Sample details: 7994d30913da998e408ca49dd6cb2159 --

Hashes
MD5: 7994d30913da998e408ca49dd6cb2159
SHA1: 10db7dbb868d84bf98d80efd93f6411d34f490c7
SHA256: 7c786eda89bfd28b2450f297b04b0ecba6f5f3c1b89ad1ad5162536725286041
SSDEEP: 3072:XwMYcGukDB1v6TtsLlJ+Yg0+6qD+u+SyI8mSRkR5TUSkYJNpvbBewUwzu0F20Zvb:tOBwiLtz+FD+nIXSR0DDeD/liAdn
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/domain | YRP/IP | YRP/contentis_base64 |
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
m&esuT*
N^0")~
H%..k{
 Vw!=BL
l$~r #
e.o`xwCc
Sb4(D)4hZ
C?+k35H
t]#d(g
QG{sk7X
<='e8UT
/7BSrY3K
\z`~u:
}|a)B]
8\r32*w
o.P0`x
G.o]jzC
P8)4aG
q=)Ge}
F_XfU9K
%Z1'pL
O/$)miRC
h8`dtf
LuhE2g=
M&%F/-K
obou26
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
>.VqaIFp
mr]l3E
H30^]y
W#I<K%
`&1i=$
-"(Qb_B0
Ec'8zv
0'(M3I
>-QFUm
[JJ+_cj
#vN(6kN
@}&T`i
y6UlI,"6
AS%UbP
5hZW!O
9_0:w9
]	Keu{
kA,l9p
yx#1z"
+	o$]C
TPe?, 
U)U~"x
B\<U3g
EuvjY!
J	@abK
_u57Hq
`<2q(|
UV<Ndb
~zlE3R	4
wlg:Yoo
45~S6!
-\%vS$
!*[4@X!E]h8
3aI +^*
_~%J5k3$V_
7,|!:	pU{
xs[xG3
~?Bm`v
?7b?+;
7n{]ep
~uzc:=
^N9\i0$
U-L(\7
(>q8r1
`^!~qm
JsWY~#
Lh\lY@
2 |~O=
pp3+)i
9&J`@Yk
F]{/:L
UqLfgD
^utYuL
"(W.!o^j
dZ"?@V1
Y/wx{7$
YIcAaQ
}im`:k
+&.HpO
8	wq-(
j?#VEo
+5-q6*:
Fs>\JI{
2iY 1;Z
TT5j&v
K\G*Px
f<*CZ?
$ENzZ=k9l
t}7j[Ln
n?qbUS0
r`uy^v
2PS}"D
&3=`ZU
sRXX3H
m}S1cFT
-Tr OE
YK%Dq+A/t2
[ae'#g;
Jf}#=5
xD_>y@
mPku@|
focK[ 
I$7v_c
SvABh1j[
pK`FX+]
Gs(SGFl
	7Sb=Bufz
n6dZ $q`
V:[a 6
QK^^Ma
weSm	rp
j,8?H~
<t5$h#
3\2'U5
x0CmJiwZ
,v0,\b
wPTuwPy~
S'ZV%=
bVN>yy
~?oUR=
yDZ>-	m
Xy}Gv8
xp83M>-
X-3w:~
PItos"
+zH	Vk
ISxRD!
3bwAqwV8
1,C(|L
a_<S<>
\1>v4c
|~*B`o
O] /SP
u0,"U%=_
MT&!k7*
o[;|L%
sz~:BX:r
	:j|GD<!
#qv[3I
MHwD(S'
kyNhUH
WTpB@AU%
(*-$Yc\m
Mho4:[l
4/j*zn3
[v^g!gOr
B7Yi4R
YH0'^d
@'sj`h2K
V$GOH7iJUx?
