Sample details: 5039117f9c2b894127b40815190ea19c --

Hashes
MD5: 5039117f9c2b894127b40815190ea19c
SHA1: a29d6b3722e569a41862cc3a0ea9d6f60a3ee887
SHA256: c0ffb54b1b4568bda4d21e15f9b3a79264cb9096420171a38d13dcb307c3dceb
SSDEEP: 3072:AqfUJLzbPTY5+qX6ccf9+4eYtHGR/PQO8KVUrW6:ATLnPTY5+sdI04eYtHRKVUK
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://eagleepicsocks.com/wp/c3.exe
http://eagleepicsocks.com/wp/c3.exe
Strings
          	            !This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
\System.String[], mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089PAt
rQ)-4v~
d{Axf6t
g%u`O-
`/za%fP
|6plT8
X>:;<n
bb)Moi
T~|A"W
%7~~?!m
e@Td$k
T-@+=%
N;%5M+
6P1]<_
mdTxV`
a4*#Nzv
B"kGHt
S?hX!g[
Xu3goa
y[WiL#T
2ih._P^
-//RH 
U@&Az*
(P:j`"
XJ*F.E%
^s.<#u
$ h9BH
vM!	wd
k6y$wD{
mM	gi4
7k%FLh
=Hz2S@B0
*vm'I^
Cq_E;$
c$-F+Ol
\N*]u[
vWBe(tX
Wt n`R
5;W2;F
`Hfy^d
,tG3Em
UMjtzKG#rY
cm=Kk+
4v&,Up
]{&.A~c
dGuHMB
{iuh#&k
wKI E'
7>%sE\
= &h(}
~]<0P\
$$qq[I
L@}!PSw
	><@B7
.G-b<^
{d0z3S
Q5b)LT
C-=i5S
(QwOVo6Y
)Ki:.]
uP.NwU
9wEjJg
U^">/m
a|FzA$
IcrSq<3
?YT^]{
cvdELY
L_^3RA)>
ch\E?J
@+Ee-O
fvK}!z")
=]]yT#
Gd]{dM
,!-kC<B
rI| JT
!HINcX
%id=HGi
$Dk;a3D
<D(1e3
,&cJi?
/}\E9f
 ;-(2c 
W>+,LSO
rgROByVd
kN=1VEfe3[
kg]qF#/
Dm_+Ud
ZC`]J'
kp0C|Ycv[
`QT4fp
}j@e7bf
Bg$"{K
}2\ni$n
n6AdaO
J%lI~5
K@t'j1
F9tB|(
;	}V';
[Z^^:N}
Y$*n7+
:XAi}z
=xQ|u/
Dz,em@1
DH9d1a:
3+9GE|
I,#*_9
yGT%GS
w"%5XV
,	y&s!
%iR/ #R
Bc+/B6
$a' 7"
yO@?ZgT
X1~;xI
2TkHAb?
4]	WSs
 cN!Lt
w=\S /a
C@y`<lK
		%R~_
UTJdwRBfXtHg5RLgpiw0QK7oILyrjd4
kOhKi9oaqoK7hIi7MU7AGEnpRxW5jkR
8rpxLoTn0DoYnraFtoLbdVzvCs6PA5v
AhjW6Doj5N7GSQ3WhsGlGFPaDS5AAbL
d9zuadMGMowKylQrK07IaRiMw9Xosl5
VVXumZ9SpoTNWzWtbPYrZXuyMg0qikn
diwl2fdcGP0Gp9PQhaQs7sQc69UuXaS
fDFwqbnhPjdLxnYEiRqfMu3dRWusOuC
QlsD61kMSeRPBt0yZoi77BToye8CKO7
KbJ-BSJB
v4.0.30319
#Strings
Juicee.exe
Juicee
System.Windows.Forms
mscorlib
System
System.Drawing
Juicee.Form1.resources
Juicee.Form2.resources
Juicee.Properties.Resources.resources
DemasusLotasito.resources
<Module>
somerandomkeybyte
someivshitrunningon
components
IContainer
System.ComponentModel
button1
Button
button2
button3
label1
pictureBox1
PictureBox
panel1
Application
button2_Click
EventArgs
sender
Assembly
System.Reflection
get_EntryPoint
MethodInfo
Object
MethodBase
Invoke
RuntimeHelpers
System.Runtime.CompilerServices
InitializeArray
RuntimeFieldHandle
ResourceManager
System.Resources
GetObject
button1_Click
AppDomain
get_CurrentDomain
String
op_Equality
PerformClick
button3_Click
Form1_Load
IDisposable
Dispose
disposing
ISupportInitialize
BeginInit
Control
SuspendLayout
set_Location
set_Name
set_Size
set_TabIndex
set_Text
ButtonBase
set_UseVisualStyleBackColor
EventHandler
add_Click
set_AutoSize
set_TabStop
get_WhiteSmoke
set_BackColor
get_Controls
ControlCollection
ContainerControl
set_AutoScaleDimensions
set_AutoScaleMode
AutoScaleMode
set_ClientSize
add_Load
EndInit
ResumeLayout
PerformLayout
InitializeComponent
.cctor
_IO_ONLINE
lastic
List`1
System.Collections.Generic
groupBox1
GroupBox
listBox1
ListBox
label2
changeSwitchOnline
get_Green
set_ForeColor
get_Black
SymmetricAlgorithm
System.Security.Cryptography
ICryptoTransform
Create
CreateDecryptor
ToArray
TransformFinalBlock
jintao
FontStyle
GraphicsUnit
set_Font
ListControl
set_FormattingEnabled
Program
EnableVisualStyles
SetCompatibleTextRenderingDefault
STAThreadAttribute
Resources
Juicee.Properties
resourceMan
resourceCulture
CultureInfo
System.Globalization
ReferenceEquals
GetTypeFromHandle
RuntimeTypeHandle
get_Assembly
get_ResourceManager
nnname
get_Culture
set_Culture
EditorBrowsableAttribute
EditorBrowsableState
Culture
DebuggerNonUserCodeAttribute
System.Diagnostics
CompilerGeneratedAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
Settings
ApplicationSettingsBase
System.Configuration
defaultInstance
get_Default
SettingsBase
Synchronized
Default
<PrivateImplementationDetails>{20AD4C00-A8F4-45A8-BB87-E193F1F7177A}
$$method0x6000004-1
$$method0x6000004-2
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
RuntimeCompatibilityAttribute
AssemblyCopyrightAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
AssemblyTitleAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
GuidAttribute
System.Runtime.InteropServices
CompilationRelaxationsAttribute
ComVisibleAttribute
AssemblyTrademarkAttribute
AssemblyFileVersionAttribute
DebuggableAttribute
DebuggingModes
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
WrapNonExceptionThrows
Copyright 
  2017
.NETFramework,Version=v4.5
FrameworkDisplayName
.NET Framework 4.5
Juicee
$9d8aa1f9-4a3b-4b90-b75e-a875f152d1b2
1.0.0.0
_CorExeMain
mscoree.dll
;i'PbE$
pXcEd"9
Tib_c?
qs;C!v
}+TijOc
gb^.*=
K%W?0N<M
8g``Hy
}/8FZY
K;+i4z
psZf{WU
SWvr<Rb
`UU</[
3%(YW$
CP=bu5
Sb?+^P
IJPB]s
hT<Dqs[[
yW6--|
szM5?bO
Q$FU%_
VoUVnV
7) ^~k^
F ,!,B
$d!Kg_:]
,v%#Xx_
TlFP0.
>8C`f#
`ShY)j"
	T(LCA	
yLaI3c
eBmT$#
f+NbPZ@
tvBvuaT
\S>mE1
3m2UOjW
U6az=`
.2MW,0
0!~|;~
qK!C*A"
8:t8T"
5^www 
lnf`[^
;?/&CG2,JJ4-MJ4-MG2,J?/&C-%
4K;.R|Z>x
|Z>xK;.R
+*" =z^A|
z^A|*" =
		0*%*
TF;=.#
?7'"D7'"D3$
	.hO5p
)% $/%
^I8Q3(
dI@"YB4
CT?*duV6
T?*d-#
dL7O/$
|^@n:-!
nO.|>-
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>