Sample details: 5b007423d594cdc5cb9c7d4412d36097 --

Hashes
MD5: 5b007423d594cdc5cb9c7d4412d36097
SHA1: 724db7efeb29f64ac7c9c60cf0e36c323eb38d52
SHA256: 4479e0962f1330b960397429fc9d92a300dc7eabc85044d7ced3aa9019b5f2d8
SSDEEP: 3072:iVYhd9MITHtDI+q9sU62UoaaKoz5VYmQWw:0AHt0iJRm19Oo
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://metakon-zavodru.427.com1.ru/a/done.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPADP
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
4srWrL
Z!'V=d
gLCri^
KHK)@QQ
,bb2Y[
)A_@0	
g9F)~c
4cpW<Q`
$%h/D9^
OlY"7P_b
l.q.bW
$5w6IK9
N'QN1`
G=b5_b
3BP.dJ
Bp9F(<_
rk%MaZ5)1
$iRI'L
cqugrX
T[mb">
{W#GZ*
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
aAZROi)
P5~&u#
N!mzh$~
:%KaN5
!qvh=Z
zGSZhy
3`gGK`
~C~ee-
O"P@x:
PtqVtE
Rx["$7
DFeNdT
+x)gZ?
UDz}`*
31;rgbv
Y8	wm'_G>
(| Sa~s
/Zb%5k= 
F"k;vr(Z
P:DJkGAC
S,}xIGb}
fdTJ#E
\[aTc7
/3/r]#
3q]'e]
jZVtTV
t2<lQ,
 SZ~Kw
"ngiYT
ytP.g3
8XD{!Q
Uj-]sI$kwYB
(:~]1D
;51%f_
B;0|6l
jPO`s+l
DNWQ]C
rRGD:~o
k*Y*C|
PV,~QZV
|v$yV9
IoLN0S
/R;xG>:
QfT8!@9
Q'xG]E"
U~q8Lq~EU
y?+XhI^
yshW^9
`<1Mck
$:'1#i
w!g&*9>W
917^,;
^]Q{uPW
_gunov
8"-|5!G
8<Wfx;%
C"N*S!a
eLj?+,4
d6aHWL
v-mvr[B
D2ntfU
EeB;1 Ho9pe
Ol057UV<
vKum!:
(AuS}7
mo	+[[
Z665l_
7gWo>zx
uxh(Pyv
M."iDj
}vbSx?
%G\5i7
s.&'>/
VAr}.	
%L(TrK
;eX\D'O|6
8'{ w#
2)ls-7K
w(uVf.
r;M+Y9[
d8<dCpb
 XShC/
VT/X[UQ
7lmhji
,dh5@M-
&u!$7R
hhQ*7Bh
^X/]j9_
uvc8rB
+OkQ]<
bS_nVO
cam\DN
Lch.c$
]3~x?x
x9a ^-d
DN6^<0T
cP@<&#n
K,/`Q@
*mc%r`
OO$FNL
3SJ/=G
!}=uqcL
.SG/i\y
L^m|b58yK
o:`1B{
=T<~>Z
}U6/_U
['W&?9
.3.3~l\q
SRQA0O
wrU7tl
kU%_u,Q{
E:_Wwa
	VRkb/
u	jMPsD
gj1_{2
LziEq:3
xyOq@/dKZ
b!H_R5
k)GHUU_<
4`TBp&
HFuy:,V1
c2.%&#
3I;*5+,
O=w*jz
]qk$eI
)VKJ]krI
f>3+nM
`IDATq
!Y)8I~
Nrj2(yG
UKD#6-e
-Ag:|h-
nMFRZ:
P$G>_r
2?Z^+;0-
iKJ< &
KmWR){(
)BQ(Gv
v(A{<jq
e:q+_w%
q~DvEL_
qe@@9M!(
Vh+ 3!
IHfXOe3
tySQ~4
(y=L1~
PkwD4k(
G90naJ6g
{=13,K
mR5cp+
t<lKE`C
l>WSu~sA
(W^CD&y!,/d
	WD"Jz
|zqf~qy
J9}X-#
JeqqnA
sLkaep
r=<HYF\
<I$@mmJa
.lQ?  
x5p}*S
IDOk"v':
VF	lGs
GnY$A7-
B y@>p`
p^:a|v$
((&:7+
m6;X =
xV'<Su!
zE[{P$O
l8oCis
5;b	$x
!l0oG,
nV!3@|1
Y+'s>{
O+ R\e
g!>!sH
L3{?HG
rL{Iax
qJ8Rk*FB
 r7R8]K
T)Yh@;56$
v~==SvT
%h'%&+
{0QBGo
!|jFAT
>CGxplWx
{i;U@4
LdN#7\p
T"xf'0
LB"Uh[
$4N> V
"4BBBE9O
\!i^r?
W'NLrZU
oNzYdY
iscu#S?
n"!Nfy
Y}'&Yf
3Aw&bg
\22ew,
c%od^^
bp7Neg>
$Jv}Z\
S#GT1i$
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
System.Text
Encoding
get_Default
GetString
NewLateBinding
LateGet
Operators
SubtractObject
Conversions
ToInteger
LateIndexGet
ModObject
ToByte
String
Concat
MultiplyObject
Boolean
ChangeType
LateIndexSet
System.IO
MemoryStream
System.IO.Compression
GZipStream
Stream
CompressionMode
LateSetComplex
ConditionalCompareObjectGreater
LateCall
STAThreadAttribute
jK.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
GuidAttribute
AssemblyCultureAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
done.exe
MyTemplate
8.0.0.0
My.WebServices
My.Application
My.Computer
My.User
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
8.5.5.6
$61eb7b2c-af2b-41d1-8d23-daed3c3a6e0f
Copyright 
 TR Nop 2002
	TR Nop GD
TR Nop Comp.
TR Nop Library.
TR Nop
_CorExeMain
mscoree.dll