Sample details: d1f51af53148f14ad2e39251a79027e3 --

Hashes
MD5: d1f51af53148f14ad2e39251a79027e3
SHA1: ec7321959267b1fe181aa35c945b4ba279443155
SHA256: 92cc9a9ae4040716bb55f81c4b0ec95b6fccc17d3fab2f41f22ebe985683773d
SSDEEP: 6144:uPb+JB1nuNURlNmxDpdcV4nQmSq0CeTdFsNcjat9w44ml/VE:ORpdA4vSq0lBFsm+934
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/CRC32_poly_Constant | YRP/CRC32_table |
Source
http://prntimage.com/pictures293.jpg
Strings
          	            !This program cannot be run in DOS mode.
`.rsrc
@.reloc
%&-e& 
@%,c_-?
%&-*& 
%&&+E 
%&- & 
%&& h&
+-&  '
Y1j |(
-9&&&&&&&
-0&&&&&
&&&&&&&
-%,%%9
%,:%,M
-H+F	E
b{pBQ4
Qn*Qy9
plskyM
eKQgCu
C]cSta
@N%;z!
hMC{	\
e)	eM=I
[iH/Za
m$z'So
fXCs]S
"F\pL6
N.]=^}
$QKlD;5
8o'FVs
l.:W4g(8
Q!m2_Ci
I}h/E,
FSN+O	
%iP!lrD2
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
eZ/x=xJl	~`W
{Yv+[aY
Cu+YfL
i8XW_c
<9Hq+y
oSve0%
66;R.{O6
}q/=EX
P6Tzla
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
@sS@2h
neE,#d
z2ert:
z		eMgP
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
g2+@M;
?h^&iR
aA$Qp)
W"5Z!V
P\,fYo,
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
Zd`YvA
qwPMF7
]en<~c
=]Y-W.DH
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
f|2)nY
&]}IM~
;.{^Zc
7P7`20
}[@;lj
l5TmQ.v
. g_h($
bE^g8-P
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
D(Ltp,
RGx.k"
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
uIDAThC
r4DUQ}
f=B;a 
Hh$D:A
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
~q7|yj@u'
;2.P3'
F[|#${
<F:Y$|D
o#%t&M-
<`%FSC)
U>52m*
j# B6z
%]d\Rda
MQv]lNv
Aw;a0;
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
up$';|
4^=KVC
UTq|`#kZo
ehI5w:$
_RCN>&
7K;4?OsG
WyYsq[
IY$wz`
6~E9Kv
,/y*m`C
Q<Dz0"
/;qo8/
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
rtv_*9
1Ugraq
(FmTn6
'aR`V4
*q	vMUmijz|
He,QRH
I'&$m2
h-W)%(
 f9uS%
r{'G	Q
~{.e-h
6#zsBKB
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
,)F4"$3
glE8;=
:Y@|@a
vD45qcm
q5Qj1XC
G\.n:+
EO\jy"?vo]
#1qy3U
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
'o|t-W
6#.}vD
/f%f2l
FVDC/'Y1
c6Dh&Q
[ETAVJ
L_^Eer
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
k4NA#Qy
560HvD	
Lc^$S5J/5
L+GtPd
J4;BPh
0Tpa(4"
@1{I)>20:`
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
\YZs)|<
?%e>>5/
.Gg|W$hs
o	UIE2
#3|e9(#
>lqU}*Ik
ZnW+"]
,@5)KD2
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
GV8o@~_
M|_AYb
/-Q			i[
}zut&.
 lTXZ] f
$m&ZUXata
6*qt=\
(Y3frS
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
)i$$FIJ
n-NRXb*
?UUdNy~
z~GH!P
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
nRud3r
?8@leOV
`JdBaNX.
@2=fl9n
dHLANF"
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
N"Xmv"
N2lI9-PQ
\A&1w\
9"ZJj9^A_
ZQ8QW=fO
e|Z6(C5
VcjTt-&
D[l]@b
.pk3]4{
5t*((]/
H/o)!{
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
g^_I)I!#
l,3"?k
ZU>*O7
6\NoUKk
E0)V4!
Dc^iO^
>DXSA+
!K\fYKW
ySGQQt
	Bzlyf
[O)E4|N
:58h!*M$7
J,^C<~
%7jZbU
sGWS`2
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
 _95A~7
p'xn*D
7/T-oQ
^v6>93
o|!Xf(
oD[Krx
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
(:<;j6>
T,e9)B
Pn:'Ri
uV~w;$
kS)GkK|
c##cP%
-[k``@
vo88LC
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
	M%NgSj
MT_lax
TBFi~6B
	Ik2WHBG 
FFvId0
BDOA0L
v2}`Bs
VnZVsT
{03J2g
;#$z#y
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
$M>Iy.
z7*{r7
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
,	UjB>
\w3F3s#
e,fT]1!S9M
7+	x.T_w
lu6Gv*
'Cpm>M
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
]hUW)r
/Ui'p&!K
H<b^I\r
lbJM!mV
6)rwfsM
[i&13Q
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThCc``(
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
f.>m>k
;&y-ts
.zpIs%+
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
2CF6	!
