Sample details: f6c3700fecafc9a337a2d3610ca472c5 --

Hashes
MD5: f6c3700fecafc9a337a2d3610ca472c5
SHA1: 8fa1a70d9df6adf75f43565e90119808e241cd93
SHA256: 039331e339806b0fc74959bb7fcafde3d09a81f239fe66915435175a070a4851
SSDEEP: 3072:u44a3wvS/biyUWa7GYmOa264WXjRJjK2b21f6qy5v+SJqhp/PmKKZ8uDvvQj85:irvS/bih3mB26KcV+SJU9mKUDvvQ4
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://gg.usdipc.com/newlog.exe
http://gg.usdipc.com/newlog.exe
Strings
          	            !This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
\System.Object[], mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089PA
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
>./PFS
^pl}`"
TnXztD
+k#_<:\,
.]nS7-H
loKbt}o
NnFx9v
rX0ol5e
Pw$1RNB
,I*-Cq
*Z{pHGE
4I0Yh_
=6C8#Md
nH]%p^
BNS;tA4*
\>&zNiL
LW[ fQ
f6I,Dv7
</yw;=
]~5H*+
8i'47v
u #8sS
m~7I +k7
~{+"70
SYy>="
\Y`Fk~
M~bIX+
u%#5uS
IDATx^
H/TAFD
X#Ew8F7
B)BUeD
"u|$f>a
];(N<Rm
IY|N#P
eOp}EQT
zr*hbas
@	Rk{O
26~1]*
h?.G.C
]Z(oEA%
`El@vd
:00~50
j8toB*a
3vMe7=
(RRLn,
CLD~k)
RGErsg8
,JwRJD
z?!4386!
M\*dz4X
dP1"`;
,sdq*lUi
Yr`\22
.4)n[i
GtD}4Pt
IO*$os(
d(F?"eq
lbE,pJ:5
PZKR01
hI}\LB
h,*p"KD
,kDWk1u 
D(#}VeqX
CbDR30
8[@LNpe
nv"iKoS3(f
,{$0bp
dK=apNI
G0wfdr
|/;sp'
	lqhjA
aR!s)Uf
m	]&Fs#6Wf
{wKNj(;
PO6:<*K'
(2{+<Y
9IpWKA#
CjFr2|=
ne9~&L
*+qA5-
Neml4=
I/,P{!
5-#i_d8S
>E\3_js
\	Yz=[s
!Dni]A+S&
r!s=VF
YB0DWo
V>CO->
Hs5FJf
,wA"D!
;ZezIA
cjoQ6Y
g.5Yk*
`9'&c[
Fose_v]
q-JrmU
wY4"x;2
:W@E\/P
f =Lu/
*oF"NO
S@%h/a
a`3K>?
gC:W!O
6DkcL@W?
>*fyj, 
 L@Zy)i
$#YoR{`?P
?%H9>#
a[s[Aa6%
=H_!>mU
0\Lu7g:
6N?)N1
2/ Eer
6Tb& >
g1!W|(
wo4[xMT
FX}AY]
^<x"(@[w
LS2Z*fv
DvAqHA
j-r2 <
L{#Oa&
wy4PxA2]%0
"Fi1JN
"LX(M3::
)R5>iO
\rE-Vt
GS.Ceq
Yu9Iu2
%$OK}(
2fP(56
O4.WMw
DA?eRhR
\Gw]t[5
/J*0$sP.
9<Q,qYp
*raYU8
xf^[\x
o\N"v_	
0/D%XC
&jU>`Q
].QKld
k;SFd-
?blB$T
v[Z_!_
	gA22g
PKk|-!kaz
>0,3'F(
0(DP>i	
x^	O;G0
q[Y\&U
dv*w]\
J1My4.`
nqo9@Tu
>~XAyum
9R*V;!
cFeQj0O
3#?W~X
4^1r(.
:$D9=Q
@#O)^5
uw<-@j
6`"@/M
rzEH@!6
thB	aoe
/m~2iMr<B
a7AF>%/"
4^DVo}
C#V,Az-
80sz>Qg9
0Q >f\^#
l&&Yct
7tm{L2(
dg	v_4
V)BMpa^
+N+iR`
ZaJ)j5y
fsaIXn?
ORq,?1
E_Y^-:{
P b){/
"L=qJ0
8wKc2N
!rpc!>
NIf~I	
DA5qUtKv
C0	$P!
