Sample details: 2fbd194b2d68b2cd446a33efb244e4b7 --

Hashes
MD5: 2fbd194b2d68b2cd446a33efb244e4b7
SHA1: 3cd0c6228067bb8fbac20e04a18e46aef4ee2d9e
SHA256: 0966c6a01169b4863d1a0a33911f13b686f3bd5ca2978ad3ad8829cf40d16900
SSDEEP: 6144:R6ddvrwwpH3ZcPUeWcVE5b2IrB0wTddPKxgPlYUfR94830Ux39pZr:R6XrpH3WPZVO12kPPWlUJ94M0UdZr
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/Big_Numbers1 |
Source
http://u.teknik.io/0rDse.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
pf& m@
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
]G$m`>
?2a3vD
Ys%Od1
GcVl^H
^&5HppZg
`E<</)
08NVE4
fS	n-O
20t3CsGo
b2jd2j
V4AWpJe&ZQ
i+}\[N
.h,oO=L
 _h@S9P<
(eQk3u
o!lj?LuG
KT}u',(1
K<~A2l
;[$8Q?
Fl?5p#
Fejb*Sk
iKR/}{
K7`i3.Gs
$pYv{.
A|Qd.FUl
fH%\uG;U$w|
-MFA`V
n=?{yr;n
|'X\s9w]
lBe9kQ
)4i=,;+
O>$c%T
/lVolx
"'9g;'
kH8e}~,.
FF3p}x
E&ib$ tq
ly  /1
."S{J=[
j<p>b#7
"?K^KkC
0yTA~o	
 A)XZpC>
i8^E>o
{rNO~EJ
MLBM>,/3
0gXRj2%
ffeR+~
hhI5RN
B/Q^nD
C)oc-S
[i>L#h$
0tT4o}~
"_	r|^
FhHzoSoY
2Pqd!3k
p;nmSZf0b
<YM~0Uz
CnQLbr
^0U9Km
$GRupju`!
EtyH<)f
4PZ2YF
b#[eBN
*`4"y'
f^U		I]
YABZkX]E>
sp>/W+
75,bq[1
zG(n3HU
;i{9{G*
;h~7uNgwm
qiXIC`
K>?{Wud
PoMrz@
j'9[Jqs
CS?e3Q
Zz\&Dh~N
$ls.RyW
WQr;U2
sI[z` 
2e/i1&
BK4yC>K
=9l|"jC
_R\h'x
585OVp~
WLf'4]
TmR1mA
lWl[ ]
\`52E8b.j
|;>G+\*=
Hw,le8
#]j+]R<
+ECLsU
/_8"@u!
</il?/
'MvF<i
A?hy\o
~~\k}!
&GA0y@
<DdQSF!
GviJ!k.7MA
e#^(bU
'r8;GBI
\/ i+Lu
I)Z41JRc'
r )(i#(
cVT'UXO
Pz3;[HWh
YGalGj
wrtUpz
? ]HGz
1? -_B
w2yQxeQW
i=k2*|
%F&%eY|
$865g|`
FfO0F`
Rtlg4IF
2ku1!fv
Q?JYn~F
'"Q8[7
inxB`n
*DTa0#
H)Jl?Or
9CMi;A
G'>O&'1
6Vvt{T
pmvL9w
6^!+*O
cLt''K
:wLm{n1M
R2$Hi3
YJ}3VG2Og
vdZ9x9|T
5l"Wt6
$j9l+2>wE
,P;jw%
:@h^xm
cS!{rM
Z,KzCt}B,
tF	xo2
9K#\x3
:|S3eB
o7#)(P4
MDP3fh
lZ]Z+R
w	fk+]tR
oOP-1b
p+BXx+
5vn_b"9
:#3A87
X`:W6J}
~0WH/"
ye!t6m
8fU1.))(B
	ai7#FG(zF
i5}fj!