#&;hIEh~1
`&.;9Z
ys|u+@
YRyVFF
nPTo"I|
H8LlYwJKiX{S
r$z#r|
8<#_O>
oX	yg>
J,R+TY
e]Jrr`
 2POuO
;T^v#=
8	7}!+h
yHc\L}6
>EdsF'f
	nzVQ6
7#pt}7
zhY1:l
qCZ.Yj
|0H_c'
%UU ]c;**
\Nbj,A
y`HcNgc
hmHOS~
	=Ng&=
kqn$LF
":=Rx;
p#i#-i
{r)c3%
SR$+/d9
K"#X\JRk/
^[~MDg
`l'=4#
/vhc$[[Q~
El;X$J8
xjB%[D
8r"*UU 
~(ilLSC
C!@vD<
	1)HO@
:yi~!&
 :>P5I
+d=vl`
iBolfK
;S=H2H~})
]93y$P%
qs]a29;
f?@-S'
jshhEv
-&{,[P
YW*jw3N
AjNR2av.
Cb5s9 P
EC:!8m=
tiplVd
,hEe3=L
8@F0fjXi
J:K!_h
#pBzWE`
X/Ca]#
;`,VvG
hVJz>i(_
NW7Z@R
J]-UUp
H^PYX*
J?U)VSk
b!,)0s
xEmoAR
(!4V=*hU
[O9"P[
HIB#5&
M`?SDz;
:	uC'n
^r=sgo
J hY3]
A7GXJE
vm$({q
`yFQN*
,>R_83}
GIt">R
}Y,R#|
,n2?:'
lp!$mj
2GxeC8y
yi$@Rz
oV]?Vk]Y
z2z	\Bc
A/Qk6	
W A$6j
E{2+6q
NgjN[Ku'
\H%0tp
%FUJ=i
`q9fWO
3q|',@7
^93k>R
V2~]E)
whHO /
4{Rwnq
d.OCrv
~	/,]f
4&"u7=
5M'>w9
`9(?{LY$8
xj[J]l
S>$|}s}
\qobri
{l5<z.
wjvbIq
YqM^N>m>P7
XfWq%|\
-(w&0}
X(djuA}
}Wf9NB
},Ku5M
`:IpIV
q[=<VM
W_VrL#
K^CH-D
YubJY	
;RnNy?
o~01	InT
<;$xP[[
f(&_V]
d\Ch o{
$4(dxS
}h`Iit1 W
O &r]\
u9OAZ-
1;4OH5
>hM0[@N
bvzX`DL
TP*D|<Z
kH"W 8
lI-z/P
xk]t3~
420,7/
gB,'to
{K!S@b
&xM[O~
+|O)iA
HbIIlc7/Rq
.0}Y1b
Q0j'|n
FQ9yPt
P\S>\:wa
J~'lq}
F2tvj#
/2HoCKu6y
[SNV:E"
z+m}j-
}TQgrk6
kw$kuU73v
ENsh,`
$o(rmy
*\W&gknx
c@!I7R
tD+W\Z
vb9F@x
8gtS&:
-Y	I>t
%:8#Z&w9Awo
>2d/I<
SiUDlI'o
py_wOy
!nh%(F
6jr+$H
MF#$~Im
*6&B/8
rzNN)8
<H$c3*a
5ZAT:X
~.]Ns	
>SdH6i
G]6=wZ
v-X!GH
^{I}>d
<k.G4E
I^J.=:d
3QMr.0
&B`?czr
bim{y\>l
}f\v==
O#BakA
c)1wnU;
X6h;SMS
aC!qwM:1
<?WeeU
7H`#<9
/Eo=#D
kr? %`
:8$EwSD!JZ?c
!R+!D8
9k$PZ~q
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.Drawing
Bitmap
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
UInt32
NewLateBinding
LateGet
Operators
SubtractObject
Conversions
ToInteger
ModObject
LateIndexGet
AddObject
AndObject
ToUInteger
ToByte
System.Text
Encoding
get_Default
GetString
String
Concat
get_Width
get_Height
LateBinding
BitConverter
ToInt32
STAThreadAttribute
pMz.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
ats.exe
MyTemplate
8.0.0.0
My.WebServices
My.Application
My.Computer
My.User
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
7.15.9.7
!(c) Countrywide Credit Industries
%Countrywide Credit Industries starter
%Countrywide Credit Industries Company
&Countrywide Credit Industries Launcher
Countrywide Credit Industries
_CorExeMain
mscoree.dll