,af$;l
roH3;	L
LNaozl
@4s5J6x
S4A/."4Pu
cqI&Dl
ZfutR/
q[qj^s
O,/-eR]
cTK:CA^2>d
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
y2?ob) 
R#6h(t
p|.;^E
8g*	6#.
"vk}&`
(9rJR	
W5cB<)
9zWs4q
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
waV-:B
iVgP'#
mq~T"K
R["Y(W*
? /;v`Y
B3>I56,
  E_ k
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
=W)j$0
@.UHv-
99 ,\=
[q\)*X 
;vN!Xz_
:iE	uX~
t7vP9d
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
1}8mN;1
oF=ab;
-u:GZ0
Tu-	c{
G+wDD1
mx@lS]Y
<CDPw5
9/p^3(7
Z+D<ZQ
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
V]v1boF+C
%LnwU	J;
<sDAm7a
i}cwuR
Q~}Kdjh
R#7/ 2N
9%-e6L
vpAEzw
a)SHPj&>
MXDdTFk
;psk\HU}
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
Ju@g_?s
'L&J:L
_x!p}y
`hg^}KRP0
yW-2P5
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
M775}w:f
}[H	A;
Sa?Yf2
JMm"VI
5T6K`R1f
HqhD c
;F^hI}
1V@OyS
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
bVkH<2
X"L':I
'6#7V0h
P*JTP	
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
bIDAThC
~S:5Jsz.
1.;*#L!
R7.40q
~]4dr 
.~%D~&
PuDC*Y
>68Sz\
Z>O.^s
yjw#pQ\-9
q<9/jn'i
O!2:AtD
\Sb8\8
|"%W,S
7H4I]=WC
Rc+pMn
s|UtlY
_m)xZh
1X+BYM
N<e35~
t}8@6.
jP1h,,
ASjdR.
-X *gZ
aE<>	&
,~o \~
 -=e#h
pnQ:t7n
1|q9(Y
=3JBtF+b
f~Lhc;q
rA8	=.
z,aFJJ)
gdOnPB
r538X]
9wdrMW
qC2I5v|
	BR0/z
Zfw:BV
mq)@aNw
9BrM+|
7.nFo@
I)T2t{
	%?BMXV
]+qxU]Z~
}^w7rQ
8>A`lb
iEA6Q9
U$\wPG
j,T,(7L
BX3+)g
$E"8!{
FJd<5*
._'%|D
C_IXk|
wv04}ao
6{0?B>
<Ck=5J
,+ooK2 |
k!=I&Ks
l(D@I)]
Ml;Gt]
6\TM=H&:o
Hi5*DsZ
{l<MSt~
`<@0JN%
WT!k]r
utV4 S
__wZ2w
zDFlN<
DBvf5(
g	]kObf&
vi=G2vM
p|fm_	
AYeK^t
I?= *sg
=v	GFM
Wx<;,Ku
d&7^H@
-at1p$
gY `m6
Q&b@jf
?BXq1=
gI|u{5
rM$qV%
lj,&s+(
"4A>W$
#Trr)i>{
d(Z0v<
A^,Zj@g
F_^iw[
^/-2RC
_b>oFW.a
9&T|E\
C~hw/)
auR@'=`
!vj](B
r3ksge@
=k464	;
mOFRM?
Qcq	Ay
|~#$YL
J!]#jk
[LDo9Q
W3|5[	d
KiR0Au
*Nh?dS
{oq$O/
H9`k>9
JmTNa6l
KB{	qe[M
252GM?
@8h\>k
ind"E{
v=q7BG
9=')K/zp
cmsrW3
hpYKh2
!(N*do
/)@N%.Us
QRT,:8
3L6YC{p
yVp(!f
u{~YH?
