Sample details: 55ca18e03909bbe7b8a7d73cb1f64615 --

Hashes
MD5: 55ca18e03909bbe7b8a7d73cb1f64615
SHA1: 900cafdc20891b82dfa43a59e29f93e8d0c9490e
SHA256: 8ed56a355f6054f9724970c4b78fce3d1057ece9a0ee8e9f7c5d9ef461c18e5b
SSDEEP: 3072:9InftVrph30AfIIN2hviJukgZXzpVEg03gooAuxArvxCb0J71nt:9+L16MuNJpug03lQAh
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://mlhuillier1.cf/Productlist.exe
http://mlhuillier1.cf/Productlist.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
^BY(f)K
bR$<C|
$grj8o
%i>.(Y
a_ -.J
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
{(mZl*
H/m>J 
zX'7Ly
t`i[IA
#J;Z+#<
RUG0-T@
gf.tJ$
f^oNFo**
%<	,kB
'*tq,I
Y8*e+lj
D^Re%/
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
NkK[9U
G\z~(R
!o,X%~*O
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
7	`&h&
;nXQ$"
Ga")P"
r8QQ~M{
@R3<Gb#
<+z"c[
C+B6+P
z8wMn^
jO6)lg$
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
811NLO7
s1jElO
%XjErr
\B\bQ7
eFf<D=
tH2!8y
,T#)K5
W7{_	G
t8^M9I
8*%jO<
F9f-D4
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
kIDAThC
_"?M`	o
B[p5;rC
u9&[9C
+-IKZ+
x(|ik(J;
*S+%V|
iEs'N$
1<qn'@
e@]ezxy	
NvWg2-
M'Gm$f
\:Cj9M
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
,\l_<S
H/m2vd
,/NRM:
&}(=n8Yb
|qjXv3
-j2CT%
^T#blh
po8GKs0u
-aDTuAp
A\EL&6,
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
jH56Z:?
J8024=
T+}M;Q_3!
(&Ddo}
)&cH`E
6?Mx<j	2
yK{vC8
LxEN-!
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
iIDAThC
:$Gu[L
mx#	]{
~M&&a("
P?zKW|
o#Wu5rko
T{6Q)l
7l\YdgS
'o9^pv
#TQ}0y
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
/Yz	kR
~}ycta
/B{_skTx
MN28"Ep9
{ZsLw6F
x2]!!i-
u{MI/z
(p<IbZ
;"PI'`x
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
sIDAThC
v5<ee{
N.&L3lj
k9u_fH
XqL ys
yEVnK?
pB/N;u
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
tw:Fww
(7w_P ?t<
V%f%=5
@|1%lU
@uyNUrLXL4
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
%<2#[!_D
l^^  1
O>/(&F}
PnU*PK
1UvukU
m;L]^7
!S.ccZ
/^28wy
e&?Y)><
*S$g>G<i
3lo{DV
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
rtLXnC
Gk>S9{
cY)6`fz
6Vh3|%c
(CH)0m>
T]8jb+.
wu,sly
)COg8*
Z[p;2s
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
Za&n]`
t=e)6}{
,(}pXd8
o0-F?.
x+\r"m
l_rXI/
?*<I[{
DDG0Fb4
=1i]VMN
\jwZzqa
RskN(c
qj_*Dq
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
k\7Kp`rF
[<_ Ij
$\r?9A
J5bRar
}wb_D?
