Sample details: 17e7a4b7cda6ab3dc9ab4fec8d8c784c --

Hashes
MD5: 17e7a4b7cda6ab3dc9ab4fec8d8c784c
SHA1: 90ccc0be8377ddf306220db1421f731be55ccb44
SHA256: f6eeb27863f948d5a9ac5addbe12eec94ebef7405cb2524f13eb0873fcd85c5a
SSDEEP: 6144:uYhgW6sY85ImxDpdcV4nQmSq09g7Dp3E+jNcjat9w44mZZ:xgAYwRpdA4vSq09f+jm+934U
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/CRC32_poly_Constant | YRP/CRC32_table |
Source
http://prntimage.com/pictures293.jpg
Strings
          	            !This program cannot be run in DOS mode.
`.rsrc
@.reloc
%&-'+%
%AXZ 3
 /8)_ 
L(Za+t
CoLa+#
%&-\& h
%&-4& 
8-Za8X
Z InJza8
~Z c5fBa8u
! L/DaZ J$
4TVZ V
! qFL+Z 
& VJJW%+
 f?[;%+
%&-++)
G]Wa+F
SL0a8%
'T"%&8
& C~\w%+
h:Za8J
Z c7jba8'
 .lXb%&
B%&	 >
?-%&8b
 LL*oZ k
J?6Za8
 N_+"%&
Za+V(V
+  cBD
(43%&	 
M(hZa83
 ]jQm%&
.<nZ fh9`a8W
Z j7Qha8B
^u)%&8
 /3Gk%&
 BOp]8
 QAj~Z 
ldZ hNU1a8$
3V0Z g?Lma8
sEHZ =L
vkZ 07
'%&	 o
&	 0M0}Z C:h
)+* PRo
 w!,D%&8
	KD%&8
`Vi%&8
98*Z +
g9Ha8+
 |,Rz%&8
 bT*SZ p
 '{u[%&8,
TZ ;QL
Rr%&8{
8/%&8t
Pt>a+:
	9%&80
 ;S~^%&8
%&-*+( 
 ;4A0%&
Z H,exa8
 k^e1Z Nzb
 ZbUT%+
Z 20QSa86
&& Upu: 
-6&&&&&&&
,-&&&&&
&&&&&&&
b{pBQ4
Qn*Qy9
plskyM
eKQgCu
C]cSta
@N%;z!
hMC{	\
e)	eM=I
[iH/Za
m$z'So
fXCs]S
"F\pL6
N.]=^}
$QKlD;5
8o'FVs
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPADT
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
eZ/x=xJl	~`W
{Yv+[aY
Cu+YfL
i8XW_c
<9Hq+y
oSve0%
66;R.{O6
}q/=EX
P6Tzla
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
@sS@2h
neE,#d
z2ert:
z		eMgP
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
g2+@M;
?h^&iR
aA$Qp)
W"5Z!V
P\,fYo,
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
Zd`YvA
qwPMF7
]en<~c
=]Y-W.DH
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
f|2)nY
&]}IM~
;.{^Zc
7P7`20
}[@;lj
l5TmQ.v
. g_h($
bE^g8-P
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
D(Ltp,
RGx.k"
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
uIDAThC
r4DUQ}
f=B;a 
Hh$D:A
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
~q7|yj@u'
;2.P3'
F[|#${
<F:Y$|D
o#%t&M-
<`%FSC)
U>52m*
j# B6z
%]d\Rda
MQv]lNv
Aw;a0;
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
up$';|
4^=KVC
UTq|`#kZo
ehI5w:$
_RCN>&
7K;4?OsG
WyYsq[
IY$wz`
6~E9Kv
,/y*m`C
Q<Dz0"
/;qo8/
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
rtv_*9
1Ugraq
(FmTn6
'aR`V4
*q	vMUmijz|
He,QRH
I'&$m2
h-W)%(
 f9uS%
r{'G	Q
~{.e-h
6#zsBKB
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
,)F4"$3
glE8;=
:Y@|@a
vD45qcm
q5Qj1XC
G\.n:+
EO\jy"?vo]
#1qy3U
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
'o|t-W
6#.}vD
/f%f2l
FVDC/'Y1
c6Dh&Q
[ETAVJ
L_^Eer
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
k4NA#Qy
560HvD	
Lc^$S5J/5
L+GtPd
J4;BPh
0Tpa(4"
@1{I)>20:`
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
\YZs)|<
?%e>>5/
.Gg|W$hs
o	UIE2
#3|e9(#
>lqU}*Ik
ZnW+"]
,@5)KD2
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
GV8o@~_
M|_AYb
/-Q			i[
}zut&.
