Sample details: 5455364b437d431400267a9092d65442 --

Hashes
MD5: 5455364b437d431400267a9092d65442
SHA1: e34ddbf5ba33ffff8beca910cb17237553f4bfd1
SHA256: 3ed5d687a46e865424395d3dd455f69c82ac0b22fa24f361db6e87e7aa5019bd
SSDEEP: 3072:wRb49OzAYn3a5O1mgxbnRQW1FkvHjhUfTEsS1yxrxzAycsFQ2D:wb49lQ1mgxbnRQW1FkvAeQxrxzDBp
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/CRC32_poly_Constant |
Source
http://umunna.info/bestfile/Loki_original.exe
Strings
          	            !This program cannot be run in DOS mode.
.vmprote4m
`.Resolut
@.Resolut
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
fSystem.Drawing.Icon, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aBj
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Icon
IconData
IconSize
System.Drawing.Size
System.Drawing.Size
height
~{{SJJJ-GGJdSST
==B6??@
FFIPIHJ
IIIl@@@
VVVVUTV
[[^QVUX
XaaWRY[
a^alTSV
cccdZZ[
aaa?RQT
qqq6hhjsaab
wwwkZZZ
[[[CNMN
zzzb^^^
PPPFQQStWWX
Bkkk&]]]
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v2.0.50727
#Strings
KeyGen.exe
<Module>
.cctor
KeyGen
System.Windows.Forms
passrord
components
System
IContainer
System.ComponentModel
button1
Button
pathGate
TextBox
button2
groupBox1
GroupBox
groupBox2
pathBuild
button1_Click
mscorlib
EventArgs
sender
button2_Click
GetPassword
CreateBuild
Dispose
disposing
InitializeComponent
Program
Object
Resources
KeyGen.Properties
resourceMan
ResourceManager
System.Resources
resourceCulture
CultureInfo
System.Globalization
get_ResourceManager
get_Culture
set_Culture
Culture
Settings
ApplicationSettingsBase
System.Configuration
defaultInstance
get_Default
Default
DamienG.Security.Cryptography
HashAlgorithm
System.Security.Cryptography
DefaultPolynomial
DefaultSeed
defaultTable
polynomial
Initialize
HashCore
ibStart
cbSize
HashFinal
get_HashSize
Compute
buffer
InitializeTable
CalculateHash
IList`1
System.Collections.Generic
UInt32ToBigEndianBytes
uint32
HashSize
ProtectedByAttribute
Attribute
ConfusedByAttribute
BabelObfuscatorAttribute
CryptoObfuscator.ProtectedWithCryptoObfuscatorAttribute
DotfuscatorAttribute
EMyPID_8234_
NineRays.Obfuscator.Evaluation
ObfuscatedByGoliath
SecureTeam.Attributes.ObfuscatedByAgileDotNetAttribute
SmartAssembly.Attributes.PoweredByAttribute
Resoluti0n.Client.Attributes.AssemblyAttributes.ProcessedByResoluti0n
YanoAttribute
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
RuntimeCompatibilityAttribute
DebuggableAttribute
System.Diagnostics
DebuggingModes
AssemblyTitleAttribute
System.Reflection
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
STAThreadAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
CompilerGeneratedAttribute
EditorBrowsableAttribute
EditorBrowsableState
KeyGen.Form1.resources
KeyGen.Properties.Resources.resources
FolderBrowserDialog
CommonDialog
ShowDialog
DialogResult
get_SelectedPath
Control
set_Text
IDisposable
get_Text
MessageBox
MessageBoxButtons
MessageBoxIcon
Process
DateTime
get_Now
ToString
get_Month
get_Year
String
Format
Encoding
System.Text
get_UTF8
GetBytes
ComputeHash
ToLower
Concat
NumberStyles
Replace
Substring
ProcessStartInfo
System.IO
WriteAllText
Thread
System.Threading
set_WindowStyle
ProcessWindowStyle
get_FileName
GetDirectoryName
set_WorkingDirectory
Delete
GetProcessesByName
ComponentResourceManager
GetTypeFromHandle
RuntimeTypeHandle
SuspendLayout
System.Drawing
set_Location
set_Name
set_Size
set_TabIndex
ButtonBase
set_UseVisualStyleBackColor
EventHandler
add_Click
get_Controls
ControlCollection
set_TabStop
ContainerControl
set_AutoScaleDimensions
set_AutoScaleMode
AutoScaleMode
set_ClientSize
set_FormBorderStyle
FormBorderStyle
GetObject
set_Icon
set_MaximizeBox
set_MinimizeBox
set_StartPosition
FormStartPosition
ResumeLayout
PerformLayout
Application
EnableVisualStyles
SetCompatibleTextRenderingDefault
get_Assembly
Assembly
SettingsBase
Synchronized
HashValue
UInt32
get_Item
BitConverter
IsLittleEndian
Reverse
Resolution Lite Edition
WrapNonExceptionThrows
KeyGen
	Microsoft
Copyright 
 Microsoft 2016
$0ac4cf8c-7ac4-42c9-8482-3d5dd60f4a57
1.0.0.0
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
14.0.0.0
_CorExeMain
mscoree.dll
~j[vvb
~lo```
qqU	tt]
~jMmmI
~kyecY
~iKUU*
~kS``@
|jHyk^
}j`xxZ
~gEmmI
~hGmmI
|iDUU*
~lq}w_+
~kwxiZ
}kdmmm
~kw||f#
~myxug
~jYzuf
~kE|vf
}iZxsb
~kwurl
~kya_U
}kzURI
}kzKH=
~kkig[
~kS}wk
~lqhcW
}kronf
~hQxse
~kyLJ?
}j`}zh
~kwkg`
~jgxsc
}kzhf]
~kyvul
}jvxxZ
~iaUUU
{k>ff3
|jHyk^
yi|}we|=>>
~lUffL
}fAzzd
~jgykQ
~kCmmI
zd.qqq	
}kz}we|YVT
|hLyya
qqU	|uf#
}e5tt]
~h]zrb
|gHwwf
yg~/-)
}j`hcU
~kS``@
~iKUU*
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>