)jKX#W
=gE14n6x
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
X6/029+
eQQ(i`
68i@k5Ep
 q=RM3^
M'aqq\&x 
^G&e./
J=%EC 
b`D<&j
zN"/n(
IB/#r6
/|maES_
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
uIDAThC
g"[6q'
c"z8Y+
j.y^O&
3O	XSq7
zHezm#e
/*}NT3
zsQQR3
#uV/ZG
^L04hsG
C)M^(	I
U~tKZ4
X8@@q6
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
qIDAThC
'dCyLK
fO3>U3#dp
1Y'1z5P
YEdmBi*
`5KW}|
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
a<e#V\
6=O#,<
(yTn6I
<0e<.?}
nn8a -"
b>6#P3
Iv+<va
&Cw O8
>/^).w<k
i,>!	e
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
jIDAThC
=|KG1P[2
LpR:)=
\!H&r<
24i|HC
j'FZVW*y9
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
iR}'Md
yW%gZz
^Z&E9f
+j8H-h
^7:Y)B
e~,d;l
vVu,1*Nr.
j,_1cL
IbJh~\
gx%Ar@
+$q}/~
e\r>=*l
Nwv_#@
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDAThC
udXrNw
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
/Z,J\iP
/Jb'>e
DlCO/mFB
4!M6l6
\PyH9X?
	Q<I[J5
d$n\EY2|
44y3l6:7"
2{}O>o
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
P1pZ{Nd\MG
M}4@bK
!K`:ci4
^:OjC5
[1rxk:
wsK<:^
e)/eSa
KhH-Mu
PtWquH
$d:G+Y
`1	Vde
V[:DDF
j%5Bz{b
why[/M
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDAThC
*,PNh5
b\5%A	
FCA&Ys
#yQS'F0
Vzr@W`
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
lIDAThC
B}sq[e4
CGIbvDW
hgKx!FaL
%)Cq#x
tFYH/^
=o;Jl[
ahr.vBl
cl]c)1	
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nIDAThC
F@R:E%
TR@.P_
$ )qr0>
Rit*zm
=7	UWsd
	P=TC<D[i
&.@(]L
.1/@(J
iT8P%Q
4+w<j7,
/XOs1H
(Hb~U1}+
B[2Xu}Db
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
mIDAThC
-]")]2
OW Cc{+~9
xAMcT!
8C 4s(
xVe9,$/
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
pIDAThC
>5mzLNw
<8DO2E#
E|)1C"
sjVOxcN
nb3ES2
IFh+x;?
Q!~Fo`P
 6 Q$`n
hEl//^+V
Lq"4pto6M
tm<2F`RE)
8;+t+e
4pto6M
Lq"4pto6M
tm<2F`RE)
Lq"4pto6M
tm<2F`RE)
Lq"4pto6M
bg02I{p
tm<2F`RE)
tm<2F^
|ZrXlJ
^x.,^9
@5FE+s
Lq"4pto6M
tm<2F`RE)
9)~ZWk
_am?	=
L-ANJ3^
vxc4 G
Hui9*{
,vy*x,
_ai?	=
LLA:JZ^
2d#K!?
oUGfz%Sjs
HTi"*h
= isRx97~AWV
m(L"),?|
i Rk9S~
pf	SdU
,vy.h,
_am=	=
QT]&RBL
"9YK*3
 lTPAz
lMB2NZ_
LLA:JZ^
%(HVl]
9v~sW%
Lq"4pto6M
tm<2F`RE!
Lq"4pto6M
tm<2F`RE)
tm<2F`RE)
gwPjU5
3@nM->g
Bs:U`zBOov
 N<A(J
+	_pqIr
@AJhZ-w
lU+h]ksH
ck^`wW
Kx.%qF
q-%)t'
$hFcUb
7"U83$
YJtvTW
AY/9p,
+"zcLR
HEB_Xh
pd8<Od
.?q	Ha
LN~A{xG@
aXU]ml
UQ*,Io
[%:w!iX
m:59[H_
yv~]OvIp
{dI.wp
Bc~lWHTB
hf[Lr{
LHs.Mj
985U$)^
`wSJ{l
"9,_8;<
AgR>(:
FoIKlj
#*)zlW
K"d13LO
LLAzJZ
>FsUG 
_pA)	=
LLKHiZ^
J#n:JP
Dd0}vJ
:N$	]N
<dh:J\v
?cg!7#
)^g,^z~
j]TP@i
6qi9.[
\V_ac,
}xs.6?N
\(Ma5=
Hui"*{
x*cai9
y{qr:/u
LLPI'Z^
qc/fDU
jJ.pJZT
LP:JZ^
TSJuiV
#jA:LYO
9rVLW%
gFh?	>
-cBgnY
HAJbs^
Hti8*{
	 %Om.-"
(|k.$%|
t,Pbi8*z
.(Mk$,
oUPpz\{
|r`8`V
) _ai?
[:NXtu
	nWV\xWS
f9nA^U
;DF4]N
Hui9*z
_ah?	=
LLA;JZ^
sg{BDU
|}TP@zxA
L_V:JX^
v2.0.50727
#Strings
matemdeea.exe
matemdeea
mscorlib
System.Windows.Forms
System.Drawing
System
System.Core
aed0e8ba-e9f9-9e.Resources.resources
<Module>
RuntimeHelpers
System.Runtime.CompilerServices
InitializeArray
RuntimeFieldHandle
.cctor
Object
MethodBase
System.Reflection
Invoke
Rectangle
get_Size
TabControl
set_Alignment
TabAlignment
ICloneable
String
StringBuilder
System.Text
Append
ToString
ValueType
_Assembly
System.Runtime.InteropServices
get_Assembly
Assembly
Control
set_BackColor
MethodInfo
IEquatable`1
get_Text
Enumerable
System.Linq
Concat
IEnumerable`1
System.Collections.Generic
ToArray
IComparable`1
get_FullName
System.Collections
get_TabPages
TabPageCollection
GetTypeFromHandle
RuntimeTypeHandle
ArgumentNullException
PaintEventArgs
get_Graphics
Graphics
TextRenderer
MeasureText
IDeviceContext
TextFormatFlags
set_SizeMode
TabSizeMode
Contains
ResolveEventHandler
AppDomain
add_AssemblyResolve
ResolveEventArgs
Incarcator
matemdeea.Initializare
MarshalByRefObject
get_EntryPoint
IEvidenceFactory
System.Security
ControlEventArgs
get_Control
InvalidOperationException
CreateInstanceAndUnwrap
Exception
get_Message
Console
WriteLine
get_Width
ButtonBase
matemdeea.ControlFolder
Cdsfssrd
LabelEditEventArgs
_AppDomain
get_CurrentDomain
get_White
set_ItemSize
LayoutSettings
get_ClientRectangle
MintSeparator
SetStyle
ControlStyles
OnPaint
EventArgs
get_ShowKeyboardCues
set_Width
get_FontHeight
SetBoundsCore
BoundsSpecified
height
specified
get_Font
SeparatorPaintEventArgs
get_TextBounds
get_TextFormatFlags
graphics
textFormatFlags
textBounds
GetTabRect
get_SelectedIndex
TextBounds
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
TopTabControl
BaseRect
OverRect
ItemWidth
get_Hovering
get_OverIndex
get_Height
Invalidate
set_OverIndex
OnCreateControl
OnControlAdded
set_Font
get_Count
MouseEventArgs
OnMouseMove
OnMouseLeave
RightToLeft
get_RightToLeft
get_Location
Hovering
OverIndex
<PrivateImplementationDetails>
30663199D3AB07B78A8162ACDF2B72649EA79565
56D155C606EA313AFF1DBAFC75907739C475F299
5F4CD488B6C62923B122E22D4E77F8AF79D83C1D
A01728AC7CB240F8E599AA569A1D4BD25D7B0F01
A74AA0950AD5B451848A01CAD02092776D92775A
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyFileVersionAttribute
GuidAttribute
ComVisibleAttribute
SuppressIldasmAttribute
RuntimeCompatibilityAttribute
CompilationRelaxationsAttribute
AssemblyCompanyAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
Copyright 
  2018
	matemdeea
1.0.0.0
$401b8014-c24f-4aae-8859-43c834f7ccd9
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD