Sample details: ce78c530959604b94ba06d9feed1eba4 --

Hashes
MD5: ce78c530959604b94ba06d9feed1eba4
SHA1: a2a29af9f39bc7a8867ee6eea409fd063317e338
SHA256: f1c88050e48c74ccd6a143297124a9f702ec77c93a1924b791bdec975ba5f002
SSDEEP: 3072:kBsuf64Axf6UzHHFXeKWKhOegMHhTdqBgZhHpbaE:I7A0YIwSBwhp
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/Big_Numbers2 |
Source
http://file.mglt-mea.com/sweed/boys.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD6
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
e`wB)vvgxm
C|e|o5
VPP"1U
JK)p`E
CCQ6'fq
I!Wi:0[;
u4Q?Uy
}A&py0
!ops%F
4TPKT8
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
I6//!	97K
Vwuuuu
?PR\<10e
/;eH@y
 ls	3t
:yl}SP
dCqOz_s
$RQ({4
'QZGhD
*'2s~y
bj$]PNfA9	PN
I)[@)[
&k_z,g_z,
umM<!T
/2/LfA
{XjK~}
i3o+GJU
,C<EeK\e
@/ne$@@Pj
<(}Ffm
{Etl>u
H$ruQ(
m/Z>5f
z8H:eHZ
IntEkd
X7z:m.
%Ng V`
4E?I/w
IPZ(qL=z|
7(3ZL}K
BSh_pg
?~1V$tWx
}yh@E$
L+(:Sf
(uhm	+O{O
-$NHuA
p:L)E`
(q~x$ 
i&JHZ8
 B_iYv
)*'$3D
"1d0[:y
mB`1[o
'WcH:J
!dEr#>
B&0[?OH
2R=L#!I
X*0Z6E
"]"mLA
nH/'__
<4Rp-T
s!D!U|73
V)!)	Z
R{q9-U
u'<i	l#
x6f%@A
s(RPUfT<$
^j<v3ic
C#&/JF5%
zAaiatnh
*eEn`7\"
X|f6X+G
5\tajx
25Gvum
&.+nE&@*K
"uiz'_
IICV e
?PR\<10e
^(xQTj&
o$=86[
lBCi)q4f
KP"qy-
K0\\jid+Nc[T
S %'4:
k@"fdk
{pT @P;
[q>)v-
U_@lZF
SSSR4w
UxK]U]-
EUhD\.
R1PE**
5g,*)/*YV
LOiIQaq
7si)+/
W^PX2mb
o	8>D$
*O	(N9
b00MYi
Z[[p%>
?}bKB5
~P<u_zeBK#	
?jL,,^]
Oj 	36	
{adtz`q
dFgP5X0u
~5yBo,
r~p;9k
EW^QRNC
}B=?qN=?
7;kW5>
.9-&mwCV
75>lrJ
4]fRe^
uN=oU=/
(]u"JW
R9J)]q
{	=9Og
n*]u^!
Rys*]q~i
?~Ocle
]%|C O
5lop^!t
9F$kp/As
|+MM9@e\5
g6jfy,
Li"y:f7
$#7cF.
:nnJBH
K')IHgd
kOp`Ru
:ntd*PwR
NIHHLu
"+:hES
WvwezW
Y#6Xv+
?[.`*WEd
$utO.!
%{y2]Ny
t&}eO1
c80`{od
*n=.\eYb
G% wiF
D6P){5!
8{ghsB
,(8!>vLM
g$.jWdH
{|jrhB+
T%/G*rG
xNF ,tg
I}v	N4
6(57 [
o9BN:y
tld	k(
T6)[K0YHy
v)sg+:
jXntrH+
DZw-y'kf~
I,Z,$b:
(bA*^	
	+WDq	\>g
'1:%C+
YXGEY(
['ApW@'5}
6g\wv9Y
{ny~txP
{ipxqyP
e`fyzi~iqavazpF]4=0
{t`v~q
,[]1#bz
U^TWu3
|%5eR=
!5G6-u
C<b=2?
e}gTwz
ZP3C:'5
P]XkC*Q
.#^"F"1
c_5sgF9f
T#xUt!C
X	aDU@
N<2T,ed
L@*@_T
kBm(#/
z'jDd0#
>!a6&v
0W]ec5
[*E (h
	c{v^u
t	Wk-wAU
PzaVb*
3j3fRd
243ih&8d
D!2&;>
NaXp@:
B.,5:1Lq
W$qkc$
"tpyD7=
/9qOp2
I,G@^v)
)r2z)x
jQS"a0
\A1c@H
CJJ>!X
F2g	BR
#i+l^B|0
=ZEm5LDP(2
xSL""h
)VsZ?Gu
>y!L<<U
tq s(Q 
UCa^BS
,yhsL	X0d
44f"h+
	F^?	)dG
Y<.Wde,
u&/5(\
t0'J@S
(L|lyi
8z:>Gi
a!&ZJQk
"<FO~b
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
System.Text
Encoding
get_Default
GetString
NewLateBinding
LateGet
Operators
SubtractObject
Conversions
ToInteger
LateIndexGet
ModObject
ToByte
String
Concat
MultiplyObject
Boolean
ChangeType
LateIndexSet
System.IO
MemoryStream
System.IO.Compression
GZipStream
Stream
CompressionMode
LateSetComplex
ConditionalCompareObjectGreater
LateCall
STAThreadAttribute
hb.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
GuidAttribute
AssemblyCultureAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
boys.exe
MyTemplate
8.0.0.0
My.Application
My.Computer
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
11.2.8.1
$5d813c79-862e-48d2-b253-20b1b76965b5
Copyright 
 TR Nop 2006
	TR Nop Dr
TR Nop Comp.
TR Nop Library.
TR Nop
_CorExeMain
mscoree.dll
3333333333333333333333333333333333333333333333333?3333333333333333
333333333333333
333333333333333?333333333333333?3333333333333333
333333333333333?333333333333333?3333333333333333
333333333333333
333333333333333?33333333
3333333
333333?33333333
333333
33333333?333333
333333333
3333?3333333333
3333333333?
?3?33333333333?
?3?333
33333333
33333333??3
33?3333333
333?3?3
??3333333?
333333333
33333333333?
33333333333?
33333333333
33333333333