Sample details: 207b78b947340ed9bd5028f2e5e7fe6b --

Hashes
MD5: 207b78b947340ed9bd5028f2e5e7fe6b
SHA1: 8e573797a767c677c643d99abba26a44b02e50f5
SHA256: d288493aabb94311f5150401710256daad38f240e12d712097ab5df21a268964
SSDEEP: 6144:7z/7AsU8/0Rsijnh6H35wp8itjz8mfMBKYVJhpBjfDtmmRF5Vqb:UVOynmOp8itjz8mfMBKYd0b
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://prosciuttiamo.it/ice/chis.exe
http://prosciuttiamo.it/ice/chis.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
 IC%,(K
 DC%,(K
 AC%,(K
 CC%,a
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPADg
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
	=V1'O
{"Ki.<
>^CT<Gp
3Mc=}[
C1F=S`{
#a9Zw	
V6[=/D
^#||sp
C?SE5J
,;$\GU
%3E_dP
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
zj	-LNG
FU[Xsu
WF->Dr
fMMw.~
;2jq|$
^Lu |LgH
XbpZV|
DD,D-?,
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
2#@PGS
\Xk(8W
2lWyN=
<Pays~I
iC@InU%
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
~IDAThC
=BZ;:q
P|:~C`
b$7"0r
n!H#WnH
7ie}rT
D7cJM&
>	JA{K
q?Qn@4
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
a'q~D4
J+D$}p
T_",9&
GH"<JU
/m,a2.
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
!))%!9
W`pq@[
U*[lo6
or}_rj,
9kIi3L
3f1n)O:==
kXQw$w
hgjI0u,
sR<+En
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
Mf2,X1
Gso|7=
bIn15uN
I_ Y8]
mjIDvw
E2n7	\
"k^TxF
p1)RaP
L/fMC@
V %^2>
%.pT^6
RJ2x'l
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
RKmsHc
G.=~WL
}1RT.`
1I7Y1M
(E%a]K
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
w.e930-
 2x}nd
 EC?#Iw
} ifds
MRU{E_n_K
hA'O&\%
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
|IDAThC
;^,-1u
C?ezX"DcW
^v>}3y
H!q)6,
VCTU9P2
hEL	/ ot$w
[9>-{ad
!f+F0y
h/{eCk9
bj6PfW
;#'IS>
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
xaiQ#k
po+5R/p[
zwDRR}
"'H,:{I
k$bf$lg
<Kw'h4
 fo!jBT
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
4S8/U<1
OBQrn6
;An~&	
dcQU	XFr
-tft2`
M8nQ33
!ldTm[
1YfE:{
$Fs]Ol
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
)%zW/5B
aBy~&Z
7l5V5C[
%E`xNm
Q~YI1I<
cM}DK|
BFu4f4
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
6vP3!|M
1W  ?,(G
&!y+)w
?PFO+L3
8TyGgE
Ag8<zN\6
WkBpt]
k0ysz)
mqw_+p1
3}Lak\
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
81u85g
O2AW_@
	R2pKa
_\6[}>
1"X]*r
	6F%|i
h0`C<q
}A.miZ
7tsm>y
bsiw5JC
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
\o8U{r
mWL&V|
Z?wo3(w
NA_ h%
@0W60n]
(&xMbnIh
eSOw9>
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
WI!A,wn
Lq*@8T
Fcz(FS
rM8\5*L
?ssdyh
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
~IDAThC
uDS?F}
{}k 	=)
BPj7ey8
%LOXSPbhrn
xWtJ^w
Xt'r)C
3VZWMEU
MQ)MLd
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
{IDAThC
sU8IoO7
"Gc+YP0
CRglh-
B?dxzT
lGTQjC
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
g X|'*
-jFYG$
~!E$nK
Jo.}2VwF
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
Kk}BB+^
A6R)q?
