Sample details: 71d5851e2e0f82eba144e8a10b05fe61 --

Hashes
MD5: 71d5851e2e0f82eba144e8a10b05fe61
SHA1: f253398189357bcd93dfae48b4646a9028c8cd37
SHA256: 4fe2132ea91a0e793924f2c093031055aef5b0845edc01656c9f57268c814673
SSDEEP: 3072:XgKYOmI0nMfQzXKi75NkUEnup94CoglveQVK2Fp2f3k:X6NnUQzXHgrMuCbeQfp2f3
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://rationalmaterialdesign.com/serv/eze.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPADS
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
3H@^xZ?
X(Z ~Q
I{:xg.
t~.W~`:
Yw'A2=F
bxx4iP
7+C8_4
]cOPqV$
b?B.I%
EixD~kK
J"J+To=
Hh?D`T
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
7q}z*[
13G&+)
!>yb2	
'm+\*e
zIi)X/1
GcG!&\
mZs&tGC,
SmD^W+
}\b$9r
&mG<V;
l?{|=I
Nwpa:'x
F=vs;}l0
[Y*M6=i#
\_")o|
%e'$eg
&Vs^(F
4TD;9b?
D:4GJo:
@*3P;=
qF@[R{}u?
Mfett'B3
i	-FE'
5:	aFh
u[lpHs
Qv:e&E
7zO_.8M
f]5}SX
/ee|k'4
i!`Z4t
K,0'!fk
B~fK_}:
:?p=7W9
8Oj^{c
Xr	z)^
e:Q+e+
Ai;rbJ
qZqS8z=
h=} #2
?'$k[9
A4Uk>W
|5K@$B
"ICH=R
1jmv1;Q
Rj	\j$E]
o ) iE
[I,T/K&
T6E;TYV,+
.5<}o?
Dcxa@P
[=7AJR
{O[4);
{?*t42m
;]'cg\0
}#{E~1k CT
|JibRL
!~*qDu
}>I_i.B
"S!a)S
&bCOV8o\Y
*K$@~z
7>|+;Fp
\Vkqn;
E 75C2pJ
_l{BO_
9$C3F!
+kR6JCT
1x#<.o
@TS{P'H
-fss&s
cL?#G	
R4yR4}PJ
0kCBoT
6yghT,
L.v!NnCI
#,]U:N
$(3<-`
E<dbvMMIY`@'
	Cs'b^
AXcQ?g
WM:}B9
!\]1G+[
^[1oYM
**W]9q
*7T,YVY
^UQyAE
aP.wP5R
O*lXU=z
/f gKo
U1$]t`xd
800vp<H
Q'b.>z)
?E1v#Q
^cb>}*
kf?	u<9
Y >Z3&
gGB!t8`>k
Lc00frJ
=j{=f\7
|(Uk\	
2u8Vv<S
w?88,BC
WieMJmZ9
Mo\Pc[
56e k/:
H3+(Y5
(#ex=r
i\b*07S
veKp-2
^YucRT
j3,G2H
gRtLL[;
(^J\rf
6p-*eJD
Y"1%fi*|
B&R)vV
t5ClN7
x8YR+!
_/GfHC
N5l	[}
GX'_WqK
^ie;E.
{c)??E
_By{Z<
2kpZ%d@"
%" 3Ib
De+	{	2)
Cn>v0#
! /Y[Yy
X;ukQ.
Nz=Qo0
G.17fx
" 3lH:)
F|0|mK
3hrqLUQm
dFr@,\
m+QWTs
x=RvsQ
YL| HR2
[SnqRc
U@/rht#
rv!;?35
//Sn:7
v@/~'QF
`NPf9E 
BfWC"qQ
[B]X?/
NrHoC^
Y3ZQKV
SR}h=6
D+zQj'p
gv1xu;
~w@0\q^
:+=^OSA
E^5+cX0
J^p]BY1
rU5!(V
M@>O?&
	(yvY@
} mz2E
/),><k1s
9NgZ8}
)LT["o
"%w2g!+
H@;`<Lx
SiJHiz
l>219/
);,)";
WzL~79=
8!<@:W
[`O$A:j
w*!Zm\
>4My:8
iKF?&5Jk
4(TH$Z
	BP_!bPv
W<YU?W
CAJF]^38)j
.H<XblZ
53>5y"3
kd}=b>
"S#a~2X
^[lQnoGY
L0*[nZh
8vtzfx~
v4.0.30319
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
System.Text
Encoding
get_Default
GetString
System.IO
MemoryStream
System.IO.Compression
GZipStream
Stream
CompressionMode
NewLateBinding
LateGet
Boolean
LateSetComplex
Operators
ConditionalCompareObjectGreater
LateCall
String
Concat
SubtractObject
Conversions
ToInteger
LateIndexGet
ModObject
ToByte
ChangeType
MultiplyObject
LateIndexSet
STAThreadAttribute
J.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
GuidAttribute
AssemblyCultureAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
eze.exe
MyTemplate
14.0.0.0
My.Application
My.Computer
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
9.12.4.7
$4dffd0ba-67eb-47d5-9446-cb3c34288ad9
Copyright 
 Top Macther 2001
Top Macther nd
Top Macther Comp.
Top Macther Library.
Top Macther
_CorExeMain
mscoree.dll
fffffffffffffffffffffffffffofffffffffffffffofffffffffffffffofffffffffffffffofffffffffffffffofffffffffffffff
fffffffffffffff
fffffffffffffff
ffffffffffffoff
ffffffffffffoff
ffffffffffffoff
ffffffffffff
ffffffffffff
ffffffffffff
fffffffffff
fffffffffff
ffoofffffffffff
fffffffffff
ffffffffffooffo
ffffffffffo
foffffffffo
ffffffffo
fffffo
ffofoffff
ffofffof
ffffffo
offffffffo
offffffffff
ffffffffff
fffffffffff
fffffffffff
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>