Sample details: 9909ac3825b6860ff83f388d8f2c4126 --

Hashes
MD5: 9909ac3825b6860ff83f388d8f2c4126
SHA1: de3c1f5586b7f01ef92a07afc4d6ab1562dccc89
SHA256: ec19862736df8893a33a048d5478771a230325b7b5b2afeab6cd65f337fae85d
SSDEEP: 3072:QtaUX/sVcmhBEI39tH1giT92f0xvig2eGD95g3+Jrt+pOTf3j:lUkVckBrttH1HT928pig4RIOTf3
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://rationalmaterialdesign.com/serv/eze.exe
http://rationalmaterialdesign.com/serv/eze.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
$RIDAThC
qCe}VgM
V==/V??
(tc3d=
8o'uWdxq#
9PtBulB
M!ke\O
YPkW+?
?R%?Z+di
M9YSE}
D'X50S
z$q2"-
gA(Zc	
;ngb6#`C
d0a(vI
+sYIKv~
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
.,[n,a
T13#yX
"e;dr8
J:q._+
V#'R2]
?5;*l@'
C3W*oEf 
j>N5_%$
T`B*0!
e#m~t^*
$9s7'X
%4zV'?
w=y&=YW
5#HyM	R
FuU`TW
EekC *
&x,8ji
7t'x78,
-XF6MBo
dU2Sif
sO:Z_o&n
PzZ[h+=
F.=Uzi
uO>#7dZ
_rKJ{l;_
M7p75y
=00dASdA
_ID\(g
&/*7y:
G>Q50\{
f_	M~b
yc	M^N
O{Eo3h
>Nf6*l
-fvxVRM
%(9{	cm
ufMz<t;
c= KfcI
?{YWAoy+Q
to1X$3
7&p#K)%
-gNolTA
UGNxS~
EG2#"Q
 'DE2q
H740!x
6d+thk
t)r<kc
F&RJhN
O_O+e*
HNB+&y
BxAJz|
j#+;"d
n4qR.Kq
;4!%xA
nb#D\W
Y_-?h'
q[nZ"1
4F2x@ -
Vd8G9*
XA]U^Uj+<
]Q"~vD
E>8zWM
=v!,HI%
.dkDST;
FKSJ&#
LZUwE#/ 3
cH44M/
uG9j8Y`
N?g!TOfr5J
6;:7zkt=
w!~/F-
naG{~g
::vvnY
mk[6eS
rVI9<+
3P}s.h
hqv6@Q
%&f`_5
Oi9T6{
M]3==>
<Nn8fl
jsa,:0
uo;4M_
fL6]ax2
O3&?wCo
KcKlbO
Xk}4t!
yvjG+~jJ
A@t&@+
9l7c`;l<8
f[I9uQb
C#'F2#
]''>8q?=H'
K5_+/R
\HgXn}
2 bT:#
RlcxtC
x-VD;4BM]
U!'@y+dv
ivZ	ew
r>TKE2
U9	cV\.;
Pt'_( ]
xF7j	-
7wNP+s
Z:d@UKgC
U.&w*H
mN/ojV
&RZ(W/5#
TXO$Ru=
9]*<Oy
\P}1G`
|Z	s54
<cc>k!
	R}B7G"
%K7k$y
f^,JpR:
Z:y_+]YO
I8KO7r&
2/7[zy
 ?_!1$72
x6H<3v{e
Y$y@3p
[Lq0?4#_
xBUR3I
,GVqs9
Zx-?Th
pkB37.
2`r$n}t
fR5])US
~l]vbI
Q&wbG`
iMPfYfX
D\2f3l]
.t=ZJ7r
SaFV}+
9|^;?$
wy^a{/
h0^k`3w
<kTp5x
$Egdq/
#|}hd/
%Sdh*w
2x0c{8md
2_bmKym
SEm6[EO
wShowZ
RSxX8Y
FEC0cn
tB*a!"
<qaqc7"LN
ZzFLZ0
S l5g_
g<	msH
(}#Ocd
N)zAH4
\IKw59j
I{.1w>}*
j4^rg3R
B3W7W#
rHl##@
5#dzJ(
E|%-*=
s`8P		
6%MXG*
|(Cv>/
}<IY+b
#;X})D1u
2!Bp!u7<	
0H*qqf
!)X-^#p
z-]m K2
Zx-C..W&"j
b!1AH&
)JQ?JN
2	U=%o 
;+GN\;
j~>>=z<?
X#Uwfz
8u9/k;~L
G^l>:m
9-?r$S>k
mCy$ g
]:tyiue
c'V'/-?
.-?qd5wx
_X=9yv
v4.0.30319
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
System.Text
Encoding
get_Default
GetString
System.IO
MemoryStream
System.IO.Compression
GZipStream
Stream
CompressionMode
NewLateBinding
LateGet
Boolean
LateSetComplex
Operators
ConditionalCompareObjectGreater
LateCall
String
Concat
SubtractObject
Conversions
ToInteger
LateIndexGet
ModObject
ToByte
ChangeType
MultiplyObject
LateIndexSet
STAThreadAttribute
fMo.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
GuidAttribute
AssemblyCultureAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
myu.exe
MyTemplate
14.0.0.0
My.Application
My.Computer
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
6.3.11.3
$29a59c64-16a0-4b44-9fa9-3d6a0017782c
Copyright 
 Top Macther 2004
Top Macther kH
Top Macther Comp.
Top Macther Library.
Top Macther
_CorExeMain
mscoree.dll
wwwwwwwwww
wwwwwwwwwwwwwww
wwwwwwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwwww
wwwwwwwwwwww
wwwwwwwwwwww
wwwwwwwwwwww
wwwwwwwwwwwww
wwwwwwwwwwwww
wwwwwwwwwwww
wwwwwwwwwwww
wwwwwwwwwwww
wwwwwwwww
wwwwwwwww
wwwwwwwww
wwwwww
wwwwww
wwwwww
wwwwww
wwwwww
wwwwwww
wwwwwww
wwwwwww
wwwwwwwww
wwwwwwwww
wwwwwwww
wwwwwwwww
wwwwwwwww
wwwwwwwwww
wwwwwwwwwww
wwwwwwwwwww
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>