Sample details: c67453fcaf6e6ff841ea100215ff6827 --

Hashes
MD5: c67453fcaf6e6ff841ea100215ff6827
SHA1: 0c8b53f6d449fdad9ef08dda600ea5e86e18a333
SHA256: 8f95ce289dcf9a0134a0bec9ac493f964d45472b19b850ae10a4989748546c64
SSDEEP: 3072:Y/sBPXMpPeIuBhOsOG6xWUlT0OY93eI/vZ9Vhpi7k:Y/X8NfOT1xWUSOs3eI/vFo
Details
File Type: PE32
Yara Hits
YRP/contentis_base64 | YRP/domain | YRP/IP | YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked |
Source
http://apsalamat.com/sunday/DocSN15102017.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
-oIDATx^
6cgH+J
=6V8Z@
nzCXfd_-.B
ne1yvT2
m7O`_~
fPZ8{]
34C3s3s
ka;ER:
qGp;	=
FYPl~!%
gW-iSj
q	e{A9
Q~S?5h
ae\osN
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
c5:cA#m
Jxt5/A
$\a[|RM
N-	Y'i
dH-fp#
H0N	0M
joiH/J
XJfL$ 
)lb8$t
ptD";Y
JFwtcVwtc
ADy-GD
aJ.*.A
NE0Gu;N
dg'Xc1
O=^QDi
k>QWYz
3N]Ky]<6
Fx <	@
)S&4PT&
`s/~/b
fc8YY>6
-xF3* 0
JiwP8w
=&kU11m
iFB*4qy
3GL`mf
>Be:v19
7j$Vi!/J
H%wz@k
d3hDhZ_
k&\z\/9
7Wuc-r
 m&`$9
XC(FNx
9TbiZ6C
`gjFf9{R
{K'O#U
Fp`ra$
a7eZO>
M8Zqm~>;
Q\nK>p
gB!p^3
lqj.G[
,45P4}X3
?V}XcKp<
2azbpu"v
fM_3kz$
!.Tge2
K$)hqa
7,=RJa\!r
4gMon2
`3Ng8q
aI0LE?
ed5c4\
S~<31p
	1B+g:
,lT,,ZY
&Sv[2m
v[62a,z
r9XF}V
l;&v3{
aiBX@C
Za?A-~
NmcC]'
>:20vf
@	7<x|`
-euvn_q
nx`T<n
lxEkg{w
xKXaX$
aUkVk55zF
|5&VH}|
u4#yY,!B{9
"g{=k{
x~2?d*y
pAs,l6
JLoo`h/
~^qI??
[^?Kzz
X$!0>p
5opSV5
1CMYIL
onV)bd
A)lJnf
vKkoshd
kWZ[>d
Y#{AYQ
//L+Wy6a\
rSwvzq\
cyvnM9[(VS
mk=jm%
H5*]+Q
e.4	u^
1jODm!
JDW2%	
ml)&x<
 $.~l,
lT%n6-[
6;wnbnJV
DIDATxl
[li~nv
dHbgBs
Bttj^#X/
pbt!!+
&NE9-I
06*CxD
dy,7=]?1
6d;oF=
B+k.a	
 y3TO$
6u_35~^
0t~yaFn
.PI}8%f5
r-ikBZI
F4$	}mW^
zY:*2j$S
	9qbGX
a[q4bU
v((kf&
. cc	`
iP$}3V
ff33y)W
%D-,.F
NA_/y:
3AdHDK
KMJ @!/C
)"rj\{
|&&E3f
'4y/eGMj
\3k\{N
gkV)>Z
*hP#(g"8%
BP&tM-
3@_21	
%%t'h&
b_,TW;
)eH	R:
aW((iF
Xs*s>|a&3
XF{@wh
fAsJG}
=Bp)uhZ56
VC-"7Ij
czrK-!+
j)nBDe
d^kb;B0
h^9-mB-
Y;Pa[zF
kz5d[t
h:x(h,s
h	`Q6ZZ	5
Ak[brLiN
7EP<oINDg
^&>$/v
:V8sjz?
"8iut"t
iH]a=a
b~bDF]
#fHRp`
xBv#>	
GT*6r@5
qY	\ry
MH%R=i
fsACN0
".>6vTE
$ib:Q+X
TP,H,|"
<'XX1x!
7#<	zE.
`dhy`{
1!#B9!i
K]#NYj]
1?Hy&e
AFC@$|
>hwt%	3
"A*<VDd
u/./]9
D{s.Kr
37S'KS
li]\pw
Zi9"@W
tLjy\3
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.Drawing
Bitmap
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
Resize
NewLateBinding
LateGet
Operators
ModObject
LateIndexGet
XorObject
Conversions
ToByte
String
Concat
System.Text
Encoding
get_Default
GetString
get_Width
get_Height
LateBinding
BitConverter
ToInt32
STAThreadAttribute
zNcR.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
GuidAttribute
AssemblyCultureAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
DocSN15102017
DocSN15102017.exe
MyTemplate
8.0.0.0
My.WebServices
My.Application
My.Computer
My.User
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
	10.4.11.0
$27df595f-c673-4413-9c14-d3895adef2ad
Copyright 
 Microsoft 2017
NewGen
	Microsoft
NewGen comp.
_CorExeMain
mscoree.dll