Sample details: fde79ee568dd980e6bfb03db14be6832 --

Hashes
MD5: fde79ee568dd980e6bfb03db14be6832
SHA1: d18251803ece8bfd70ebff069ff775a63923fe35
SHA256: 8411e5abf2a8dc3122c3ac531c174f983664804a46ce11c8d62d72b5493c998d
SSDEEP: 3072:vEbF8HCEVrfPYx6H373QR2b26BIKVf6YgVAvDCLRzPfcnoa9Lv21HL2bw/ZBeFZ+:v+eC0oYrs2bfIivx4d0NbRoT
Details
File Type: PE32
Yara Hits
YRP/contentis_base64 | YRP/domain | YRP/IP | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/NETexecutableMicrosoft | YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable |
Source
http://jooyoptical.com/wp/dl/invoice.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
uyIW<`
d#K#-j
a !-dW
2EKn$Wx
ziPz<0(
3q g/T,
9`71qA
j"HLgs
,ZZXp l
<Y,`vf,}|
=GpVi:
v;VE`Q1_*
jdAPI-e
#lb,B.
=hDRr&
esjpk<
|Gjk*Y
s jZ<Oe
0l{cb\
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
v#cW06h
r{)}lg
E3hGVZF
8)Yz?$X
A*:P7@
6)Q<	lG
ma)rn;
xuPCK3
c}s;!#v
v:5v7v
~M@Is:
%*1=.}
Aa8(lZ'
}	qspX
K'4s~z
s=a3{%
#?}G\?}h
l=;4~'
FRpVDg
* !>XJ
H*Ku- G
 _W33C
kLE]XR
ZyiUcJ
ku(1hE1
P3bl/e
"uoe;"l
&vbcJz
Kh-]9f-]L
ahZR^<
x1Z9dq,
<.U`x#
sik	Coc0F
rMh/u^
lgsW9Z
D-{ClM<
T "}Vi
nt	!zl
=N~Oq&
PM:;Iz
e;1<8e
Kn;F<1
B%KlGb
QPh45 
a08:8q
"n1wI_
!KRe?1,|Hz
pXV![v@
=N{)H]
{II=HO
ns1?c@T
d7M0|:
.S gV 
+OTs	{
;+7cVz
D<Q;]a
3NG#G}
'f]	8'
DccB	t
	 aal9+
)R">JJ
`gAF(Q2B
Hd=gOc`k)`
9rnL#;N
|!ZdWR
7+C[q]
N#\x*5}
;o*1wp
hMQ*Dr
*'q4g(
 N9Xwx!
.(Vi]a
(iZ0uK
'[%p\I
9PLZU.
Gyp|[U
]z^yX`sG'
lVj{7wC
#AJ|0N
+rnm7-,&fm
]s!b!Q
wAw<	T
mB7@yW#
+m-kn?
F_g%Fi
~^l'Ny
.*DcJ:YQ
"VTV*>)]
_0mAE}Q
.Z4gAI
M.^0uAq
,Z8mZqQvH
-.),,,*]P
J))]<iai
Wk<%Ruy
z|x\WQ
G*+.A9~
l?Pf-+
fU#gIuum
bgZ\_V
z	+*Z$
KJPmun
]9_ZY_
.N?JSk
UACpcG
k(}(mn
WJLY}<
<8+-~p
]&L[w8
mwrbl,?
H1?pZm*
OK`{q?
2_:_SR0
<+3qdFY0
oN._+b
l(od%h? 
>sQ[H;
xX5on8/kL
%om<p)$
{D.3b5
L+2fqF
cs<pkiz}:v
?uM^=9
jvlvLW>
''~r"q
]SH;0)[
d#)_$S
t>{n=^w
*I:ffQ2
s|ky{=
v7. shGn|
6ttwjd
7'):zn
LRn6}W
a)*2@Z
Jqv98AKz1.m
A) ;4?
