Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'KeyGen.exe'

malicious

Threat Score: 100/100 AV Detection: 71% Labeled as: Malware #upx

KeyGen.exe

This report is generated from a file or URL submitted to this webservice on April 26th 2017 21:04:41 (UTC)
Guest System: Windows 7 32 bit, Home Premium, 6.1 (build 7601), Service Pack 1
Report generated by Falcon Sandbox v6.40 © Hybrid Analysis

Overview Sample unavailable Re-analyze Hash Seen Before Show Similar Samples Report False-Positive Request Report Deletion

Incident Response

Risk Assessment

Remote Access: Reads terminal service related keys (often RDP related)
Fingerprint: Reads the active computer name

Indicators

Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.

Malicious Indicators 6
External Systems
- Sample was identified as malicious by a large number of Antivirus engines
  
  details
  
  35/61 Antivirus vendors marked sample as malicious (57% detection rate)
  16/41 Antivirus vendors marked sample as malicious (39% detection rate)
  
  source
  
  External System
  
  relevance
  
  10/10
- Sample was identified as malicious by at least one Antivirus engine
  
  details
  
  35/61 Antivirus vendors marked sample as malicious (57% detection rate)
  16/41 Antivirus vendors marked sample as malicious (39% detection rate)
  
  source
  
  External System
  
  relevance
  
  8/10
General
- The analysis spawned a process that was identified as malicious
  
  details
  
  41/85 Antivirus vendors marked spawned process "<Input Sample>" (PID: 2900) as malicious (classified as "Downloader.Exchanger" with 48% detection rate)
  
  source
  
  Monitored Target
  
  relevance
  
  10/10
Pattern Matching
- YARA signature match
  
  details
  
  YARA signature "UPX" classified file "KeyGen.exe.bin" as "upx" based on indicators: "UPX0,UPX1,UPX!" (Author: Kevin Breen <kevin@techanarchy.net>)
  
  source
  
  YARA Signature
  
  relevance
  
  10/10
Unusual Characteristics
- Entrypoint in PE header is within an uncommon section
  
  details
  
  "KeyGen.exe.bin" has an entrypoint in section "UPX1"
  
  source
  
  Static Parser
  
  relevance
  
  5/10
Hiding 1 Malicious Indicators
- All indicators are available only in the private webservice or standalone version

Suspicious Indicators 10
Anti-Reverse Engineering
- PE file has unusual entropy sections
  
  details
  
  UPX1 with unusual entropies 7.9567844273
  
  source
  
  Static Parser
  
  relevance
  
  10/10
- PE file is packed with UPX
  
  details
  
  "KeyGen.exe.bin" has a section named "UPX0"
  "KeyGen.exe.bin" has a section named "UPX1"
  
  source
  
  Static Parser
  
  relevance
  
  10/10
Environment Awareness
- Reads the active computer name
  
  details
  
  "<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\COMPUTERNAME\ACTIVECOMPUTERNAME"; Key: "COMPUTERNAME")
  
  source
  
  Registry Access
  
  relevance
  
  5/10
General
- Contains ability to find and load resources of a specific module
  
  details
  
  FindResourceA@KERNEL32.DLL from KeyGen.exe (PID: 2900) (Show Stream)
  
  source
  
  Hybrid Analysis Technology
  
  relevance
  
  1/10
- Opened the service control manager
  
  details
  
  "<Input Sample>" called "OpenSCManager" requesting access rights "SC_MANAGER_CONNECT" (0x1)
  
  source
  
  API Call
  
  relevance
  
  10/10
- Requested access to a system service
  
  details
  
  "<Input Sample>" called "OpenService" to access the "AudioSrv" service
  "<Input Sample>" called "OpenService" to access the "ServicesActive" service requesting "SERVICE_QUERY_CONFIG" (0X1) access rights
  "<Input Sample>" called "OpenService" to access the "AudioSrv" service requesting "SERVICE_QUERY_STATUS" (0X4) access rights
  
  source
  
  API Call
  
  relevance
  
  10/10
Remote Access Related
- Reads terminal service related keys (often RDP related)
  
  details
  
  "<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\TERMINAL SERVER"; Key: "TSUSERENABLED")
  
  source
  
  Registry Access
  
  relevance
  
  10/10
Unusual Characteristics
- Imports suspicious APIs
  
  details
  
  VirtualProtect
  GetProcAddress
  VirtualAlloc
  LoadLibraryA
  
  source
  
  Static Parser
  
  relevance
  
  1/10
- Reads information about supported languages
  
  details
  
  "<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\LOCALE"; Key: "00000409")
  
  source
  
  Registry Access
  
  relevance
  
  3/10
Hiding 1 Suspicious Indicators
- All indicators are available only in the private webservice or standalone version