;9Zs!R
9n&y^s
M	I?b@
YR*&cmq
-[8<'p-\
Qkkbal
I5nJ:fY5
v2.0.50727
#Strings
	(	J	_	x	
winfrm.exe
winfrm
mscorlib
System.Windows.Forms
System.Drawing
System
kernel32
{14241ad3-afaa-4997-84cf-fce1482f74b2}
winfrm%
e7893f92-5eb7-96.Resources.resources
Tuqotysyju.Resources.resources
<Module>
RuntimeHelpers
System.Runtime.CompilerServices
InitializeArray
RuntimeFieldHandle
.cctor
Object
MethodInfo
System.Reflection
Class1
GetTheFuckingAssemby
Assembly
MethodBase
Rfc2898DeriveBytes
System.Security.Cryptography
SymmetricAlgorithm
DeriveBytes
CipherMode
MemoryStream
System.IO
RijndaelManaged
IDisposable
Dispose
CryptoStream
ArgumentException
Stream
ICryptoTransform
CryptoStreamMode
EventArgs
EventHandler
Control
ContainerControl
AutoScaleMode
STAThreadAttribute
CompilerGeneratedAttribute
ValueType
Exception
Encoding
System.Text
GetManifestResourceStream
Dictionary`2
System.Collections.Generic
MoveFileEx
ResolveEventHandler
FileStream
String
ContainsKey
get_Item
set_Item
FileLoadException
BadImageFormatException
Process
System.Diagnostics
ProcessModule
AppDomain
ResolveEventArgs
Version
StringBuilder
Attribute
AttributeUsageAttribute
AttributeTargets
DESCryptoServiceProvider
FormatException
DateTime
UInt32
AssemblyName
GetCallingAssembly
TransformFinalBlock
SeekOrigin
ArgumentOutOfRangeException
InvalidOperationException
Substring
BitConverter
GetBytes
Reverse
HostProtectionException
System.Security
DeflateStream
System.IO.Compression
get_InputBlockSize
get_OutputBlockSize
TransformBlock
set_Capacity
set_Position
CompressionMode
ToArray
get_Length
get_Position
ModuleHandle
BinaryReader
MulticastDelegate
GetTypeFromHandle
RuntimeTypeHandle
GetExecutingAssembly
GetModules
Module
get_ModuleHandle
FieldInfo
Delegate
DynamicMethod
System.Reflection.Emit
MethodBody
DynamicILInfo
ResolveTypeHandle
ResolveMethodHandle
RuntimeMethodHandle
GetMethodFromHandle
MemberInfo
ConstructorInfo
TryGetValue
CreateDelegate
SetValue
SetCode
SignatureHelper
LocalVariableInfo
IEnumerator`1
get_LocalVariables
IList`1
IEnumerable`1
GetEnumerator
get_Current
IEnumerator
System.Collections
MoveNext
GetSignature
SetLocalSignature
ExceptionHandlingClauseOptions
GetTokenFor
NotSupportedException
SetExceptions
ParameterInfo
get_ParameterType
OpCode
OpCodes
GetGenericArguments
OperandType
get_MethodHandle
get_TypeHandle
get_FieldHandle
get_MemberType
MemberTypes
get_Size
get_OperandType
Concat
Invoke
SecuritySafeCriticalAttribute
ResolveMethod
ToLower
StartsWith
op_Equality
get_Chars
MarshalByRefObject
ICloneable
GetTempPath
OpenWrite
IReflect
ResolveType
NumberStyles
System.Globalization
WriteByte
GetPublicKey
CreateEncryptor
CreateDecryptor
get_FullName
get_Now
GetLocalVarSigHelper
get_LocalType
get_Message
get_EntryPoint
GetValue
Application
SetCompatibleTextRenderingDefault
Convert
FromBase64String
IEquatable`1
ToString
ISerializable
System.Runtime.Serialization
Append
get_UTF8
IConvertible
GetString
get_ModuleName
IndexOf
set_AutoScaleMode
Format
Buffer
BlockCopy
set_Name
add_Load
GetName
GetMethodBody
get_ReturnType
GetDynamicILInfo
get_IsPinned
get_Value
ResolveSignature
Environment
get_ExitCode
GetCurrentProcess
get_CurrentDomain
add_AssemblyResolve
IComparable
get_Name
ToBase64String
Monitor
System.Threading
ToSingle
ResolveField
ToDouble
set_Text
Exists
_Assembly
System.Runtime.InteropServices
LoadFile
get_Minute
get_Second
GetParameters
get_IsValueType
MakeByRefType
set_KeySize
set_BlockSize
get_KeySize
get_BlockSize
set_Key
set_IV
set_Mode
IEvidenceFactory
Component
System.ComponentModel
get_MainModule
ToInt32
set_AutoScaleDimensions
set_ClientSize
_MemberInfo
ResolveMember
ReadByte
get_Year
get_Month
get_Day
get_Hour
ReadInt32
AddArgument
GetFields
BindingFlags
get_Module
get_DeclaringType
EnableVisualStyles
ResolveString
op_Inequality
SuspendLayout
ToInt64
Directory
CreateDirectory
DirectoryInfo
ResumeLayout
IEnumerable
get_IsStatic
GuidAttribute
$41f1d86c-37e5-4ba2-8da9-d62ba78a8924
_CorExeMain
mscoree.dll
PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGX