed vector constructor iterator'
`managed vector copy constructor iterator'
`managed vector destructor iterator'
MapDialogRect
MessageBoxW
MM/dd/yy
Monday
MonitorFromPoint
MoveFileExA
MulDiv
MultiByteToWideChar
 new[]
November
NtUnmapViewOfSection
October
oduleFileNameW
OLEAUT32.dll
`omni callsig'
operator
OutputDebugStringA
PageSetupDlgA
PageSetupDlgW
__pascal
`placement delete closure'
`placement delete[] closure'
PPPPPPPP
PrintDlgA
PrintDlgExA
PrintDlgExW
PrintDlgW
__ptr64
QQSVWd
QQSVWh
QueryPerformanceCounter
RaiseException
`.rdata
ReadFile
ReadProcessMemory
RealGetWindowClassW
ReplaceTextA
ReplaceTextW
__restrict
ResumeThread
RtlUnwind
Saturday
`scalar deleting destructor'
ScrollWindow
September
SetConsoleOutputCP
SetHandleCount
SetLastError
SetThreadAffinityMask
SetThreadContext
SetUnhandledExceptionFilter
SizeofResource
SleepEx
^SSSSS
__stdcall
`string'
string too long
Sunday
TerminateProcess
__thiscall
!This program cannot be run in DOS mode.
Thursday
t	j\Yf
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
tR99u2
t*=RCC
t"SS9] u
Tuesday
;t$,v-
 Type Descriptor'
`typeof'
`udt returning'
__unaligned
UnhandledExceptionFilter
Unknown exception
UQPXY]Y[
URPQQh
USER32.dll
uTVWh%B@
ValidateRect
`vbase destructor'
`vbtable'
`vcall'
`vector constructor iterator'
`vector copy constructor iterator'
`vector deleting destructor'
`vector destructor iterator'
`vector vbase constructor iterator'
`vector vbase copy constructor iterator'
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueW
VERSION.dll
`vftable'
VirtualAlloc
VirtualAllocEx
`virtual displacement map'
VirtualFree
v	N+D$
&vvggd
Wednesday
WideCharToMultiByte
wr'""@
wr""&f@
wr""gf@
WriteFile
WriteProcessMemory
wwgbvt
ww"w""@