Informative 6
Anti-Reverse Engineering
- Contains ability to register a top-level exception handler (often used as anti-debugging trick)
  
  details
  
  SetUnhandledExceptionFilter@KERNEL32.DLL from KeyGen.exe (PID: 2900) (Show Stream)
  
  source
  
  Hybrid Analysis Technology
  
  relevance
  
  1/10
General
- Creates mutants
  
  details
  
  "\Sessions\1\BaseNamedObjects\Local\MidiMapper_modLongMessage_RefCnt"
  "Local\MidiMapper_modLongMessage_RefCnt"
  
  source
  
  Created Mutant
  
  relevance
  
  3/10
Installation/Persistance
- Connects to LPC ports
  
  details
  
  "<Input Sample>" connecting to "\ThemeApiPort"
  
  source
  
  API Call
  
  relevance
  
  1/10
- Touches files in the Windows directory
  
  details
  
  "<Input Sample>" touched file "%WINDIR%\Globalization\Sorting\sortdefault.nls"
  "<Input Sample>" touched file "%WINDIR%\system32\wdmaud.drv"
  "<Input Sample>" touched file "%WINDIR%\system32\en-US\SETUPAPI.dll.mui"
  "<Input Sample>" touched file "%WINDIR%\system32\en-US\wdmaud.drv.mui"
  "<Input Sample>" touched file "%WINDIR%\system32\en-US\MMDevAPI.DLL.mui"
  "<Input Sample>" touched file "%WINDIR%\Fonts\staticcache.dat"
  "<Input Sample>" touched file "%WINDIR%\system32\en-US\MSCTF.dll.mui"
  
  source
  
  API Call
  
  relevance
  
  7/10
System Security
- Opens the Kernel Security Device Driver (KsecDD) of Windows
  
  details
  
  "<Input Sample>" opened "\Device\KsecDD"
  
  source
  
  API Call
  
  relevance
  
  10/10
Unusual Characteristics
- Matched Compiler/Packer signature
  
  details
  
  "KeyGen.exe.bin" was detected as "UPX v1.25 (Delphi) Stub"
  
  source
  
  Static Parser
  
  relevance
  
  10/10

File Details

All Details:

KeyGen.exe

Filename: KeyGen.exe
Size: 53KiB (53760 bytes)
Type: peexe executable
Description: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
Architecture
: WINDOWS
SHA256
: 643bc250dc4e6cb47fecb1648aa5eea88b4fcbf42933aff65ecec144ae6f563e
MD5
: 3468e276c104484ab52e3a773dbb0252
SHA1
: 092f3169780db5a96d521f8aa5913fbb098c7f5f
ssdeep
: 1536:kkVaszYUVNFqi9YJ4BS8/nRbf2/Knouy8Mn:kk/zY4NdSAf9outM
imphash
: 965a25da4325b995a24a08a5602c7539
authentihash
: 03241882cc78be69290c24ec82440bf7889dae631f3f02532b99fdcf9a1f5b66
Compiler/Packer
: UPX v1.25 (Delphi) Stub
PDB Pathway

Resources

Language
: FRENCH
Icon

Visualization

Input File (PortEx)

File Sections

Details	Name	Entropy	Virtual Address	Virtual Size	Raw Size	MD5	Characteristics
Name UPX0 Entropy 0 Virtual Address 0x1000 Virtual Size 0x21000 Raw Size 0x0 MD5 d41d8cd98f00b204e9800998ecf8427e	UPX0	0	0x1000	0x21000	0x0	d41d8cd98f00b204e9800998ecf8427e	-
Name UPX1 Entropy 7.9567844273 Virtual Address 0x22000 Virtual Size 0xc000 Raw Size 0xb200 MD5 ec68b5250f41fb82123d7504e6db342e	UPX1	7.9567844273	0x22000	0xc000	0xb200	ec68b5250f41fb82123d7504e6db342e	-
Name .rsrc Entropy 5.59482022729 Virtual Address 0x2e000 Virtual Size 0x2000 Raw Size 0x1c00 MD5 49b14d47e8859f6382e12314c37c72d7	.rsrc	5.59482022729	0x2e000	0x2000	0x1c00	49b14d47e8859f6382e12314c37c72d7	-

File Resources

Details	Name	RVA	Size	Type	Language
Name RT_RCDATA RVA 0x18204 Size 0x6e8a Type empty Language French	RT_RCDATA	0x18204	0x6e8a	empty	French
Name RT_BITMAP RVA 0x1f090 Size 0xa388 Type empty Language French	RT_BITMAP	0x1f090	0xa388	empty	French
Name RT_ICON RVA 0x2e208 Size 0x468 Type GLS_BINARY_LSB_FIRST Language French	RT_ICON	0x2e208	0x468	GLS_BINARY_LSB_FIRST	French
Name RT_ICON RVA 0x2e674 Size 0x10a8 Type data Language French	RT_ICON	0x2e674	0x10a8	data	French
Name RT_DIALOG RVA 0x2a928 Size 0x282 Type data Language French	RT_DIALOG	0x2a928	0x282	data	French
Name RT_GROUP_ICON RVA 0x2f720 Size 0x22 Type MS Windows icon resource - 2 icons, 16x16 Language French	RT_GROUP_ICON	0x2f720	0x22	MS Windows icon resource - 2 icons, 16x16	French
Name RT_MANIFEST RVA 0x2f748 Size 0x154 Type ASCII text, with CRLF line terminators Language English	RT_MANIFEST	0x2f748	0x154	ASCII text, with CRLF line terminators	English

File Imports

SetBkMode

ExitProcess

GetProcAddress

LoadLibraryA

VirtualAlloc

VirtualFree

VirtualProtect

pow

EndDialog

waveOutOpen

Screenshots

Loading content, please wait...

Hybrid Analysis

Tip: Click an analysed process below to view more details.

Analysed 1 process in total (System Resource Monitor).

KeyGen.exe (PID: 2900) 41/85

Logged Script Calls	Logged Stdout	Extracted Streams	Memory Dumps
Reduced Monitoring	Network Activityy	Network Error	Multiscan Match

Network Analysis

DNS Requests

No relevant DNS requests were made.

Contacted Hosts

No relevant hosts were contacted.

HTTP Traffic

No relevant HTTP requests were made.

Extracted Strings

Download All Memory Strings (2.6KiB)

!This program cannot be run in DOS mode.$

Ansi based on Memory/File Scan (KeyGen.exe.bin)

*+O?m7i0t

Ansi based on Memory/File Scan (KeyGen.exe.bin)

1021F2D6923D615B3ACCB3ED

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

12D001EF085EA4AD38880ED5

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

1Extended Module:

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

;{,g:$32@

Ansi based on Memory/File Scan (KeyGen.exe.bin)

Ansi based on Memory/File Scan (KeyGen.exe.bin)

@ZfHG3%.t

Ansi based on Memory/File Scan (KeyGen.exe.bin)

\Sessions\1\Windows\ApiPort

Unicode based on Runtime Data (KeyGen.exe )

\ThemeApiPort

Unicode based on Runtime Data (KeyGen.exe )

__iob_func

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

_crt_debugger_hook

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Attempt to take illegal root

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

AudioSrv

Unicode based on Runtime Data (KeyGen.exe )

Base must be binary (MR_ALWAYS_BINARY defined in mirdef.h ?)

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

big_to_bytes

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

brick_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

bytes_to_big

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

called from

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

CEIPEnable

Unicode based on Runtime Data (KeyGen.exe )

Com+Enabled

Unicode based on Runtime Data (KeyGen.exe )

Composite modulus

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

ComputerName

Unicode based on Runtime Data (KeyGen.exe )

CreateDialogParamA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

CreateFontA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

CreateSolidBrush

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

CreateThread

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Customer ID :

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

CWDIllegalInDLLSearch

Unicode based on Runtime Data (KeyGen.exe )

DataFilePath

Unicode based on Runtime Data (KeyGen.exe )

DeleteObject

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

DevicePath

Unicode based on Runtime Data (KeyGen.exe )

DeviceState

Unicode based on Runtime Data (KeyGen.exe )

DisableMetaFiles

Unicode based on Runtime Data (KeyGen.exe )

DisableUserModeCallbackFilter

Unicode based on Runtime Data (KeyGen.exe )

DispatchMessageA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

divisible

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Division by zero attempted

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

double_inverse

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ebrick2_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ebrick_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_add

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_mult

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_mult2

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_multi_add

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_multn

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_sub

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_add

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_mult

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_mult2

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_multi_add

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_multn

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_sub

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

EnableAnchorContext

Unicode based on Runtime Data (KeyGen.exe )

EndDialog

Ansi based on Memory/File Scan (KeyGen.exe.bin)

epoint2_comp

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint2_get

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint2_negate

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint2_norm

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint2_set

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_double_add

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_get

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_getxyz

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_negate

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_norm

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_set

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_x

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

erhaltlich....

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Even root of a negative number

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

ExitProcess

Ansi based on Memory/File Scan (KeyGen.exe.bin)

Exponent too big

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Extended Module:

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

FindResourceA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Flash overflow

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Flash to double conversion failure

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

GDI32.dll

Ansi based on Memory/File Scan (KeyGen.exe.bin)

GetCurrentProcess

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetDlgItem

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetMessageA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetModuleHandleA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetProcAddress

Ansi based on Memory/File Scan (KeyGen.exe.bin)

GetSystemMetrics

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetTickCount

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetWindowRect

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

I/O buffer overflow

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Illegal modulus

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Illegal number base

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Illegal parameter usage

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

InprocServer32

Unicode based on Runtime Data (KeyGen.exe )

Input format error

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Integer operation attempted on Flash number

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Internal result is negative

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

IsDebuggerPresent

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

KERNEL32.DLL

Ansi based on Memory/File Scan (KeyGen.exe.bin)

Language Hotkey

Unicode based on Runtime Data (KeyGen.exe )

Layout Hotkey

Unicode based on Runtime Data (KeyGen.exe )

Licence key :

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

LoadAppInit_DLLs

Unicode based on Runtime Data (KeyGen.exe )

LoadLibraryA

Ansi based on Memory/File Scan (KeyGen.exe.bin)

LoadResource

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

LockResource

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Log of a non-positive number

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

MachinePreferredUILanguages

Unicode based on Runtime Data (KeyGen.exe )

MaxRpcSize

Unicode based on Runtime Data (KeyGen.exe )

MaxSxSHashCount

Unicode based on Runtime Data (KeyGen.exe )

ment fur brass band

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

midimapper

Unicode based on Runtime Data (KeyGen.exe )

MIRACL error from routine

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

MIRACL not initialised - no call to mirsys()

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

mr_shift

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

MSVCR80.dll

Ansi based on Memory/File Scan (KeyGen.exe.bin)

mul2_brick

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

mul_brick

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

multi_inverse

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

NdrOleExtDLL

Unicode based on Runtime Data (KeyGen.exe )

No irreducible basis defined

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

No modulus defined

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

normalise

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_dotprod

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_double_inverse

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_double_modadd

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_double_modsub

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_lazy

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_lucas

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_modadd

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_moddiv

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_modmult

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_modsub

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_multi_inverse

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_negate

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_powltr

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_powmod

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_powmod2

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_powmodn

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_premult

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_sqroot

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Number base too big for representation

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Numbers too big

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

nxsafeprime

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

OOBEInProgress

Unicode based on Runtime Data (KeyGen.exe )

Out of space

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Overflow - Number too big

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

PageAllocatorSystemHeapIsPrivate

Unicode based on Runtime Data (KeyGen.exe )

PageAllocatorUseSystemHeap

Unicode based on Runtime Data (KeyGen.exe )

PCMSCAN 2.4.8 (build 855)

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

PCMSCAN 2.4.8 (build 855) - X-FORCE

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

PCMSCANV2

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

PostQuitMessage

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

pow_brick

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

PreferredUILanguages

Unicode based on Runtime Data (KeyGen.exe )

prepare_basis

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

prepare_monty

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Press Generate

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

PRODUCT ID: %sCUSTOMER ID: %sFEATURE BIT MASK: %08X

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Raising integer to negative power

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

RSA-93 + SHA-1

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

RT_RCDATA

Unicode based on Memory/File Scan (KeyGen.exe.bin)

SafeDllSearchMode

Unicode based on Runtime Data (KeyGen.exe )

SafeProcessSearchMode

Unicode based on Runtime Data (KeyGen.exe )

SendMessageA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ServicesActive

Unicode based on Runtime Data (KeyGen.exe )

set_io_buffer_size

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

set_user_function

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SetBkMode

Ansi based on Memory/File Scan (KeyGen.exe.bin)

SetDlgItemTextA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SetTextColor

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SetThreadPriority

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SetUnhandledExceptionFilter

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SetWindowPos

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ShowWindow

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SizeofResource

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SourcePath

Unicode based on Runtime Data (KeyGen.exe )

Specified basis is NOT irreducible

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Specified double length type isn't double length

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

SQMServiceList

Unicode based on Runtime Data (KeyGen.exe )

strong_bigrand

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SystemSetupInProgress

Unicode based on Runtime Data (KeyGen.exe )

TerminateProcess

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ThemeApiConnectionRequest

Unicode based on Runtime Data (KeyGen.exe )

ThreadingModel

Unicode based on Runtime Data (KeyGen.exe )

TranslateMessage

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

TransparentEnabled

Unicode based on Runtime Data (KeyGen.exe )

trial_division

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

TSAppCompat

Unicode based on Runtime Data (KeyGen.exe )

TSUserEnabled

Unicode based on Runtime Data (KeyGen.exe )

Unable to control Floating-point rounding

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Undefined error

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

UnhandledExceptionFilter

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Unsupported Feature - check mirdef.h

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

usa.net !

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

USER32.dll

Ansi based on Memory/File Scan (KeyGen.exe.bin)

via lone.wolf.beam at

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

VirtualAlloc

Ansi based on Memory/File Scan (KeyGen.exe.bin)

VirtualFree

Ansi based on Memory/File Scan (KeyGen.exe.bin)

VirtualProtect

Ansi based on Memory/File Scan (KeyGen.exe.bin)

wavemapper

Unicode based on Runtime Data (KeyGen.exe )

waveOutClose

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

waveOutGetPosition

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

waveOutOpen

Ansi based on Memory/File Scan (KeyGen.exe.bin)

waveOutPrepareHeader

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

waveOutReset

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

waveOutUnprepareHeader

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

waveOutWrite

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

wdmaud.drv

Unicode based on Runtime Data (KeyGen.exe )

WINMM.dll

Ansi based on Memory/File Scan (KeyGen.exe.bin)

wsprintfA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

X-FORCE TEAM

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

your program

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_conj

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_div2

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_from_big

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_from_bigs

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_from_int

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_from_ints

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_imul

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_isunity

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_negate

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_powl

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_sadd

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_smul

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_ssub

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_times_irp

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_timesi

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

{026e516e-b814-414b-83cd-856d6fef4822},2

Unicode based on Runtime Data (KeyGen.exe )

{1da5d803-d492-4edd-8c23-e0c0ffee7f0e},0

Unicode based on Runtime Data (KeyGen.exe )

{a45c254e-df1c-4efd-8020-67d146a850e0},2

Unicode based on Runtime Data (KeyGen.exe )

{b3f8fa53-0004-438e-9003-51a46e139bfc},1

Unicode based on Runtime Data (KeyGen.exe )

{b3f8fa53-0004-438e-9003-51a46e139bfc},2

Unicode based on Runtime Data (KeyGen.exe )

{b3f8fa53-0004-438e-9003-51a46e139bfc},6

Unicode based on Runtime Data (KeyGen.exe )

~ei_C;QJ4

Ansi based on Memory/File Scan (KeyGen.exe.bin)

\Sessions\1\Windows\ApiPort

Unicode based on Runtime Data (KeyGen.exe )

\ThemeApiPort

Unicode based on Runtime Data (KeyGen.exe )

Base must be binary (MR_ALWAYS_BINARY defined in mirdef.h ?)

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Com+Enabled

Unicode based on Runtime Data (KeyGen.exe )

Composite modulus

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

ComputerName

Unicode based on Runtime Data (KeyGen.exe )

epoint2_comp

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint2_get

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_get

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_getxyz

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

erhaltlich....

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ExitProcess

Ansi based on Memory/File Scan (KeyGen.exe.bin)

Flash to double conversion failure

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

GetCurrentProcess

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetDlgItem

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetMessageA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetModuleHandleA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetProcAddress

Ansi based on Memory/File Scan (KeyGen.exe.bin)

GetSystemMetrics

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetTickCount

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetWindowRect

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Input format error

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Language Hotkey

Unicode based on Runtime Data (KeyGen.exe )

Layout Hotkey

Unicode based on Runtime Data (KeyGen.exe )

Licence key :

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

MIRACL error from routine

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

PCMSCAN 2.4.8 (build 855)

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

PCMSCAN 2.4.8 (build 855) - X-FORCE

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

PCMSCANV2

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

PostQuitMessage

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SafeProcessSearchMode

Unicode based on Runtime Data (KeyGen.exe )

ServicesActive

Unicode based on Runtime Data (KeyGen.exe )

SQMServiceList

Unicode based on Runtime Data (KeyGen.exe )

TerminateProcess

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ThemeApiConnectionRequest

Unicode based on Runtime Data (KeyGen.exe )

TSAppCompat

Unicode based on Runtime Data (KeyGen.exe )

Undefined error

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Unsupported Feature - check mirdef.h

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

waveOutGetPosition

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_isunity

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

{026e516e-b814-414b-83cd-856d6fef4822},2

Unicode based on Runtime Data (KeyGen.exe )

{1da5d803-d492-4edd-8c23-e0c0ffee7f0e},0

Unicode based on Runtime Data (KeyGen.exe )

{a45c254e-df1c-4efd-8020-67d146a850e0},2

Unicode based on Runtime Data (KeyGen.exe )

{b3f8fa53-0004-438e-9003-51a46e139bfc},1

Unicode based on Runtime Data (KeyGen.exe )

{b3f8fa53-0004-438e-9003-51a46e139bfc},2

Unicode based on Runtime Data (KeyGen.exe )

{b3f8fa53-0004-438e-9003-51a46e139bfc},6

Unicode based on Runtime Data (KeyGen.exe )

!This program cannot be run in DOS mode.$

Ansi based on Memory/File Scan (KeyGen.exe.bin)

*+O?m7i0t

Ansi based on Memory/File Scan (KeyGen.exe.bin)

;{,g:$32@

Ansi based on Memory/File Scan (KeyGen.exe.bin)

@ZfHG3%.t

Ansi based on Memory/File Scan (KeyGen.exe.bin)

EndDialog

Ansi based on Memory/File Scan (KeyGen.exe.bin)

ExitProcess

Ansi based on Memory/File Scan (KeyGen.exe.bin)

GDI32.dll

Ansi based on Memory/File Scan (KeyGen.exe.bin)

GetProcAddress

Ansi based on Memory/File Scan (KeyGen.exe.bin)

KERNEL32.DLL

Ansi based on Memory/File Scan (KeyGen.exe.bin)

LoadLibraryA

Ansi based on Memory/File Scan (KeyGen.exe.bin)

MSVCR80.dll

Ansi based on Memory/File Scan (KeyGen.exe.bin)

RT_RCDATA

Unicode based on Memory/File Scan (KeyGen.exe.bin)

SetBkMode

Ansi based on Memory/File Scan (KeyGen.exe.bin)

USER32.dll

Ansi based on Memory/File Scan (KeyGen.exe.bin)

VirtualAlloc

Ansi based on Memory/File Scan (KeyGen.exe.bin)

VirtualFree

Ansi based on Memory/File Scan (KeyGen.exe.bin)

VirtualProtect

Ansi based on Memory/File Scan (KeyGen.exe.bin)

waveOutOpen

Ansi based on Memory/File Scan (KeyGen.exe.bin)

WINMM.dll

Ansi based on Memory/File Scan (KeyGen.exe.bin)

~ei_C;QJ4

Ansi based on Memory/File Scan (KeyGen.exe.bin)

1021F2D6923D615B3ACCB3ED

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

12D001EF085EA4AD38880ED5

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

1Extended Module:

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

\Sessions\1\Windows\ApiPort

Unicode based on Runtime Data (KeyGen.exe )

\ThemeApiPort

Unicode based on Runtime Data (KeyGen.exe )

__iob_func

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

_crt_debugger_hook

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Attempt to take illegal root

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

AudioSrv

Unicode based on Runtime Data (KeyGen.exe )

Base must be binary (MR_ALWAYS_BINARY defined in mirdef.h ?)

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

big_to_bytes

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

brick_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

bytes_to_big

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

called from

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

CEIPEnable

Unicode based on Runtime Data (KeyGen.exe )

Com+Enabled

Unicode based on Runtime Data (KeyGen.exe )

Composite modulus

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

ComputerName

Unicode based on Runtime Data (KeyGen.exe )

CreateDialogParamA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

CreateFontA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

CreateSolidBrush

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

CreateThread

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Customer ID :

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

CWDIllegalInDLLSearch

Unicode based on Runtime Data (KeyGen.exe )

DataFilePath

Unicode based on Runtime Data (KeyGen.exe )

DeleteObject

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

DevicePath

Unicode based on Runtime Data (KeyGen.exe )

DeviceState

Unicode based on Runtime Data (KeyGen.exe )

DisableMetaFiles

Unicode based on Runtime Data (KeyGen.exe )

DisableUserModeCallbackFilter

Unicode based on Runtime Data (KeyGen.exe )

DispatchMessageA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

divisible

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Division by zero attempted

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

double_inverse

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ebrick2_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ebrick_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_add

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_mult

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_mult2

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_multi_add

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_multn

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve2_sub

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_add

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_mult

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_mult2

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_multi_add

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_multn

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ecurve_sub

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

EnableAnchorContext

Unicode based on Runtime Data (KeyGen.exe )

epoint2_comp

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint2_get

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint2_negate

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint2_norm

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint2_set

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_double_add

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_get

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_getxyz

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_init

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_negate

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_norm

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_set

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

epoint_x

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

erhaltlich....

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Even root of a negative number

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Exponent too big

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Extended Module:

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

FindResourceA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Flash overflow

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Flash to double conversion failure

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

GetCurrentProcess

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetDlgItem

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetMessageA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetModuleHandleA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetSystemMetrics

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetTickCount

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

GetWindowRect

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

I/O buffer overflow

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Illegal modulus

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Illegal number base

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Illegal parameter usage

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

InprocServer32

Unicode based on Runtime Data (KeyGen.exe )

Input format error

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Integer operation attempted on Flash number

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Internal result is negative

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

IsDebuggerPresent

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Language Hotkey

Unicode based on Runtime Data (KeyGen.exe )

Layout Hotkey

Unicode based on Runtime Data (KeyGen.exe )

Licence key :

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

LoadAppInit_DLLs

Unicode based on Runtime Data (KeyGen.exe )

LoadResource

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

LockResource

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Log of a non-positive number

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

MachinePreferredUILanguages

Unicode based on Runtime Data (KeyGen.exe )

MaxRpcSize

Unicode based on Runtime Data (KeyGen.exe )

MaxSxSHashCount

Unicode based on Runtime Data (KeyGen.exe )

ment fur brass band

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

midimapper

Unicode based on Runtime Data (KeyGen.exe )

MIRACL error from routine

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

MIRACL not initialised - no call to mirsys()

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

mr_shift

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

mul2_brick

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

mul_brick

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

multi_inverse

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

NdrOleExtDLL

Unicode based on Runtime Data (KeyGen.exe )

No irreducible basis defined

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

No modulus defined

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

normalise

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_dotprod

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_double_inverse

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_double_modadd

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_double_modsub

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_lazy

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_lucas

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_modadd

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_moddiv

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_modmult

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_modsub

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_multi_inverse

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_negate

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_powltr

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_powmod

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_powmod2

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_powmodn

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_premult

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

nres_sqroot

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Number base too big for representation

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Numbers too big

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

nxsafeprime

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

OOBEInProgress

Unicode based on Runtime Data (KeyGen.exe )

Out of space

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Overflow - Number too big

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

PageAllocatorSystemHeapIsPrivate

Unicode based on Runtime Data (KeyGen.exe )

PageAllocatorUseSystemHeap

Unicode based on Runtime Data (KeyGen.exe )

PCMSCAN 2.4.8 (build 855)

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

PCMSCAN 2.4.8 (build 855) - X-FORCE

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

PCMSCANV2

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

PostQuitMessage

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

pow_brick

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

PreferredUILanguages

Unicode based on Runtime Data (KeyGen.exe )

prepare_basis

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

prepare_monty

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Press Generate

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

PRODUCT ID: %sCUSTOMER ID: %sFEATURE BIT MASK: %08X

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Raising integer to negative power

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

RSA-93 + SHA-1

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SafeDllSearchMode

Unicode based on Runtime Data (KeyGen.exe )

SafeProcessSearchMode

Unicode based on Runtime Data (KeyGen.exe )

SendMessageA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ServicesActive

Unicode based on Runtime Data (KeyGen.exe )

set_io_buffer_size

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

set_user_function

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SetDlgItemTextA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SetTextColor

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SetThreadPriority

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SetUnhandledExceptionFilter

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SetWindowPos

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ShowWindow

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SizeofResource

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SourcePath

Unicode based on Runtime Data (KeyGen.exe )

Specified basis is NOT irreducible

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Specified double length type isn't double length

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

SQMServiceList

Unicode based on Runtime Data (KeyGen.exe )

strong_bigrand

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

SystemSetupInProgress

Unicode based on Runtime Data (KeyGen.exe )

TerminateProcess

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

ThemeApiConnectionRequest

Unicode based on Runtime Data (KeyGen.exe )

ThreadingModel

Unicode based on Runtime Data (KeyGen.exe )

TranslateMessage

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

TransparentEnabled

Unicode based on Runtime Data (KeyGen.exe )

trial_division

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

TSAppCompat

Unicode based on Runtime Data (KeyGen.exe )

TSUserEnabled

Unicode based on Runtime Data (KeyGen.exe )

Unable to control Floating-point rounding

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

Undefined error

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

UnhandledExceptionFilter

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

Unsupported Feature - check mirdef.h

Ansi based on Hybrid Analysis (KeyGen.exe , 00015761-00002900.00000002.22254.00400000.00000002.mdmp)

usa.net !

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

via lone.wolf.beam at

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

wavemapper

Unicode based on Runtime Data (KeyGen.exe )

waveOutClose

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

waveOutGetPosition

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

waveOutPrepareHeader

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

waveOutReset

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

waveOutUnprepareHeader

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

waveOutWrite

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

wdmaud.drv

Unicode based on Runtime Data (KeyGen.exe )

wsprintfA

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

X-FORCE TEAM

Unicode based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

your program

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_conj

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_div2

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_from_big

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_from_bigs

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_from_int

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_from_ints

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_imul

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_isunity

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_negate

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_powl

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_sadd

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_smul

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_ssub

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_times_irp

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

zzn2_timesi

Ansi based on Memory/File Scan (KeyGen.exe , 00015761-00002900.00000002.22254.00401000.00000040.mdmp)

{026e516e-b814-414b-83cd-856d6fef4822},2

Unicode based on Runtime Data (KeyGen.exe )

{1da5d803-d492-4edd-8c23-e0c0ffee7f0e},0

Unicode based on Runtime Data (KeyGen.exe )

{a45c254e-df1c-4efd-8020-67d146a850e0},2

Unicode based on Runtime Data (KeyGen.exe )

{b3f8fa53-0004-438e-9003-51a46e139bfc},1

Unicode based on Runtime Data (KeyGen.exe )

{b3f8fa53-0004-438e-9003-51a46e139bfc},2

Unicode based on Runtime Data (KeyGen.exe )

{b3f8fa53-0004-438e-9003-51a46e139bfc},6

Unicode based on Runtime Data (KeyGen.exe )

Extracted Files

No significant files were extracted.

Notifications

Runtime

Added comment to Virus Total report

Some low-level data is hidden, as this is only a slim report

Community

There are no community comments.

You must be logged in to submit a comment.

KeyGen.exe

Incident Response

Risk Assessment

Indicators

Malicious Indicators 6

Suspicious Indicators 10

Informative 6

File Details

KeyGen.exe

Resources

Visualization

File Sections

File Resources

File Imports

Screenshots

System Resource Monitor

Hybrid Analysis

Network Analysis

DNS Requests

Contacted Hosts

HTTP Traffic

Extracted Strings

Extracted Files

Notifications

Runtime

Community

Latest News

Vetting required

Request Report Deletion

Link