Sample details: f5fba636088a87a397646070e33b2879 --

Hashes
MD5: f5fba636088a87a397646070e33b2879
SHA1: ba7caa2338dcbaa3882226e3fbcb0dc3a6feb740
SHA256: 47c364ac3d539ac0874e66b3f7cb0c5a87e3c67323156b082575fc926d1ecb13
SSDEEP: 3072:ehlLd0FRfkVuj/t2tyTboYD78Kx/A0zGWAeak+DuhVcJf3T:GIRZ/t0K7nxpAW7cJf3
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://sariherbal.com/poll.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
-\U]}K
5pt'D'
`:I 0r4
qaba~S
l(dp %
d@6[mr
{5;%,+
k1p>s\h
(m1K&3(YhN
RaI%%;
S{F^P\@
xr#OgP
Y4wy`Z
d*oL^E||U
x3{u~f
ZvQ-*j)
X^do<F
G^6;d 
aJF_8dU
hM)PH9
M/4>%S
=(9*K~hl
?5Xwj.
P&Iv	R
$\X>\wwz
`e<lzK
rX4,Cu
;E<F}\
\gr'T@vYZ
=9MOrZ;
 8)MqR
R@mo*fk
 \e0	4^
DyK5($
't.='J
4=M?q&3@U`|
"1l3Q;
kbOw.&
[2V~dFD,
`4FU~E
!W=el!"D
^-6qAQ
6@V4q\
el0{Ga
Kmq3=-
7#lIOG
aSzR	y
yz=B+=
w*{/"5
(Ynr!k
~H[q>bw
TFi*y,P(
^,5YXW
O((m!w
r+S`h+
&hA]D%L
,o!/^X
I[DEm.
ZY2c~vev
"1=F*M
\5s&f%l
p	k5-pN;
Z>}"Fmx:B
GeXkQx
 }!/e)
ENy7F)
B*{7{U
s'M*_0
JgM)]t
J%0{mpn`
e+V.QV
+=g~90l
S:e>+ 
UkWMSV
EACS{5
4SQqr+
o/Y%'.
]*R`2[T
y\ccn/
fGNz2e%[
)y{?\P
hpBG@4
"rub:,u
t|fjaaj
ezQ=23
85117q
DICk;1
vHu6JHE
@4+ZN!M
 GV6c)G6
7U\5\	
)UU^M(
kZ2*.Y
5pfye4]
WRpB/=I/
lk>&8c5
##?>6!8
jN+W $
	\E.}0
Co>T84~(x
7@^AS*
a^)S2R
I2^n]Q
M+t[di
B+m3z2
mgDMgf -
1GRTMNs
_8M&Dl
^$3l$B
42#rU\=6
&-eyC	W
%ClK.R(
_*-lt`J)+
@SBIyc
CVA*/S
Dy`wk}n4
h$	6thH
]XO=~x
'j7;SQ
,Ed#d).
2[S&{&f
Xv$mv{
b.s2fo
\..V*d<
W(b59=is
6;#!/t
pyH)"I
p Yj"q#
9dy8da
7-\Shk
.[0jwd
yvN8|J
qew,gBI
9253==u
[Z;Srk~
{>-\N{;
x(xVO3
3m=L+W
:AeShx
@FjSz}*
R1\wuO:
/-+33;
;Oe(X2
Fh`MaR;
`WNep|
p(#>;)
$vdw}E
*WlNL@
Fn^ za
2ds&:>
8>n6h(>$
  V[rte
U0!'2?
X%/rc	w
rU1	lK
mxj,87
8GbQfs
97#sl$
	;*6,^
|fkG5M
vvvAvL
Bne$aa
B1("Nu
4(WIzQd
bdD=c$
KJ	cr`
oLM5ZU
@pr#3(
f3s7939
{w:'ds
ew-\7g
N9js1G
Qu*XbQa
g Tbk%5
2/;6R;
L-Etea
"JdRf'
owuvzv
pI*]{a
Z52>8z
bm|aEJ
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
${IDAThC
%hqwwwwwww
1"CsC@
7'TD~/F
#k#Ao6
=ab{b@
@es{qD
z%	Xe,Le
o`yddhY7M
X1@G}d
-s3:Q]lXD2
XzFv|=i
Qn5(sw#
Dm7*Ncc'
7Q1@#V$s
n5~w!o/
}I/EwS
xz~[q#
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
System.Text
Encoding
get_Default
GetString
System.IO
MemoryStream
System.IO.Compression
GZipStream
Stream
CompressionMode
NewLateBinding
LateGet
Boolean
LateSetComplex
Operators
ConditionalCompareObjectGreater
LateCall
String
Concat
SubtractObject
Conversions
ToInteger
LateIndexGet
ModObject
ToByte
ChangeType
MultiplyObject
LateIndexSet
STAThreadAttribute
aB.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
GuidAttribute
AssemblyCultureAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
poll.exe
MyTemplate
8.0.0.0
My.WebServices
My.Application
My.Computer
My.User
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
16.4.4.0
$2312f956-c0a4-4b95-8f02-513d7c31ece9
Copyright 
 Top Macther 2015
Top Macther uL
Top Macther Comp.
Top Macther Library.
Top Macther
_CorExeMain
mscoree.dll
UUUUUUUU
UUUUUUUUUUUUUUU
UUUUUUUUUUUUU_U
UUUUUUUUUUUUU_U
UUUUUUUUUUUUU_U_UUUUUUUUUUUUU_U_UUUUUUUUUUUUU_U_UUUUUUUUUUUUU_U_UUUUUUUUU_UUU_U_UUUUUUUUU_UUU_U_UUUUUUUU_U
UU_U_U
UUUUUUU
UU_U_U
UUUUUUU_
UUUUUUUU__UU_UU
UUUUUUUUU
UUUUUUUUU_UU_UU
UUUUUUUUU_
UUUUUUUUUU
UUUUUUUUUU
UUUUUUUUUU
UUUUUUUUUU__
_UUUUUUUUUU_U
_UUUUUUUUUU_U
_UUUUUUUUUUU
_UUUUUUUUUUU
__UUUUUUUUUUU
__UUUUUUUUUUU
UUUUUUUUUUU_
UUUUUUUUUUU_
UUUUUUUUUU_
UUUUUUUUUUU
UUUUUUUUUUU