Sample details: 905869261745a209f7968f7cca7b2ff0 --

Hashes
MD5: 905869261745a209f7968f7cca7b2ff0
SHA1: bac08957888c90cf363a8322e7a326aba59a9dbd
SHA256: 3984102434f9ac46c4f792a155399b7c8cc6cee44a0013981b7e90f4ddc93c30
SSDEEP: 6144:bNJfAJdpbgJgUlxc6kfqE/0pyB4Ww5In11x4ubNB55b3fNcjat9w44mDL8:ITFgJhY6aqFpK4WwqL2A5hfm+934
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/Big_Numbers1 | YRP/CRC32_poly_Constant | YRP/CRC32_table |
Source
http://prntimage.tech/image293.jpg
Strings
          	            !This program cannot be run in DOS mode.
`.rsrc
@.reloc
\CMZa8
& a_nl%+
 wgQ$%&8
 Bkn18
u<\a8)
 6;Ku%&88
+( 0mf- 
! f):aZ 
&& el7B8x
ZOD%&8/
)-mZ FE
LmZa8x
g>%&8D
K|N%&+n
r+Za8}
 Kz608H
:::%&8
 )f	g8
]Z ^#Dma8U
AI%&8[
Z 9-O<a8
F-}Z !w
Z -`= a+
&& XWt
74BZ G
+c 9pY
+C 4"X
10aZ Q
NW.Za8
RX<a8g
Oc%&	 
?3SZa8!
&+" aW
aZ o6z>a+
H:Za8T
M[Za8$
(JAZ L
 03yQZa8W
%&z ki*
Z_%&8r
rZ QfXla86
&FZa84
lZ iU#.a8!
wq A6Y+a%
Q:%&8)
A)Z |FR
^?%&8W
 Liy)%&8
;njZ I
Z 8c-'a8H
%&	 o}
eCZ Zv*|a8
+PTa8C
7VZa8Z
hEba8|
ElZa8:
 -.|bZ 
 =u7RZ Vn
 Xtf}%&8$
	e>a85
wyZ PZPZa+X
 SWav%+
F0%&	 u9"rZa8
Gje+N(
\&!Z X
|Z ~0?
X\#%&	 MN
g@Za8x
|Z t%L
1Z j{4
 !>wP%&8
+. @Kn
Z WP%va+^
tRZa8$
vD;a8i
 CAZv%&8
)Z r}}
&`AZ ?
 H^5OZ 
Z$a+i	
 eha8b
/Z /"h9a86
 GHi	Z 
>M4%&8
.v%&8|
wfL%&84
 !:uyZ 	
}~zZ BW
}tT)zd
W$FI7/
=j'y]B
|ctR/y,!
@*|#st{KxI
$6L@9O
'c!r[{
`*S2Yp
.fcsr/D
oTh!lx;
<O\]Q=
o*eHI:
)T$?LI
:Ctt's
!*i(w'C
Etf?Vy
(H%Y+A
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPADpt
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
2#&aLj8mq
"sg%?'m
5T6l&#
[O<3bM5
M3dZ[Q(
7p`1{6
["_r:f*|
l.@7vM7
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
"/YDc8
+Fa;y*.
 6B3Dz.
aVPXZtx
]^$~ta2
n%YAu\K
 7I-wk	>
dnuH:`"
iC8hHW
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
|bP9WCz
}%MAik
p0sJ?w
*U{fcxD
6W}?lj!
k3jXnE
+m?YiS
3h(vQ0'
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
LwwwL7
z=1o6QU
;z<Zxd
^o"Zl`N
-U2M?1
_(V$%T
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
0ZJIB0
PG4	nl
_#{|FC
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
6]sL;1
`o	9`8
_"U+H%
U#Iy8keh
o]rC(H
l=d)!	
x:41W*v%
a"<B*;
2h{SV2
<~vN&	KS]
'b/?Oo
-p%DZ7
1;XZlKO
T3#rLc
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
IcK@xQ
aSj;:/
y[/e?@
<_m.k@8
<opnrr
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
\9Ac(_\E
yS^kEg
nz%O'U
)weTf7
u2RIU}
/1rtU;1
Z?z)ju
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
yv_4RmE
40[-Z"2
k8V{ot
ws6X_S
,%|MMX
<`XHgb
6Z<y2BJ
X=GU>=
=OC),X
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
N3=}8q:NwwwN
~L_+nwD(
&ymu@H
}++[V5Y`
'5])Px
&*iHf*
Eo;h?c]cOL
)4NCpK
XB@x*t
SwV26.