do.,hHN
7NbsAgY-2
|-Ds4w
OGmq')
4j)$Bv
jYi>)y
{Y9-B=
a4h3Q$
p|@+w#
  x4xr
R<XQa>P
9-JH]2rpi
`Q:(TzP
[Js	=B|
:99sJ-@4
vHI,>w
47$TIp
npM%rqe
vry1:(
=$yQ,A
)IC;OeND
*	KxM|
P}8w8]`
J#dd^U
\#qU'0
G6Mqge9
=BglI<
Vc{3+U
Ug,/Qo
gTz-J|
k)6?~I+
j2Br/B
VVyG~b
`_zCLn^
AiA[3M
,,?50>
1HxZYV
XO Jux
V/}f<w
fLl/f[r
5S~_J_
OB(~*L
D:P.DRm
6&{B7By-
]cyc3]
eRat?I
y!:J{x
31y QQ;
dlFJLz
NeQS36
fc!'#+
[].	\E
xhrhGy=$W
J@HbF1
>n#B-z\
+Sgh+x
}UijKE
Kc<i*5qs
!gXyf`
kxY<qZB&
CYN1hA
3y`"bH`o
iabeyC
{?LA"$6D4
<1'_^o=
o\$Ovq
hfy3>4
\c.#wY
<W!ltrf
<BtBeV>
coRIAD
9,Q1kp1
n}vOs*
SG(5;'
$O{f/]
u|X!}Z
nl?yo/
{;L=_WYc
yu)BzKd
DQ7.c*
mYn*aU
+R|KpK'
8mTe+WB
kO%+Z3
@}uBpq\
p3S#\+nl
o#'JWv
n]}!w|RC
W=E:eJ
WWU?*"
!{KS@U
$S!u6S
id"+w6
(zbiJT
01ySN;
_^70&9
oFfO*6
F`KM{@
1}e2C8
<P|=.X
XM7}hj s
mV`FlL
oZ!p2`G
T_!k]8
\6fj^j=
0$f>A:
X ("Di
zP(zXV
3E)hM)
?~>lu,
l9GrwH
[)x~g,
uo8{jk
OAO&$O
A.8xuE
	Ev; j
$WLDnK
JbA;:$M})L<
6BdO6t
3OYpFC
wk}lNV
r1V(PI
F5;540
qB	vt;
Q#6H,7
`OW;)b8
^hrl>gza
I+AfZ#
$p&C9Q
q{#uOcq7[
kK^%cF
]ot/fi00
NmD,GV(
:U@K8G
X8u<	Ff
wu=% a
-95}3R
HD]_KD
=&O:~N
Cf>M'#x0
LcOsd%D
`_^P@]
$Q\ Vf
efKDr7
mP2Mcq
O)`r]^
.i>>"=K
T9#BC?:z
]]dYu:M
-$=Wp"
2mz/Vgl.
j;P5v]
@A)7Qv
Jege,\
f4wsd[
)rgRc<]R
L%	~X_g
5"V\]1y
A*vb\_/
tw{lz2
V+zB-c
P-WGNB
b1F)az
Y|_3=z
?=}C\e
gz.W"K<`
i}3Qcj
}Tg9_n
,x{z6,
*BBV8=&
]gjh[Q
'ubk=t}j
%2uL10
	N0 }s
vipAm6
!TNK+D
m>~Gwk1
1qQQ}Q
l61{H2d_
x/5FEF
&q!p/ 
qS03e;
y	wEqSs
Rz|str
/&gv>`Q
1N$#b]+yg
CnHoP 
w-cnd/
u8OV:-
X[/80%
Ijf	S3*!"
To=L>)%WU
)ObZ7;
b{=8*&
}>3PPR
dU$1D'
EUXkqx
:ja3~FGa
Mn%K8'I
N-s#w|!_M'
wHS5WT
;%?eM]*
rC)5/Q
yBPO0ti
I~w\pg/R
FW;Muh
UffQAl
c8E%|-
S3%bh.
]H2)4l
bbZ,KU
J,'mS4
j2M~p+
aro7od
:`b?rl_g
7lK"B()
2)Zk86
ortRA{w
^ZQ+%Y
8Nlu4O.M
'qq9Ce
aVJ7|jTB
#y-Sqg
=n;tYE
;,}1\}
	)gZ"l
6_I-j+-
F(	(B.g%
shPG7l
 t3bpa
J@JexF
l@?<68
vc2H^}
5YB3oQ4
W$l!i~
Bhm&#,B
,N@LG9
1Jts	R!}n
N+|*l%F
2/7$_\#
c_xYE*
7[|P7)#
x:=QRnbJi
MG-kB>
34>#2i?
'1D+j(
pOq$66
jx#BZ9J
-SW:G?
Q!.q(`
2R~>,o
\^,3dK
A#kroT
^7bS,DP
ooDO4{8
F<K'se
k5H0TMsm
.+]DlyE
3{j=i"
(Y#AC	6!
^inc.<f
t6r\d~|
Jj0B%}@
yvUl&	"#
Q=+}4$2
l8nAz(3*
U~=w'+/
hTy:AG
[Kp^&0
Oxj1Oy
?V/:k<
KWpGs5
5tz6>#g
^OZw1S
bL>P63
"'U&gv
OFQVw!
-;?/	6e
M.e<r8^
 i0d?7
Io$O	U
\*	}xb
jWZ`P0p
@0}1XFi	
)	PJFH
=0;ieK;
uh	bit
up}%Z	
_;U>l~2
c	b3M{*,0
Y'g|Oe"N
mkB	'j@@
lc`iLH2Z
v^oHIJ
_R#$76
Cppo+p
mNC'\1
+VC%YWjS
K52$~b
saB?q.+H
M!qi]"
TsQu,lxrM
YX]Ck^
qG&v2\y
l@G(Rj
qnl']B
g%\!jx
1Mkj"E
X@x8|:
:kWI-~
8at4xS
 JgT	9
9+,z*.
cFYnwr
n42	QSM)h
D)f6{-s
#/UX3`I
U]|i,#d
HuFB)h#!
vp^VQx
&[ANLF
2Y\O	OP
WA2pU)
=UQ1	:
Q-:h?o
YkF{&6i
3[7L~7
C-1@rc
+zFtpk
I1?m\o
#aE<Bf4
'#;M!?
7`T;Pjg
sTRkC)U
RURc*".Q
)\.9fY
m#OFhA
bEu\*/
JG%_jtOs
6UB1`w
/`%tiq
~NP/wz
J(gEW=
,!Jc~vq
4n^}[nk
I@3LI>
>yL61n
8O&7aG
z,#E%<
H=-@H]
<Nxh@j
TOrQnx
N:6?YZ
UA:	C9^
O$d[lh
<&$JO2
^;mB9J
CcyDUS
sJXNry
HiwQzX"
{*9dQ=mA
|t%itE)y
C07Zr^z(
:+Z:S:<6
s@Mgqt
@|u%lwp
%.yW3~w
1X4:Ut
~TAXq+
?},qk!y
]zId<v)
 z1	W7fm
W"Jc5}
;4<b.Y
5UV_k6
+/9=q.
Kh7yKU;)
@@K|k	
qm._;KA"
k{<X8#
YId{)?
Hq&C/{i}
.@+AfY
#C*MfX
5T81v^
Sdz$$oW
9^\y]B
r,ddUO
r$fge+SK
u-SWVW
Yre!P_
AG o(+
vG6{U^x
DaH96%0"
:=TySJ
 I5Xcx
tU&1*.A
ZSR=WTf0g
DVXP$w
*,><~:x{
uhY|P]"}
"TaO d
Uxpk$_
_;!:Myz9
nSb7F[
!r00T-
(EVqsK`
LCq^$hLa
RY-(d,j
	GXV69\r
:9r!EC&
xQ^MV`t
\|9sgO
	B!OE/`&
YePq(\@
?~S@$L
gKTo>^
H{"2QW
dYn*eJ
1SR6t'
Pw2`'u0
VHQK@toP[cK
MvQIMTZ
mELPJR\ZL
@Mhvt3S
brthrxr
GMZ\[DOMQZLV[G
;@sPUh
v2.0.50727
#Strings
Pile.exe
mscorlib
Microsoft.VisualBasic
System
Pile.Resources.resources
<Module>
MyApplication
ApplicationBase
Microsoft.VisualBasic.ApplicationServices
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
GeneratedCodeAttribute
System.CodeDom.Compiler
MyComputer
Computer
Microsoft.VisualBasic.Devices
DebuggerHiddenAttribute
System.Diagnostics
MyProject
Object
m_ComputerObjectProvider
m_AppObjectProvider
m_UserObjectProvider
m_MyWebServicesObjectProvider
.cctor
get_GetInstance
get_Computer
get_Application
get_User
get_WebServices
HelpKeywordAttribute
System.ComponentModel.Design
Application
WebServices
HideModuleNameAttribute
StandardModuleAttribute
Microsoft.VisualBasic.CompilerServices
MyWebServices
RuntimeHelpers
System.Runtime.CompilerServices
GetObjectValue
Equals
GetHashCode
GetTypeFromHandle
RuntimeTypeHandle
GetType
ToString
Activator
CreateInstance
Create__Instance__
instance
Dispose__Instance__
MyGroupCollectionAttribute
ThreadSafeObjectProvider`1
m_ThreadStaticValue
CompilerGeneratedAttribute
ThreadStaticAttribute
GetInstance
ComVisibleAttribute
System.Runtime.InteropServices
AppDomain
get_CurrentDomain
ResolveEventHandler
add_AssemblyResolve
STAThreadAttribute
Encoding
System.Text
get_UTF8
GetBytes
SevenZipHelper
SevenZip.Compression.LZMA
Decompress
NewLateBinding
LateGet
LateCall
ResourceManager
System.Resources
GZipStream
System.IO.Compression
MemoryStream
System.IO
set_Position
Stream
CompressionMode
ToArray
Assembly
System.Reflection
ResolveEventArgs
get_Name
String
ToLower
Contains
GetObject
GetExecutingAssembly
Substring
GetMethod
MethodInfo
Dictionary`2
System.Collections.Generic
BinaryReader
get_Assembly
GetManifestResourceStream
ReadUInt16
ReadInt32
ReadBytes
IDisposable
Dispose
get_Item
GetString
get_ASCII
BitConverter
StringBuilder
get_Chars
get_Length
Append
Please-contact-abuse@imminentmethods.net-with-the-hardware-id:-"dd0d658ac87f9cb2652898aa3b1610bf"-and-company-name:-"Shity Company"-if-this-assembly-was-found-being-used-maliciously-.-This-file-was-built-using-Invisible-Mode
Read Me
AssemblyCompanyAttribute
AssemblyTitleAttribute
AssemblyProductAttribute
AssemblyTrademarkAttribute
AssemblyDescriptionAttribute
AssemblyCopyrightAttribute
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
AssemblyFileVersionAttribute
MyTemplate
8.0.0.0
My.Computer
My.Application
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
Pile.exe
WrapNonExceptionThrows
0.0.0.0
_CorExeMain
mscoree.dll