&my/;}
RNybqO-
'.UJzB
ra=fbk
uu+8[n
<u0_3P
fxgBo*
oF:&u1\
rEDc,;%
4JNOiH
8"pTM8
iGZ]"W
.o:^Mx
0<X@ONoDV
s-ttD	
lxro;J6
[RJ(_6
dM_^6n
HSU|f9m
"DCqO!'
|t=g#l:
6j	Ng[m
6r1[H*POV
<}v~qndx
;qewO8
bkN$r~uyyh
*&~ve~U/C
hU+kH=aE+
{tgTcWP
<iXPYm
U=xxXOH
C?[zfLW
fRWd8SG
FTgPuG
PdV$4o32
f#Sc{A;
Jw",w8
JV9cfoRSc
|(W>Cz
&,`H8P
]=fq)2N
7ihvi`
,NY00@
@ lV 	`
M'V	#!
4#>gH-
4ICpCb
D6aE#u"
#Pm;7=
iy|z_Z&j
|DWV44
>`Pd1bV
8$I)I@
=nY$M0
nC0!3>
:(|qux[t
wcGsl^
PR}FF&u
B?8CZZP
.W8%]0
@;`/9\
D	qLE ;f	3
DgAZ`Tp
6& b,~
<cd0<{J
?P%0J0
-(s@9y<-
V\;dh*W?
muoVwn
{%w26f7
Ok.zo<-
5}f'YRO]
FUBH3D_
lNNHxchJw
pE~ASC
JMija`93.\
GVRy~1
>qLeC~I4
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
System.Text
Encoding
get_Default
GetString
NewLateBinding
LateGet
String
Concat
Operators
SubtractObject
Conversions
ToInteger
LateIndexGet
ToByte
Resize
XorObject
ModObject
System.Drawing
MultiplyObject
LateBinding
LateIndexSet
STAThreadAttribute
V.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
GuidAttribute
AssemblyCultureAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
invoice
invoice.exe
MyTemplate
8.0.0.0
My.WebServices
My.Application
My.Computer
My.User
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
	4.18.10.9
$14a233e3-0438-4190-bdeb-bc53defddcac
Copyright 
 Microsoft 2011
	Microsoft
	OpT comp.
_CorExeMain
mscoree.dll
:::::::
BB$::::::::::
M:::::uQ
Qb:::::::::::::
M::::::S<
h::::::::::::::
:::::::#,
S:::::::::::::
:::::\t
0\hu:::
    0::::
3___a`:::::
:::::::::::
:::::::::
:::::::
:::::X
JJJJJJJJJJJ
JJJJJJJJJJJJJn
JJJJJJJJJJJJJ/
JJJJJJJJJJJJJ
;JJJJJJJJJJJJJ~D~+JJJJ
;{{{{{{{{{{{{{
{{{{OJ
;???????????????????
JJJJJJJJJJJ
zzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
^^^^^^^^z^^^^zzz
^^z^^^^^^^^^^
zjjjjjjjj
jjjjjjjjjjz
jpppppppp
pppppppj
pNNNNNNNN
NNNNNNNp(
""""""""""""""""""""""""""""""
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[
iiiiiiiO
CZZZZZZZZZZZZZZZZZZZZ
:@@<ee
@@@@@@
t5@@@@@@@@@
	mmmm@=RR
o)Q@)L
mmmmmm(
RRO,lC@ 
Gmmmmmm
zm=H%""(Y
TDmm@@@@@@u
mmmmm@@@S
mmmmm@@S
mmmmm&
88888888Z
88888888
qPPPPPPPP0M
++++++++4>+r888
j[[[[[[[[
][[[[[[[[[[j8Jnr
2JPpW*
^^lllll[J|
1~~~~~~~~~~-c+
5AAAAAAAA
GGGGGGG
G0G&TTT1??
 )&TTTR????*'
>>>>>>>>>>
22222222E
GG	TTTT+:
LG	TTTTT