O9g+|w
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
rIDAThC
}BEzM]JZ
f)s1s&T
bpfdQt
Wbc2/{og
1ts	PS
D^i?=l
WOw|!EG
 t#tRa
k5975=?!
pYnumV
d !$')
;WE>5~
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
8&s_'J
P!J!Is
IWl$Ne.
A	G|D5\c
l>DE#6 4
!4(=y|w
uU;wxZ
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
xGg9YH
R]Hn?l^
02Ah/3$
Z_EDI@
D)KJTiT
yRpJ3F
tNn&(g
{C.zRA
Wsksd	
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
~s;0gA7
'"$-Q}Y
:rw1;yA{
4X;,>!
$qbVwV7	=
vRvs$.
DDhY"}2Z;q
y@'kF-z
Dd0nlN
 {AOIG
U6a\[]
"nV0=>
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
jIDAThC
pz;P^#
h,}:zXt$
-@:;Yb
-$]b|K
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
y55(@3J
\`10z3
a$:MLjI.
	[gkN`
gRd#.u
n];#WdB<
.pI@j=
C)~F}p
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
(2P4|R
p#0],h
r	S[[,>
;M*,(c
O6XqJxr
!MlWsB
 5]ss3
**[]]?+
6cj`7Xp
"_u2=	
'OS:S,
7qMg;z
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
NN;LNOw3
y6h*(Q3
}^|uV?Cb.
C_Q_n=
v)I*\f8.'
|3>)Gt|
KM('OP
#kGxysr
EuiI5>
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
us>[j^Lc3
Ms56Ps
VPJGx'G
5"9vF]
C-f]/f
j*j {$lA
VvB]x]
J3'341
Nk:A[|o
,{:eif
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
=r>e|;
Zm@*SV
i}{Mf~
{SQ}'ye
/aoDa}
OY6cFcG
i~$VA\
+I:C:(
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
oHRF"}<
3uB$_c	
Lmq?;S1
+V)&kM
L*}2x	
,e	{T_
XP'|Yc
#U;TRe
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
MOo!!a:
JzJn$E
If1b57
&=&zNs
|4euY1
^^,>c)-
aDo.[g
6Xj7h,S
%ny>hxW
#4aa2J
BkC32K
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
61111L
jmZ9fmWEP
7BhQb{
4])$<J
 IhC.y
Q+xdwlV
!5kKX'\
qg[AaX
3N~`9*
-;5%:m
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
-*d?!z
1)]`)Z~
&#5=?l
o[k#z7
J-5u^_
?TW^C%
9-b@%2
 VQdc'C2
}(+m7pj
za%Q	!
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
kIDAThC
E"vX}f
k@kAke
9/u`Hp
Z>vqaH
?\>n'H
Sd,!}2
~b5@JNR
qAd5g*
X[Wo';
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThCc``(
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
?_?I6c
9wY63@PZ
Bo.V*7
&R"fX	x
A*NpVx
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
<M2`	X
Hcy_cf7
:9-J/>i
J8`:64s~
mu)((.
{rI&g?
(:Y$tb
zU6Xh!
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
	S5Pvk4
ygbMLS
O+9`^-
#gbj?7A@
wq2R<5
Q2@Qq=
bmthkq
sG(p5!%
wLRsLx
QgL1S#s6{
'zOCkE
<}M@FcjmL$
9,4<[&gx/
@}\(}2
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
tIDAThC
6Eo!R)
R)Ri3!1b2l
Nu9P2^n
`]v)pv]
<y`975
2h=Ts!
-;><nV
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
-YQfZSD
W^@KB9\
%:=`aq
Xh9bWf/
m+T`e0q1
}v-=q~
KSj9g31-dU
&2/_@;
#|R\(eZ
bjcGlb
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
$D=H5G5?
OF%$.%
@u$ycS
zF>epp
@OQ.`F
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
?QM#_i 
h;=amP
(y!kd~
`?][4l
\YqBAX
~b(K8s
e]OW9X
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
mr$G?NA,
r:qt)(
<;@d)v
sOJ4q.
5E:aHR
{hc5K'
phW>i'
,a*ogjG\
y<=o}T
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
&R>2,n
~{[-JR
YD4T/^
N,VBCp
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
rIDAThC
/]qc! 
\JaM\.
#J0DLo
S~_F~pc
b9(Xk[b
A/;uvd~w(wuU
T@FNlcD
Psqt{P
W&#!O<jV
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
w=C ~Z-
+LA~/]?
|k^xQ55fM
r1XaT"
wVD657
|5VVBT
3w7:2>
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
Pd9Ff#Tf
a'z?%E
,JyCO.{f
t1jaeVW
r(=a~2
~S:5Jsz.
1.;*#L!
R7.40q
~]4dr 
.~%D~&
PuDC*Y
>68Sz\
Z>O.^s
yjw#pQ\-9
q<9/jn'i
O!2:AtD
\Sb8\8
|"%W,S
7H4I]=WC
Rc+pMn
s|UtlY
_m)xZh
1X+BYM
N<e35~
t}8@6.
jP1h,,
ASjdR.
-X *gZ
aE<>	&
,~o \~
 -=e#h
pnQ:t7n
1|q9(Y
=3JBtF+b
f~Lhc;q
rA8	=.
z,aFJJ)
gdOnPB
r538X]
9wdrMW
qC2I5v|
	BR0/z
Zfw:BV
mq)@aNw
9BrM+|
7.nFo@
I)T2t{
	%?BMXV
]+qxU]Z~
}^w7rQ
8>A`lb
iEA6Q9
U$\wPG
j,T,(7L
BX3+)g
$E"8!{
FJd<5*
._'%|D
C_IXk|
wv04}ao
6{0?B>
<Ck=5J
,+ooK2 |
k!=I&Ks
l(D@I)]
Ml;Gt]
6\TM=H&:o
Hi5*DsZ
{l<MSt~
`<@0JN%
WT!k]r
utV4 S
__wZ2w
zDFlN<
DBvf5(
g	]kObf&
vi=G2vM
p|fm_	
AYeK^t
I?= *sg
=v	GFM
Wx<;,Ku
d&7^H@
-at1p$
gY `m6
Q&b@jf
?BXq1=
gI|u{5
rM$qV%
lj,&s+(
"4A>W$
#Trr)i>{
d(Z0v<
A^,Zj@g
F_^iw[
^/-2RC
_b>oFW.a
9&T|E\
C~hw/)
auR@'=`
!vj](B
r3ksge@
=k464	;
mOFRM?
Qcq	Ay
|~#$YL
J!]#jk
[LDo9Q
W3|5[	d
KiR0Au
*Nh?dS
{oq$O/
H9`k>9
JmTNa6l
KB{	qe[M
252GM?
@8h\>k
ind"E{
v=q7BG
9=')K/zp
cmsrW3
hpYKh2
!(N*do
/)@N%.Us
QRT,:8
3L6YC{p
yVp(!f
u{~YH?
;9Zs!R
9n&y^s
M	I?b@
YR*&cmq
-[8<'p-\
B=wQsR
BytOF~@
&5;FS(c
>z\y$H~7
0m_zbD
MAk^9t
"_MkGD
Qkkbal
v2.0.50727
#Strings
jkhjjhfgjk.exe
jkhjjhfgjk
mscorlib
System.Windows.Forms
System
System.Drawing
kernel32
{30ab2ef0-8998-4232-b037-9665499dbad9}
d0ba23af-d45c-5e.Resources.resources
Jumofabu.Resources.resources
<Module>
RuntimeHelpers
System.Runtime.CompilerServices
InitializeArray
RuntimeFieldHandle
.cctor
Object
System.IO
Exists
SecuritySafeCriticalAttribute
System.Security
AssemblyInfoAttribute
Attribute
FileInfo
get_Length
IEnumerable`1
System.Collections.Generic
ResolveEventArgs
get_Name
String
MemoryStream
ToArray
SymmetricAlgorithm
System.Security.Cryptography
set_KeySize
StringBuilder
System.Text
Append
IEquatable`1
GetDirectoryName
ToLower
Stream
set_Position
set_Mode
CipherMode
Assembly
System.Reflection
GetName
AssemblyName
GetPublicKey
Version
op_Inequality
Hashtable
System.Collections
get_Item
c78ae8fec9b6d77d2012ef7971c83ae5b
c5f7830d0d36452f78c2aa737ded381c7
cdddc909ef2ed9eeb6cd58fe5556845d0
ISerializable
System.Runtime.Serialization
IEnumerable
IDisposable
IFormatProvider
FileStream
FileMode
FileAccess
Dispose
set_Item
AppDomain
get_CurrentDomain
ResolveEventHandler
add_AssemblyResolve
ccf09f68a0e8553d8a97576e688c00372
c79e9af3ab94ed28c3aeb52d2d3f06833
IComparable`1
c1a83872e27ef3378884d500e6d56d67a
IComparable
MarshalByRefObject
ICollection
GetEnumerator
IEnumerator
get_Current
MoveNext
LoadFile
Monitor
System.Threading
Exception
FileLoadException
BadImageFormatException
c14165a7df9c5f530c2e08997469c09fd
c5d45ece7147406e97bec5039f39504f0
IndexOf
IConvertible
Substring
get_Keys
CreateDecryptor
ICryptoTransform
IEvidenceFactory
Application
SetCompatibleTextRenderingDefault
Equals
StringComparison
op_Equality
ReadByte
DeriveBytes
GetBytes
OpenWrite
IContainer
System.ComponentModel
EventArgs
MethodInfo
StartsWith
EnableVisualStyles
Process
System.Diagnostics
get_MainModule
ProcessModule
DateTime
get_Now
set_FormBorderStyle
FormBorderStyle
set_BlockSize
get_BlockSize
Concat
STAThreadAttribute
get_ModuleName
CreateEncryptor
get_EntryPoint
get_Location
get_FullName
GetManifestResourceNames
set_Capacity
get_KeySize
SeekOrigin
Format
CompilerGeneratedAttribute
ValueType
c25f134a4132f0ec591b03cadc97a38e0
c18be18078e87f17709faa3f6fea5018e
c6287a79789b681965ceecd2080c9a8d4
c610ac3c43ac57014b8413ac82b298c98
c9e4a2f9f42e177b0e5c843074f0462d0
c08cab641cdcef9a4cf1fca6060f7cdab
cc24c25cee12dddba8c28675da7d243d1
ICloneable
BitConverter
Reverse
cb78e16ca6599768eab5ed61c9ac75a0d
ce9d69693d17ac7e0d50ffe03b32278de
HostProtectionException
c398423dc60bb2d0464cf9f950327feee
DESCryptoServiceProvider
get_InputBlockSize
get_OutputBlockSize
TransformBlock
TransformFinalBlock
DeflateStream
System.IO.Compression
CompressionMode
get_Position
c069cb29c2baa199cd6ea191fd51067e8
UInt32
EventHandler
CryptoStream
RijndaelManaged
Rfc2898DeriveBytes
_Assembly
System.Runtime.InteropServices
ICustomAttributeProvider
Dictionary`2
ContainsKey
Rijndael
MoveFileEx
InvalidOperationException
Control
CryptoStreamMode
MethodBase
FormatException
Encoding
DirectoryInfo
ArgumentOutOfRangeException
ContainerControl
AutoScaleMode
FormStartPosition
Class1
GetTheFuckingAssemby
GetCallingAssembly
ToString
GetManifestResourceStream
get_Message
set_ClientSize
Invoke
CultureInfo
System.Globalization
get_InvariantCulture
get_Month
get_Day
get_Minute
get_Second
AttributeUsageAttribute
AttributeTargets
get_Chars
get_UTF8
NumberStyles
set_IV
set_Key
set_AutoScaleMode
GetTempPath
GetExecutingAssembly
Combine
get_Year
get_Hour
Directory
CreateDirectory
set_Name
set_StartPosition
add_Load
WriteByte
set_ShowInTaskbar
ResumeLayout
Convert
ToBase64String
GetCurrentProcess
ToCharArray
Environment
Buffer
BlockCopy
set_AutoScaleDimensions
SuspendLayout
GuidAttribute
SuppressIldasmAttribute
$abf41361-18de-4a6a-b08b-14685d7b807b
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>