Sample details: a7d3b4fe8b4105421e81e2032fd12324 --

Hashes
MD5: a7d3b4fe8b4105421e81e2032fd12324
SHA1: 7224084d10321008fa4067ffb42c6523df5f2d63
SHA256: 0d3196d21fa7910db78a0ea2a389959d7f738ff1903acfc2fa38ca2ac9e229d2
SSDEEP: 3072:CZ+LxiWSa7fz4qIYTvr6jdykvIKFR0BhbIVdeUu:M+LGsUC6jdlIsINY
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://craiglistgirl.com/IB4/probs.exe
http://craiglistgirl.com/IB4/probs.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
>)%-mi
2NO:5o
_hM)B|
gP,WL#X
|mX2f;r
uQ]%nX
YD"K&B
A+|Hk0?
2_^ZZF,
slyi1[
,".XDr`
S{Hdr?
trRrr%
ap;\IZS
SfU9?`}"nF,
*W]e&Z
-7=|n9D
fvgnfw
>P 5M{MR
88}wQ9
nB~:C)
O&oqAQ
6&C~T|
x:Po0/t*
Uuq4y<<
KaySL5
zFnl15
sO2"S1
:}[V*k
<P}^"p.
0#[{Dm
"'1'Q;
<?Ln3"
T	*AUS
_8^--x
f`sT](
{ @P{hB
dNJ	yM
b^,Ct1
9KfJ^c
>	UNDiP
9y*"Uv
=hl/P`p
ZU D|3
h+Jp!h
%&nw5i
%0x]-f
$]8OT$
k' /'p"Pu
uV	CoU
D]-F6D
G-a-%OI=
wtYlP1
o;1bdc
"SrEu?
!<^D_}
)@Jjla
;1r8<qM
Gjqsmn.0
uA!T#p
8D"8l/
e6>"AT
cF5^[T#
|N3x|w
%DI{+cm	
QI{.v@
b'IUF 9
4.Mwg/o
66 0M,
(CTDrc
[/r^(~
G>O%@Z
J*0q -2=}
Gf]2{V
2`,CJF
qads>g
1JyN$p
CISqtk
lkiii^
6njE}mK::Z0Jk
mJg3rI
KgEWOw
n:ZZ9iuG
;}KQcWO/Vu
wtgv,wZ2
9+zA1$
~`ev`gk
v!Owve&
@wK?`h 
Ytdz V
gZ;Vwm
?PtC9Jo
_oan]"
kb+2t1
Ib'jI"
gO ()3
D9,>Dd
*#P	\Z:0;R^
K/;46=32xd
4080hp/
'DJz-flB
}Vo-4 qM
	*$e2;
yN?/9o
4P>m|_l
_oq[]7|x
@/W?m}
/P~Mj~	
abCxCpCz
tWutfZE
+f?PGw
H5f1QL
ZO`e9SL
2N%t% 
7jvrb:^
FUufAS
s~K!!h=
ak #rRi
9lU=%6
\4<,Ts
^W"]tS
Ki(&pt`
w &cs'
)ejz~(2
P?3>QU9H
nnW0@1
,Tm6noW
ZT0|`j'
_uhn^E
U7\r9:
<|@rGPM
zh&/DW
3Ixk:@
.5Y#Ou
Tj3)U#&
Mgr9O@
d	&qY]
UcB=)Y
scrAzhk&
iX]@L,
,EL\kB
b53-JEd
$# [Kq
@oOO_{
Y[W7>7
]ZAOR(
'PB0G9
VB\D0eI~w
8% 8,"a
yE^ /C
aDh6i)
YL99h*
4.rOs}9aS2aI
C#3pT,2
]xF_a*
I("d6gZ
Lcf)B3
6CF8Pp
zQn`T"=$W}Q
x3R/2a
iR/Ko-
z "46D
o,2?W4
!9<PR&
~3Gz6W
X-8'3I^)
[2VMH&
jLeKB!x
3!Gqarr
$9HL*q
6i0xTL
HPN9Am
R@+ a`
X/")nL
V+$B(St
4!I!.A
a1X#tw
]e]$l{
0Uh` q4+q
[jUbC=
:;F OkH
Y@&Pbe
?LUg;0W
k-_{$_
Y-d$t4J
1NEi&"
K'O=<j
)	sPjJ
p&1c<^
+k>~eC
/YuwN?
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
RkIl4LOKD
haFovLg
n3f3@AHB	Rr
	|u?|FT
g/eHKR
PjJCa3
@w+p[T
E0CVz,V
Oa*b:ar
wUe7=%R
7uw??L|
u|+T#^a
2	B/Vf
Ei$\=4
7dT_\@
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
System.Text
Encoding
get_Default
GetString
NewLateBinding
LateGet
Operators
SubtractObject
Conversions
ToInteger
LateIndexGet
ModObject
ToByte
String
Concat
MultiplyObject
Boolean
ChangeType
LateIndexSet
System.IO
MemoryStream
System.IO.Compression
GZipStream
Stream
CompressionMode
LateSetComplex
ConditionalCompareObjectGreater
LateCall
STAThreadAttribute
CH.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
GuidAttribute
AssemblyCultureAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
probs.exe
MyTemplate
8.0.0.0
My.Application
My.Computer
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
11.1.6.2
$53d3c969-cbfa-4957-a4a0-64b7a9c3d2f7
Copyright 
 TR Nop 2003
	TR Nop FO
TR Nop Comp.
TR Nop Library.
TR Nop
_CorExeMain
mscoree.dll
33333333333333333333333333333333333333333333333333333333333333333333333333333333333333333
333333333333333
333333333333333
333333333333333
333333333333333
333333333333333
333333333333333
3333?3333333333?3333
3333?333?333?33?3333?333
333?33?3333?333
333?33?33333
33?333?33
3?333?33?333?3?33
333?33?
3??33??3?333333
3??33?
333333?3?3
?3333333
?3?3?3
3333333?
333333333?
333333333??
3333333333
3333333333
3333333333?
3333333333?
33333333333