 lTXZ] f
$m&ZUXata
6*qt=\
(Y3frS
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
)i$$FIJ
n-NRXb*
?UUdNy~
z~GH!P
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
nRud3r
?8@leOV
`JdBaNX.
@2=fl9n
dHLANF"
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
N"Xmv"
N2lI9-PQ
\A&1w\
9"ZJj9^A_
ZQ8QW=fO
e|Z6(C5
VcjTt-&
D[l]@b
.pk3]4{
5t*((]/
H/o)!{
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
g^_I)I!#
l,3"?k
ZU>*O7
6\NoUKk
E0)V4!
Dc^iO^
>DXSA+
!K\fYKW
ySGQQt
	Bzlyf
[O)E4|N
:58h!*M$7
J,^C<~
%7jZbU
sGWS`2
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
 _95A~7
p'xn*D
7/T-oQ
^v6>93
o|!Xf(
oD[Krx
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
(:<;j6>
T,e9)B
Pn:'Ri
uV~w;$
kS)GkK|
c##cP%
-[k``@
vo88LC
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
	M%NgSj
MT_lax
TBFi~6B
	Ik2WHBG 
FFvId0
BDOA0L
v2}`Bs
VnZVsT
{03J2g
;#$z#y
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
$M>Iy.
z7*{r7
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
,	UjB>
\w3F3s#
e,fT]1!S9M
7+	x.T_w
lu6Gv*
'Cpm>M
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
]hUW)r
/Ui'p&!K
H<b^I\r
lbJM!mV
6)rwfsM
[i&13Q
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThCc``(
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
f.>m>k
;&y-ts
.zpIs%+
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
2CF6	!
,af$;l
roH3;	L
LNaozl
@4s5J6x
S4A/."4Pu
cqI&Dl
ZfutR/
q[qj^s
O,/-eR]
cTK:CA^2>d
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
y2?ob) 
R#6h(t
p|.;^E
8g*	6#.
"vk}&`
(9rJR	
W5cB<)
9zWs4q
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
waV-:B
iVgP'#
mq~T"K
R["Y(W*
? /;v`Y
B3>I56,
  E_ k
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
=W)j$0
@.UHv-
99 ,\=
[q\)*X 
;vN!Xz_
:iE	uX~
t7vP9d
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
1}8mN;1
oF=ab;
-u:GZ0
Tu-	c{
G+wDD1
mx@lS]Y
<CDPw5
9/p^3(7
Z+D<ZQ
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
DB(S<_
!XSH}3
$*!nPvAIY
	)76TU	Bz
9hl2Cz
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
tIDAThC
:61Lw3
OD{`p3PB*
LK_Q,c
i('Sz&|
.Wz9g0
d:kWrn
F*V.G/}
\$&N\.
oE.cS[
379kxi
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
#FIIww
 FWh8n
nlBOZ3z
wkMjU@
T	K?Ru
-|qC(6
3uP-:	}~N
AsGcw>
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
8r3Im#
f|qGJ0
P{_\h)h
~5&>k{
|	}Sf=!Ho
'>p6"e
'u1kn6
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
rIDAThC
40PkIS!
d?[obx
:+/F2"
e(%zbl
Ce=E&lGK+
9luPl*
BRpH\#
 \w^dP
>g+z'z
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
vK$L\Ez2H|
:&ICg`
qVEoosGo
\_,@OT[8X
g*T	!M,@
H_$e&(X
n}+t|b
,M	ht^
]U599v[
Fi>qZg
PtmEEk(
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
kd=cdf
wNfxo8C
BBT)S.Y
V9yX Pa
enP8:z
tgaY"{
a1C/]=
0'JF!2
-	}o#ZV
Z39)qz
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
#~(dUtW
2`#r:F
!1k?6t
j hAxo
~S:5Jsz.
1.;*#L!
R7.40q
~]4dr 
.~%D~&
PuDC*Y
>68Sz\
Z>O.^s
yjw#pQ\-9
q<9/jn'i
O!2:AtD
\Sb8\8
|"%W,S
7H4I]=WC
Rc+pMn
s|UtlY
_m)xZh
1X+BYM
N<e35~
t}8@6.
jP1h,,
ASjdR.
-X *gZ
aE<>	&
,~o \~
 -=e#h
pnQ:t7n
1|q9(Y
=3JBtF+b
f~Lhc;q
rA8	=.
z,aFJJ)
gdOnPB
r538X]
9wdrMW
qC2I5v|
	BR0/z
Zfw:BV
mq)@aNw
9BrM+|
7.nFo@
I)T2t{
	%?BMXV
]+qxU]Z~
}^w7rQ
8>A`lb
iEA6Q9
U$\wPG
j,T,(7L
BX3+)g
$E"8!{
FJd<5*
._'%|D
C_IXk|
wv04}ao
6{0?B>
<Ck=5J
,+ooK2 |
k!=I&Ks
l(D@I)]
Ml;Gt]
6\TM=H&:o
Hi5*DsZ
{l<MSt~
`<@0JN%
WT!k]r
utV4 S
__wZ2w
zDFlN<
DBvf5(
g	]kObf&
vi=G2vM
p|fm_	
AYeK^t
I?= *sg
=v	GFM
Wx<;,Ku
d&7^H@
-at1p$
gY `m6
Q&b@jf
?BXq1=
gI|u{5
rM$qV%
lj,&s+(
"4A>W$
#Trr)i>{
d(Z0v<
A^,Zj@g
F_^iw[
^/-2RC
_b>oFW.a
9&T|E\
C~hw/)
auR@'=`
!vj](B
r3ksge@
=k464	;
mOFRM?
Qcq	Ay
|~#$YL
J!]#jk
[LDo9Q
W3|5[	d
KiR0Au
*Nh?dS
{oq$O/
H9`k>9
JmTNa6l
KB{	qe[M
252GM?
@8h\>k
ind"E{
v=q7BG
9=')K/zp
cmsrW3
hpYKh2
!(N*do
/)@N%.Us
QRT,:8
3L6YC{p
yVp(!f
u{~YH?
;9Zs!R
9n&y^s
M	I?b@
YR*&cmq
-[8<'p-\
Qkkbal
(U6z&\1
k9BSJB
v2.0.50727
#Strings
cvcdxvzcbf.exe
cvcdxvzcbf
mscorlib
System.Windows.Forms
System.Drawing
System
kernel32
{d2f8ebba-d182-4b2c-adf5-d3a299bac9d5}
eec451b9-a254-8e.Resources.resources
Qyvaehaezhe.Resources.resources
<Module>
RuntimeHelpers
System.Runtime.CompilerServices
InitializeArray
RuntimeFieldHandle
.cctor
Object
MethodInfo
System.Reflection
Assembly
MethodBase
Class1
GetTheFuckingAssemby
Rfc2898DeriveBytes
System.Security.Cryptography
SymmetricAlgorithm
DeriveBytes
CipherMode
MemoryStream
System.IO
RijndaelManaged
IDisposable
Dispose
CryptoStream
EventArgs
EventHandler
ArgumentException
ICryptoTransform
Stream
CryptoStreamMode
Control
ContainerControl
AutoScaleMode
STAThreadAttribute
CompilerGeneratedAttribute
ValueType
Exception
Dictionary`2
System.Collections.Generic
MoveFileEx
ResolveEventHandler
FileStream
String
ContainsKey
get_Item
set_Item
FileLoadException
BadImageFormatException
Process
System.Diagnostics
ProcessModule
AppDomain
ResolveEventArgs
Encoding
System.Text
DirectoryInfo
Version
StringBuilder
Attribute
AttributeUsageAttribute
AttributeTargets
Substring
NumberStyles
System.Globalization
BitConverter
GetBytes
Reverse
HostProtectionException
System.Security
DESCryptoServiceProvider
DeflateStream
System.IO.Compression
get_InputBlockSize
get_OutputBlockSize
TransformBlock
TransformFinalBlock
set_Capacity
set_Position
CompressionMode
ToArray
get_Length
get_Position
DateTime
UInt32
AssemblyName
FormatException
SeekOrigin
GetCallingAssembly
InvalidOperationException
ArgumentOutOfRangeException
ModuleHandle
BinaryReader
MulticastDelegate
GetTypeFromHandle
RuntimeTypeHandle
GetExecutingAssembly
GetModules
Module
get_ModuleHandle
FieldInfo
Delegate
DynamicMethod
System.Reflection.Emit
MethodBody
DynamicILInfo
ResolveTypeHandle
ResolveMethodHandle
RuntimeMethodHandle
GetMethodFromHandle
MemberInfo
ConstructorInfo
TryGetValue
CreateDelegate
SetValue
SetCode
SignatureHelper
LocalVariableInfo
IEnumerator`1
get_LocalVariables
IList`1
IEnumerable`1
GetEnumerator
get_Current
IEnumerator
System.Collections
MoveNext
GetSignature
SetLocalSignature
ExceptionHandlingClauseOptions
GetTokenFor
NotSupportedException
SetExceptions
ParameterInfo
get_ParameterType
OpCode
OpCodes
GetGenericArguments
OperandType
get_MethodHandle
get_TypeHandle
get_FieldHandle
get_MemberType
MemberTypes
get_Size
get_OperandType
Concat
GetValue
SecuritySafeCriticalAttribute
set_BlockSize
get_KeySize
get_BlockSize
Application
SetCompatibleTextRenderingDefault
set_AutoScaleMode
set_ClientSize
Invoke
ICloneable
Monitor
System.Threading
Component
System.ComponentModel
get_MainModule
add_AssemblyResolve
get_UTF8
Environment
IEquatable`1
GetString
SuspendLayout
GetTempPath
Exists
IComparable`1
get_IsPinned
get_IsValueType
IConvertible
get_Message
GetFields
BindingFlags
set_KeySize
set_AutoScaleDimensions
EnableVisualStyles
get_DeclaringType
set_Mode
ISerializable
System.Runtime.Serialization
Append
IndexOf
get_EntryPoint
_MethodBase
System.Runtime.InteropServices
ResolveMethod
ReadByte
CreateDecryptor
ResolveMember
Convert
ToBase64String
MarshalByRefObject
GetManifestResourceStream
ReadInt32
IComparable
get_Name
GetDynamicILInfo
get_Year
get_Day
get_Minute
get_Second
get_IsStatic
get_Now
GetPublicKey
CreateEncryptor
get_Module
set_Name
set_Text
IEnumerable
get_FullName
ToLower
ResolveField
ResolveType
get_ModuleName
ToInt32
Format
OpenWrite
WriteByte
MakeByRefType
get_Value
set_Key
set_IV
add_Load
ResolveString
get_Chars
StartsWith
Buffer
BlockCopy
ResumeLayout
_Assembly
get_ExitCode
get_ReturnType
get_LocalType
AddArgument
get_Month
get_Hour
ToString
ResolveSignature
op_Inequality
op_Equality
GetCurrentProcess
IEvidenceFactory
get_CurrentDomain
FromBase64String
Directory
CreateDirectory
GetMethodBody
ICustomAttributeProvider
LoadFile
GetLocalVarSigHelper
GetParameters
GetName
GuidAttribute
$d852bcfd-757b-4fac-988c-4ab288835c39
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>