Sample details: 6e6d200a4e081a4f08b30d2780e0ca9a --

Hashes
MD5: 6e6d200a4e081a4f08b30d2780e0ca9a
SHA1: 8d9c0abbb54c049f0c026d6ef997d09dbec839c9
SHA256: 1dc9c550441412fd23bcd704eddf90dd789c762a84d8a7363c4153fe80634600
SSDEEP: 3072:P8D4KQX/BrzvrSDO1JX5qnjzhx7sEr2XrL9gBETV40:STQXJ/vk84nnhVHoVgB
Details
File Type: PE32
Yara Hits
YRP/contentis_base64 | YRP/domain | YRP/IP | YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI |
Source
http://metakon-zavodru.427.com1.ru/a/done.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
lz[!9m
DGTt[[
XyopmBkS#
bk{cMim
vlM$*m
7@GqD*
B+A/4u)
Lfn&Cv
Z:a.7586
BxOTLlH
@v|(cUF){
/BF@V9
:%\w[/6l
-Fb]OU
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
nc~4Bmj
RVs96%
 ]p-\L
>J<LK}
iVEjCW
o&iq3^
'"sXk7
/:d6TX
8lH0Z$R
d]Y26_T
S8&]!]C
=cJy"^
Chn^EDu"s#
>w.}NT
%<2}xF3
&Hn^bh
qV}[;}
w;&L[.U
Vm_#bq
r>	&IH=
Nyb!'b
EqV] :
f\E/pEw!SMSG
f8+QjM-S
\eBE?8
Z22Wm:
+-J7xlc-
Xr{beux
{KJgLY
?	!lnr
$8Y779:
ikU3/^
J,}JdN
gcQr/i
CW2u%B_u
mvUXbj
7FbZ;`"
3c8PhE
+V90ib
ho<,-Z
c+k4Q7
z"W{rV
aiN!Z#
:%2Gsg
 ys?^z
&Vj&:4H5a
D}4aF*
x)TR?f'5
aBTJf&wF
e,R^;&
|0nV3#m#P
K)bm/2
/qkNCW
fQU;55!
VdUJG3
T~wj35
23|WAl
|)aRSyI
8%%G"p
-_p5 6
]V\u1[
X*/$OB1
Sv/P,Y
=,K? O
Enlm--k
ixW!(Y
_eePMbj
CwrEalc
]|/-_r
+vVuZg
Y$$R(E
b_o_fs
~?p;u"
611>29"
}|tJh2
:96)>4
(Q?+BT}
k	_6H~
Cb^gb^
w~d|t,
*'>t'0a
;O~dlk}D<
~91])`
\>; w<
^+c>-c
O)l.ks
c A4S7
m'pn>t
weoyoh
>> _8~Vw
f]bgZW
Fd@tu^
iK3)ki
F3W	E,
D5_NuZ
Y,G6XV
rARcWiE
G}3kHjz
.RIJ)m
$bHR1Dp
-bT<,B
]iJX-Ng
Ui)5%5v
Ad@A%+
|6Z.6C
s6RWEAw
JvE1q{
E_eS$T$
lNE`+t
7BF5WO
xE%/:BI
3F.To%
%xJ^Q+x
(\EIeE@
PE^@]F
V	&-qu6
yt_Nw`z
0"7g!5
XIVc%K
4yxvX>
5gx_@WY
"lRUl)z
*GUD%m
:jpAI&E
HT,iu0
!!_~^K>
UURe*.d
7Z)y(_.]p
[jt%Bi
Yzf<"7
VA)>T0
M>WPrFJ{
00;-h*
]dZfg@>
{^MSuso
Y[rHqQ<!1)`
kx!4p]
s/*j]i
Kl|Ngc
#.O`f1
vZ.xr#
*:-Q%h
*jAvL.o
l+OE/U
-HY6N@[
K|BZxQ
CiO),,
JMl )DX
4	IX- gT
EGZP(p
o$~"/)
5Z4#\~
DbA%$A
!`P$~O
2py1aJ
/8q9OJ
Z0Lb$w
hzsX)g
Me;^"D,H1\
`UtS$Z
=iyA'y
y5}s%_S@8C/
'x"p;k
Hl,d[c
!|8!aTf
L%T,1n
aw5SmrdjQ
f>nzk{6
Voifu%
3Ru?Sx
{zUfon
-r:o{e
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
System.Text
Encoding
get_Default
GetString
NewLateBinding
LateGet
Operators
SubtractObject
Conversions
ToInteger
LateIndexGet
ToByte
ModObject
System.Drawing
MultiplyObject
Boolean
ChangeType
LateIndexSet
String
Concat
STAThreadAttribute
HKMO.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
GuidAttribute
AssemblyCultureAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
p.o.exe
MyTemplate
8.0.0.0
My.Application
My.WebServices
My.Computer
My.User
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
4.9.16.9
$b4df538b-592f-4fb6-b042-43487059ed92
2011 copyright Clams
	TPT comp.
_CorExeMain
mscoree.dll