9	Si}D
w\}D_`G
5!y:[ZwtEJr
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
L>XH&T
7SkQ8H"^v?I
l'cm@G
Ck]Y<K
f	4Gy>/kvbD	
Hic%9U]
lkV{jE
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
ltKwHI
W|v(7"
DcV*)H
N]~F`p
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
WWi<up
$8!XxGn
D5hnAAz
l$E/<\}(8c
_6gcj'
BeDd++
nsuxuH
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
~IDAThC
$1_G@$
dtvs12U
]AFYR<3
| /yQ$vn
hL^zpo~
`b(xvj
Nb(	znt
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
~IDAThC
u8XS"=
mMOPc`
QM8YKQ
'ni"Sv
ht9*hR
ACjR@h
+EcPO&Ks
Drc&4,
TG=@cMU
D@W0q$
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
YiFTQ~
4S,&'>
 U{K&}FaZ
HkPp	si
&e;uKJ
49zm7Qz
\*;rY 7y^
@9\tU;~
>*b7I9<
fal4Zmw
rH`Th)
$~}'\#
oGlh[Z
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
{IDAThC
u!J]p{
Q/!%wg
8Ef^`'
QRkeu<
M]0V!s
5,G)+@
4*~qg~
w/p/p/p/p/p/p/p/p/p/p/p/p/p/p/p/
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
zIDAThC
L{ wy%g=
Zn`mVv
sv&f]T
*R`b:@I
#UHS*I
p	O;(Z
&uCeq^
`DTY(y
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
{IDAThC
#XmC^|
Iq9CcP.O]W
*!BDfo
za_HX,<O
x<aaHH
r6l):E
1O3dLF
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
$J]b-}
t6>a*z
~/SbXu
3}*=jSE)
[?a8!GI
	JKhud
Zw|eYk
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
K$%F)$
ob-3/!
ZA S-N
fhAKM[
c!dULz!
l-D-~v
6bf<s^
Zp*hRXX
6@CDwCO"
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
~IDAThC
 F Pb%e
wL;=n[
-sb"bd
Sn}P<]
<_">:b
mm2_@.
[w{0{;@
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
:GW\9q|
k *,Dy	
&&[#NT
O"BBSl
D;yoH!
foiGCq3	n
K;kF9$;
&^hsUQc
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
{IDAThC
[d5`JKfv
fY`iY6.Y
0~J6'4=;
Lud*CN
W=EkqU
%UG>(s
kk|_-'
e0FG9)
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
|IDAThC
J/^}q7
k,UI.gaI
I]mq")	
dskJ,+
X|#)?&
``j#s+
X1{G.s
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
zIDAThC
+?4V^Q
$_<}rM
d9}O)&
Y*r^Ob
.4*alW%I
Nn8MR>6h<
+%<R\b?	|/
,d?-$Y
~7V|aUU
u*-@.e[ZG*
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
q#! !0
!H[v;1
!8/!C])
Q8_2y%
agRz&jya<
W~ZWjy
K-<|PRI
3=sJzW
F3u2q0
X%ST[Oqp
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
Xhmf@&
qX=FfX
t|~MP?
C|b%gn
al*U!j-
~-{%=bC	
oA%:0{
SG|6Kp2?
&I#\gS
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
zIDAThC
4=Q8~z
[5.~o7\
h9KCPQ]
3~UfF^
Qp.^O,
8KpSb+{
U&1{Kuj
nG}P9{
dD_{ra
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThCc``
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
3'WedC
c{iw2N
+#6}!<
%B}5['<
NsM@I=
3;n8{sV
6)t[-2Nc
S4~v'	
H[v};t
PaSiP7n
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
|IDAThC
_$}1ZZ'
+avC'pH{
{Yy/If&
_G"|dB
-DTgvr
Ab^UsJr_
-,vJYo
LVz^H$
D`dDKV
`QM[y yd
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
}IDAThC
g*E7xS
^F7"k/
,)UT]%
l*vgfafu
f+>8'Pjww!
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
7/yb\S
-@N@LH
H?WEG-
V@c2bmy84Y
lq0fU{
)P)Ubb
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
~IDAThC
Zjc2$k>m
;dkXI~7?
x&` Vb7
,Ym+YH
SNy >c
Y59I4y^+
	z:.{}
|!QV$Gj
@Ii#le
X0wSG 
5PhNS*&
q@1/TD
9H04S 3
<9]* 5u
}TR"T`3v
YZk6$)
HE+;DZ`o
uxvc0'(
LHR56 
!-RbO*YA
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
98-<T[
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
%HP4o#z
<)]i"<<f
jpG1pI
DHG47 
qW-.K1
b}mSYd
>9'o)f;
#$.QUTz
Zjb6nDb	
17#e11Q
.=6QE g
)HvHWFg
+o$_AW9
H*dDOp
%+	`ua^
 ):UBI|
485g,.Vp
12QpR|
"/'qNTv
11@SM=
??%qT(]
'&AZEP
JSK})c
@VQY;a
`4S-Qr
g/z Si@
e<E"h{q
}VW(GQ3p
zP>*Ta:
]&31*.
vHB2'/?
LBjd6 
LHB4( 
7c"-"J
z}EDLHH[
 :}Vi2
#nB40^
Q80.K^
d}B40&
S0j3t'
cPD4x8<
{e"p]u
N\`Pc4
JHB+:?
5XB4/ #
[HC4> 
qZ16B0
NB@5u 
E"5k w
[/0F	}
NHB46 
LHB44 
SioVc 
LHC46 
qu".K3
MHi 6 
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
Fin2d7h
Fin2d7h
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
Fin2d7h
MF*fQ`
MF*fQ`
MF*fQ`
LHB46 
>H,4W 
bHr46 
LHB46 
LHB46 
v2.0.50727
#Strings
matemdeea.exe
matemdeea
mscorlib
System.Windows.Forms
System.Drawing
System
System.Core
51b08224-5621-b0.Resources.resources
<Module>
RuntimeHelpers
System.Runtime.CompilerServices
InitializeArray
RuntimeFieldHandle
.cctor
Object
Rectangle
Control
get_ClientRectangle
TabControl
set_SizeMode
TabSizeMode
get_SelectedIndex
MethodInfo
System.Reflection
MethodBase
Invoke
Enumerable
System.Linq
Concat
IEnumerable`1
System.Collections.Generic
ToArray
Contains
MarshalByRefObject
PaintEventArgs
get_Graphics
Graphics
AppDomain
Assembly
TextFormatFlags
GetTypeFromHandle
RuntimeTypeHandle
ArgumentNullException
set_ItemSize
get_Text
String
get_FullName
ResolveEventHandler
add_AssemblyResolve
ResolveEventArgs
IEquatable`1
Incarcator
matemdeea.Initializare
get_EntryPoint
InvalidOperationException
CreateInstanceAndUnwrap
Exception
get_Message
Console
WriteLine
GetTabRect
MouseEventArgs
get_Location
ButtonBase
matemdeea.ControlFolder
Cdsfssrd
LabelEditEventArgs
RightToLeft
get_RightToLeft
LayoutSettings
get_CurrentDomain
MintSeparator
SetStyle
ControlStyles
OnPaint
EventArgs
get_ShowKeyboardCues
IDeviceContext
set_Width
get_Width
get_FontHeight
SetBoundsCore
BoundsSpecified
height
specified
IDisposable
get_Font
get_Size
SeparatorPaintEventArgs
get_TextBounds
get_TextFormatFlags
graphics
textFormatFlags
textBounds
get_White
System.Collections
get_TabPages
TabPageCollection
TextRenderer
MeasureText
TextBounds
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
TopTabControl
BaseRect
OverRect
ItemWidth
get_Hovering
get_OverIndex
get_Height
Invalidate
set_OverIndex
OnCreateControl
OnControlAdded
ControlEventArgs
set_Font
get_Count
OnMouseMove
OnMouseLeave
StringBuilder
System.Text
Append
ToString
IWin32Window
get_Control
set_BackColor
get_Assembly
Hovering
OverIndex
ValueType
<PrivateImplementationDetails>
0E0FA1A62DEEBB1E981471F7A1F5C112CB0A9C65
4C328BECF729897AC2F385EEC7A4AC09D7AF383F
6DF71263AFFB3296BA91B14181DAF02693B8F22E
6EFAC0EE8C248566D5441213E5936E72128EE1FF
AA116D4CEEC324F997842E90883AC815F1858929
set_Alignment
TabAlignment
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyFileVersionAttribute
GuidAttribute
System.Runtime.InteropServices
ComVisibleAttribute
SuppressIldasmAttribute
RuntimeCompatibilityAttribute
CompilationRelaxationsAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
Copyright 
  2018
	matemdeea
1.0.0.0
$2dfb58ad-c6e2-4bc0-b679-9bf97373aa5f
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING