Sample details: e50372f6b7568586ee7ea895f0fb174c --

Hashes
MD5: e50372f6b7568586ee7ea895f0fb174c
SHA1: 47917c5941e4d7ce2657d6252137ac0acc34157d
SHA256: 9c0e956c75ce0b02924b02f356470578147385b86ee6e5cfb2ff3048695b483d
SSDEEP: 1536:Iy0fm/Jx6qZamdA1ADhizlh1gnzWWRpO1EMac1W7heDBnojdjQCytpxXvwPjccT:vGmBvaV1ADOenBSPafNeDKcChgcT
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://www.styrenpack.com/wisdom/stillmath.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPADQ
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
hbM $L
kE-jEK
u)vEj;N
Cm8iCm
x->.P:
EbGgy)
\s"l9X
]|oQV(
9w0u?R"
4qTb[Gd
cADUfk"
Zc$}re
z=!b[zw
1kzn{v
( l*?Q)u
Vp<Y0j
MoNBQq
}"C~3D
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
nUWWWUW}w}
&K4f%%
5Tu'=5
KMN+15
MQfz?N
-ac@Y@
$H*/wt
fxRvAF
U\EZ	MU
=.+?2E
Z?gLS~
X7!j;^
bp3^AN
aJC9Li
$fCu%`
e/TX6{[+{
\dz?H&
_".7AVl
ci";ZY 
9N"B3a
/SL-G1o
@e4"pz#,<
O-G,$4
$b"qd!l
d$g/@B
K<v#I#
,nq-S	
>qH7qn-N
eL/"lH
p\XB]D9v
Z/![$N
p!x&Cp3H
m]Im}6
LQ#<:B
j)F<5	X
|?q,"Z
o8Z4nD
|?/o_HZ2
MMK$A N7b
8}5r>)
0j{;j3
^,!Gcd
SIM'@	
cgY+Gr
mc?y^L
RcK	a);
--'#@7
P `^>`&D
4}ho$E4
og<[`0
[_Y%	LNF
ny[:}\;
bhL}O7B@1
v(R=1%H
5b}}1=
Ntt`Sm
;'s^r{
4B~H'G}
86(1\C
6']x#2]
zP-z_P
'Ne||*
uFhkqJ]K
[sFc:6
Uv*5w'
~'7[Jg
_tpXx,L&M
XT#w`x
hk2}*/
As:L/1S;
6<F%vG
utW3>S
e{tR1d
F^$i%>
Q><4Wg
6;Dj I
\&w(t$
%i+F<}
|-MW%}'
^?Wt@S@
]PQ8=#
)LSyK<
@^Rb=/
WV1}}%
ZY^Z[*
U@UE%nJ
$8piM=
RUQ]V9
IYT"6T
Ifqk~D
}ZZ_<`
-mIi#(S
5K[-],
gfjaaj
7Z"&?&
C2YX2w
/036=p
=yr~N&h;m
h<xx{E>j
v=_39M
'?lN>j
~ZT*h6
wO_*rH
\u)Y]9;(
gNo}B0
U;^M;^
{;i6u!
1shyQ5
GfnZy`
W%|d3S
o/-zXH
,]z	|D
rV_rJ_Y}
;5 gni)P
U=}[={
rg[zLl
[O<wG'7L
D0QODl
z-eKk@
J9o2\KDb
+Y^ w:{
c&.@h 3
&"lt(3&
h68PwI
h*'VOgG
|~!]9+
kypB*-
yLRlOXR]e
6;rUupS
9Sr&I.'4
pEbp,)
H%-io%T^
U*a_:+
HDjr.H
Zz=GOi
H,X)D*A
Us74{1k
`VP\Zf-
=6*k%A
ji{/k{
lhL$rk_
XX5fiO].
<QC$Jy
yD*j1_'
wk/>Gi7
pfxTv8R
mPg]:W
,p9'X1Y
piM[p!
S00sv~
\t.$w#e
d)#a=o
)2%J2 
RHVaC&%
n9.Qvg@
n{.)s+
I3:Y(wo
gml`BgI)\
fjvbD7f
gvnqdftazv
i399?22
12775>>17?=?9
)7cv5&
RXbuBVmX
'TVMoN
9-`WcA
~`4!]%
"|d4$1
W7:RkZ
uZWQ[+x
ULYY/ 
M*Pk`C
eeo& K
o:@&@=o
&09v<D
u'm)'X
f9)y;Z
l:;T&:
GU4~7P#
6((2:V
rE:4BO 
6[R4nU>X
#Lod},=
|mi/b)
91i'<#K*m!
({	MF]
lj0=s|	
>Km11r<\
f :f!A$P
M>&1UA[
	wMDx&
"f>F(|
_@TUCz
D_@H"DHT
h`c5l%B
_2(2{$
=~XpbV
xY"Tc	I(Zfj
EuaY {
0h8Fp:!C
qV$NJA
'v3Dj1
a\GxAB
NHGx(b
|jL-0x
~\= @x
/i $I2
@x_HA\+
xl7BQP
o{Ht.5
SIFdy+
zS-{MA
2t$\HPU
@DaI`w
+2lw@c,q
c,ENBA"
]S]GTk
TiYgyd
a$o>lq
%<MX-D8
Z.u.a*
>>)$	3
w'NryV
\m>!kU
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
System.Text
Encoding
get_Default
GetString
NewLateBinding
LateGet
Operators
SubtractObject
Conversions
ToInteger
LateIndexGet
ModObject
ToByte
String
Concat
MultiplyObject
Boolean
ChangeType
LateIndexSet
System.IO
MemoryStream
System.IO.Compression
GZipStream
Stream
CompressionMode
LateSetComplex
ConditionalCompareObjectGreater
LateCall
STAThreadAttribute
yoF.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
GuidAttribute
AssemblyCultureAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
stillmath
stillmath.exe
MyTemplate
8.0.0.0
My.Application
My.Computer
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
11.16.12.3
$e76a5622-3a78-4464-912e-513deaf91e69
Copyright 
 TR Nop 2005
	TR Nop TO
TR Nop Comp.
TR Nop Library.
TR Nop
_CorExeMain
mscoree.dll