Sample details: 8f6f46e53e463bde024775e7279f249d --

Hashes
MD5: 8f6f46e53e463bde024775e7279f249d
SHA1: 3dd55307f5ef9264f4e0d01685720c1a39ef8775
SHA256: 5dc7b1646c783d9e42bfac4d5918899f45d54db7498a0beece236a707c8dca4b
SSDEEP: 6144:lK9YlFnPckd4VmgAlBuktA4FvRmxqiSLK8zwfR/J4hCrER1bghnAaHmMleEHMBiY:oWnBXPu0VRUqiSu80FVER1iAgmMleEq
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://gg.usdipc.com/sugarl.exe
Strings
          	            !This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
\System.Object[], mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089PA`hY
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
a;;C&b
]4UzU<;&
ogm2WV
yD?<oc
*_%.imxn
~3r@!2{
B3]Ye"^
T\6k5X
fx~3ZU
+u-y8o
([`%j'9
^:c|Yz
ejhLZ=
"wX7;P
vOYm0/
v}#?d[g
BJ]\fV
 uGLp[kE
P(Dr(P
b>.20o
Q}H=		
C;y:;>
@{\mp5
b17M]E	
Ai7/ok
}z|	xk3
KThOo'
hI~#QH"
YMc.|r/e
#3g6oQ
I.p,Xi
(buX{'
uWyNvR
Q[1uC-
"AP_AL1
37$zU}
J#6(.[O
IDATx^
<q9m+\X
%y[Ya?
# f$d'
V@TEP!^~W
(Ov">L2
:F6q=ILPw
tyKc?-
A/_RC:
?nD_g%
B'QsR%
v*iiYMK
TWIial	`
& MXL\
b9Lf<B
&xf,Kh
\fY)Xa
VK@C}C
po;Xck
:W$K:/m4
yF<E;y
t!uFz?y{
Qd-.4"
C?L6iH
!=kW2W/
DN~6)>
^)e;'i
[)RS$A
fq})g*
)lW1ma
XrZ(T_
Q$)ZAx
,vO3m.)
8;0\'y
;|XSx1
H0of~;
Z4tK$=x	n
aYA^cY
ucMqy(
EC	[qVb
BzW|S@
s^q\`"
Du IHa
(rDnAu
<e'3RQr
7>7E';
4KL=cU
i],QT%
ZdasSN
]ktYLX
;q`O"C
|2}qO=
Wz MR-r
 v<qEv
004{Mj
5/`3,v76$y
xI;A(1+
V`7{Lm
|)Ba50
kdtW2QN
*Y/w9K
:[$+-71
V] r[$
fMwy#,
"Z0`)x#
'H+CD&
KTU5\,{0
rQd6yW8j!VdEm
,}B8`>
+s`?f#U5
hP:9GG
J.O!za
P:R}oz
htE|YrK(
80~gW'
K:u##	|
UDZJp]"T
m<6#$Q
i{{}6;
)BUC9DNe
N	7jx	
9SJ]:_pM
EQNZ[f
bMn>g9
`-=0Hxa
Aq	[l.:2
{g^Q|Ul
JJx[:a<
9 )HoJ
5MFW;}
1c=fY|
O"xfEJ
/u7~YV
9>?0pm
'dJ1My
FJ%|m.Fz
!i_W0j
xyc"mH?
m!0R[l
=l&GM4
^Yc]To
M#coJA]
2_:F!3{t
 %eDvB
)1h!2@
cLvR>J
'D6B00g
ehMt&U8JB
fcr,0{
cD4Z|&ip
6W7b?!
Y3^kRz,5D4
6/Ov0]p
e)L!	q=
&0G]3g
CZhk1"W
p^_o.I
mS-[`V
17A@f5v
LEn'3f
|" `e$
>ZI,>m
*&wuYf
ycmhvg*:
AVeNf^{
=6N[Xx
	iHci:x
]]?]%A
jprFt*
;{ (^.N
i^k	Qe{
A:|9mI
NxQ8Mmk,9
l'Fq'%{
257f~X
 Ir]$N
eJ%@1x
--2	5p
+^I|D:
T4{_8Bh.p/
4_Do\-\T
Kj+dxj
KqZHK*jH
F9!lS@
y*eM$u}"
^M3LoO
r\5=JXmC_
Tq&*'D
D3FZ-d
.-V2G$
H0*(58'
v2E	+?>0
+M-I*]
Ls[i<?aT
FXq8k_
c4*Jsk
.eRwmxt
,\O!~fL
79|:?(d
\/tSo'vNQ
]7Dme8
_7H_q)
@Kqi\w
	Gylv9
xSt8NU
sp'k&u
NC`S_3p
7"$Z{Y
f{Sk#A0
yV^r:f
I{*jsF
x &B>1
'/*:Ak
gOfj{Hs
$u#:cbj
|uQ\X)
O(c/b3B
/m&"gm/
w]$wRe
{7F{TS
4	DIGa
I0C][[A
{W*#F-+
?={^Lb
LXEmR2
i2Mss_
6:jagjm
xN>v/^
)m,2/@p.H
AppF}^
mxD)hyYz
s:Tb^*
H;t].y
{Kaz}6Y
UFp36]c/s
HL^5Vf
]+dO`zXcu5
4G:x[[
%}s	EY}!j
{lVAyV
;A_uab4
=t bEj
R+t^'e
f1O<s+
2>@qXL
vCK9IQ
H)bCS|5
\eYO8n
'?z\;m
77q\%US
jBYDs4
uZ9co9
K4w",O
5bbxAb
I/H98i
$eU8QC2Y
oPvo/J
!{bEVJ
$To`hdk
o^1B"4
+jq~{H
FzD;+u
 DjIX~
wGnpcJ
4P&M@(z
 a$tL3#:8
sG$h%{
(SN @d
|^Lv7U
\&A'pW
.A(3T8
VO5DEn
+.t1G}
*JRA$n
:.#:GL
DHk5M_
Hu?#U\!
vx^'K<
i-g:L9L
b f,0y
K=k>wD
.FR26X
6yC:j-
e.]_d</
]&;%xw1+Mhc
" QN'h
LzV#8c
%R=V(Bh
>`nO:p#
,+jGTnGQ
1vA&43
)"P	}z+4(=
N@|D+i
0rpBkI
VDa|(A8
Tzq7f*
9++nl9I
B|bD8Za
w\O^:,
9)AU{r
;hs!P6
jdP,bp
YQ,d\p
{0dB{z
q0(y:Z
?RR>r.r
`\f,EA
wl90P^	
)?aj5h
+m<(Owa
@><?R@
c7v$7	
'*b)c&k
7fnFj`
Q'-El6
| f\hkm6
	{^3)V
HS_	%t%h
H2W6W_
?vIwHt
kTeO8l
,x8N1U
N!,}Ofk=Z
:6#DA4f
^C)Wu,
Xu(vB5iV
H>i`1C
F4O1Z2I
TQ"]9&
%>dvDgS
`HE9`{_
>KF%8v
QCBXn[
!OiFNa
6 d8Y{020
kv3|b"
8#`)BU\
NWL_K:
=2r!C4
U%9xu*
IN}OdO
T!!fL^c
Lw"]KT
^[`k-/
JwA>|3
f&ec-X
@^+g[TH
oZl"t"/
BQVlx)
5Dt90[
 ,sU2~3
[fxNV4X
~1ZEI#
.waL-=
pk?!Y=
V3JM1"
;dye;}
M<wwh8[
.McHF)w
ZeuY&5
#|b3?#'
eeJoAw
'mn1M.
wtma!1=
e;L,*'X
5$X[=$0
WWJN&J|
AF	.7x
Rx48jMm
zkE6){
,<LM	U
pPRnBH
w%`ser
JRgyB<
bTE|	R
|KXE`GI
)--Jr3
#;yUZ;
p`.ofD
5||AsR
A)$YgN
gRNWb\K
fJKDHv;
V UN0;
w);KRbyg
%D3=#1
q&~C3*@
@Hd=ZM
Rtk!]f#
W-pbGh$6
|DHi:3Ou
z>xGWR
v9Ahhq2u
$MDqpn
obb/Y..:d
E<Ux*HH
 :.JGIK
XC~%(<
k?vI9s
d/R@y7q
O()$.a
VA>ElgH
RH"Zhb
v4.0.30319
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
UInt32
NewLateBinding
LateGet
Operators
SubtractObject
Conversions
ToInteger
String
Concat
ProjectData
Exception
SetProjectError
ClearProjectError
ModObject
LateIndexGet
AddObject
AndObject
ToUInteger
XorObject
ToByte
System.Text
Encoding
get_Default
GetString
ConcatenateObject
STAThreadAttribute
lc.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
sugarl
sugarl.exe
MyTemplate
14.0.0.0
My.Application
My.Computer
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
12.14.14.10
(c) 2015Bowater Incorporated
Bowater Incorporated Cemp Kopl
Bowater Incorporated
Bowater Incorporated Kopl
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>