;1;,2S
Pc9_0h
e(jbWD
%3/1Qr
rKOjGr
9`i6\!
]kQEGt+
otZ'cS
O""(=A
4&oV>~
[2QVR7
1-&H4!L
I|6Nj3
<9R_y&
n%&{B[
'[E_fg
K7ekW/!-
X?ECI!vE
&@(N3G
Rcra'H
Y,/ehw
2b8"=Fe
(E9Bn'
*NPk;]
Y\u\7t
8P@|M8z
,L>o|VI}
vE%eYe"kJi
.ALN@g
+&v>A~r
El_4op
n+Fw"r
V}&s5Y
3 gzre_]
]]\1\<
SWAA	en
k[SF+d
=n!-`!+
h`+j 5uWC
:i,(	M0
5;1=b<
?lE,"(auy44'
$U@>)8
Om[P`%
~t\5zF
9`:mY`-
#p\-G\
jcLZ4f<
\W/Ft4
lL**yvQ
}&2Rh/MNL
j?,^.b
z[ZN\m
>]u[Ra
nXg14M
NtBW;5
=j6-u@
Cif{|hDg
q}kn[r
{Sd,}>
`2! 0D|:m[^
tM{B+9)81/
CTnz0w
Cj-E(XjP
3N>*zo
sVg:r/
bi7	5$l
|qG2fp
de)!:	
>82Y~Ay
rGsc|4
M-EJ;Y
d3w;((
q^Eqoy
9o.]wo
Ndk;$q
n`iy[9F
U32_tlr
Y &`7(
dKHI;r
oZ2U8.
X`S,i+
0mlQRIb
+AqUko
1iC"v\
?NYv;L
}D3XnI
uZ/-YM
ls$`n;
bFW%U;
uil[.o
Z'r	aPg6
,sr>:g
&"aK{Z
$f1tBB
/*#dF	
mT_<DN"
}I*)-O7
r5=sqA
IHoAbq,2%
s~\'`5
jYW]s@S
719Mk	
A!M '2p,
j9B~V+
Iv6hJ&
[n!pB"(
boqvDS
79s~kH
YJoBy0R
*=DtRO
&I1	|n
iP;WJr
{%6wDS
&>.oz7
pD=7,*
Qz=9[H
hOCe*i
/T<R*aTJ
2]24uI
_7pQ']
_(@f"Z
s.0GFE7
	Neq[u
x<SJ3B
-RNd=me
rx@~%X
3FHEIiNW
yr|E{lI
k!p_kqO
d)jVR-xwF
iqPR?2b
.~KkR<
7<+3&pi
?>D+:$S-
q[-Z:QS
_P:dbY
+Z)+;;CE
8?d4	2G
8J/Vx}
AFy7qz=
^m+iJm"
5:! 2k
$]6&lB
/v!<xe
s]viz?
;vxlYXn
pT+31h
Y0$j*NP
VRhJ?_
S]<5	\.
`qoYIf	
?HQd8A
9q&W@aq
3N36DF
 [GXmY
;u36p76
t	%~2"
o(<ZV*
0^~bz.
`FG|fm
8yn5b6h
Lh+1"h
zMGQ{hcA
"\Vk"=j
>+661(
bn~LE2
O3P/$c
J-1eWSh
L.[%\~
&57!]$
7p4eI{t
*-t#l[
~2BQ&cb'qz
 HD>iC
%f&GLE(c
i}p(ZL
v,tm>@
	F]O~1
#(Pr%Y
^dOo9X1
X5Yo/=
NxNMkd
ZH{g5O
n14G	qA
2y5MX<
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
NewLateBinding
LateGet
Operators
SubtractObject
Conversions
ToInteger
LateIndexGet
AddObject
ModObject
ToByte
System.Text
Encoding
get_Default
GetString
String
Concat
ConditionalCompareObjectNotEqual
ConcatenateObject
STAThreadAttribute
c.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
newlog
newlog.exe
MyTemplate
8.0.0.0
My.Application
My.WebServices
My.Computer
My.User
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
2.5.7.3
(c) 2015 Coca-Cola Enterprises
Coca-Cola Enterprises Dc Noobb
Coca-Cola Enterprises
Coca-Cola Enterprises Noobb
_CorExeMain
mscoree.dll