Sample details: bb7ae1e15988ed7f218e76442c09edb5 --

Hashes
MD5: bb7ae1e15988ed7f218e76442c09edb5
SHA1: 811d9d6f29dd8c113402995a95b8d9f85950f390
SHA256: 8cce5d07c502e0c0fd8c40c63b05da57e4b12f158759b7303a02a9ab419547fa
SSDEEP: 6144:/eUvlNFb4e4Ikk9DKHYL6GQpRJWRMKYdRa/JOS:jlTl4InL8Jxxax
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://bracketsofficial.com/investequity/MRK779245.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
\System.Object[], mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089PA
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
nK;4clA
UbVmmY]e
J8VyD!
rHmW#%
gB66^Z
VJ'J~JWy)
rA'x`:1D>
2Lj`7@hV
Hd[0;a
`|a~@x
jm/pWT9
;>O=L/
Y	3Rlh
e[%0|[lO[
6[3zD_
c>6;~4
O5a.%6Zp
b%6]eB
k1e|`9
+8bIl/
Rzk2u&[
x;p&&	
;gxzp?
db!lha
olh;){
dqm@vr
R^D>F<7
cA	ab>
h$6P8:
!`$Ut:
~9]mVw
-B04#<	
`0Yx%)Q
(3EE9'
*5-&de
_H!LQ_
4s"-8;(f
&WD~lU
_[|e=V
O0!L]X
D?\,X,
1GfEpO
&1%T{9
OAi#:K!
%k,`Q)
Apbzty
y,`qmLv
IDATx^
w?\C%iY9
c;4Lh0l-0+\
(-i6'&+
W	?A`SI
AE2yQc
=f+cV@
d-R8"p
gc&>~<
qq*Fk`
Vu5e3!
$9*IqM
/lb-!k
hCIW]`
K5x[{.y
DfH}NF~
Iz(d-T
N8M_l-
s=!Dq?
K,c<v|W
p{x{,t
P9"gxK%
%L$*]I
#)(MA	
 (|}(Q
~Q#;zc 
MrMC+J/
=`uZwh
:"37B}
TiZh@\
B~+2Vc
-#UDM9
Z?YiI@
<{8TVH,
Wz8dGm
16Hy:n_
-QypOscd
%gj\d1
([BC;I_a%
Lbv]hg
S?^bq6
942&	a
k	cxT(
M-+`@"3
X!d-A~,
og-Fd"
gXK#\_
#7l3`Q
e.V`%8
dF.t9c+
0X	1"lsT
U`khh:
kZ'VY7F_
 G1bLI
^>m}{U
~9*cdz,B
:uiz]~
h}b9%}-G
OA;?XDv
CA<|=7c
h#I#?9
LBl<SO\
jD0Sos2
q)(I}c
x/0	Vh|n(
CRp]y[zh
stG(- 
eM+!3E
W15_00;
eqZ!6K
8KZw%y
%>UQZ}
X?TOrS
YX,<fg
hn}R9R
)i%~zwE
~U/:x_
d}JD+%=;@}
2ftMY(
g+bmQl
^K zpW
u0q/l#
]JWS V:
CVpIyMzF
IfGvi~
`t@(T 
txm"4o
SYkQbd
tM?!>E
_<jnV3
e[Z?6Y
`iK~pw
%	UgZ$
P?~OyS)
Pyl|pf
YW@jsMp
0KV	nt
}_cNY'
In3D%Z
{I8s+j
;ijivR
bK#Jed
2A}4n_
eh>S9q
^D :pg
tq17"OW
06/i#s1i	
^]1t#E1ml
tz;sDJ
C6p~yfzQ
B=}r(v
ff&j*%
	afpD!J
3+2k}D
{V7$W)J
ryKg?R
;YWf*Ko]
*ISt"\
"~v9U[LAA
xlWN1~3
$'}[Ro
=<GJ.,m
4#Bu` 
[C3cB%
V*KT)G
*4pj:^
:qh31]Y
U(;>~R@
pLl<69+7,{O
T2d+'[
^*.]<Z
OA:-|je
s!f+xp
)6\E{u
Z> 7-W
'9@ef9
[l^|Q.
R8uhYl
MiT8|{+r
P?@NgS
I^^+[o
`&Q5.P
V)+@cu
Q(.6(90
[LQH4<=
cz?^Me
>yT H,a=
"^.g}}
1|n'pW
_d"-&a
zg]7MG
DD,(|v(
GsEM'?
0BY	Y1"J`
tNi)/`(8
.!,#w;
2I;;N}4
H	Hnxh
Gqwyq@xW
>[N:FXI
Z_aS_@
nVZG*Y
uFeKwG9N
zFu:HyVW
P~{v'U
prBHVi?
)Z}mq%
pGKp	W
Y0,3z?
Yv2l>&
2;n	MY
TVA!(0)0
X~>9a}
]t%?:	
VQ?+R%
#Q7p<q
MT:yw*
T$#~a#
Ep-S]y
0p3>!C
HDGpip
v=]#=!Bv"
*'SO$m
-?	$Cm
Z}0'AK
<"{=r_
}f2q3 
><M~\bE
]^gOK)
3 5]B7
Q73}U-
	%	\!F)
JZrCj^
1b`#sU7
EILDU~
Z<:AeM
w;lX)o
tZr~Vd
;]truO
o0[a&i]
>PA2Aq5
8	04v"
V%o*rpK
Q J]`j
L8x*MG
ia	k`DG
Eh>Z\7
el;AD 
92mpjg
UmX2((
NI3=mSkX
wVm*F/
a);4X8na
gX%w8k
 E,HGF
qm>CrA4
'*JMsm
yh"&Am
x{h~qe]
%|"jx)
rET1&K
a8Wc/BV;
Ku3Ok07
e/A|a%d
jldl=E
gJOR~{w
kpJchE
)BMk4`
IB$wJ	
	4umkaC
,7'>o8
061Lat
IDATP!
m(7pAU]w|;
]$%xM-
k$Q|nZB~
-f	^z3
95KL98
 t)=~g
b-d*gP
-S@j*]
DU `MF
n@	dT<Ia
ic\H{Q
%5Mv@\
*9GIEx
ScMnziqdT
	gb*"M
W^lZzX
5c1Of<
!?0K)Y2I
{Hw2MU
	xPD:2
=+BCc3
SE!gsp
I4Fx'-
4YUsN0>
auQG[1
2M3G7s
&*;,d1
O: k}V
s(j{1:
+^y	gw;_
7H!!\{
COd2|F
Sef7v\
?nto0b
m$\dV|(
,@e	<d
.}w +S
f=~s.~E&
E9FSOB"
{] S!+I
W>}l=k
;?uz=w
j_O*	EmR
 1N AU
$jY\;,
(^=J2|-
)a18z\3
9D*'G+S1
p-;?8Z
8e\]>S
phL/(|]"
84@q0K
G\U;R?V
\TmH^kk
R.{FN0
+~v$Gz_
e}r~W/
&yTuO#
j{6^yJ
^|dbhd
 Z8.sl
,K,o/9[4
$,:;]Y
*cJrk:=%
{|C0-Uh1
l? [tg
w#Zke7O
[fo"u:
<8pI`4
QU*smh
~cy=9z l
JeS+_\v5fprn
ZJW7Dc
6R:v\c)c
-8Dx`=A
_8HIh9&
&lI+(nC
41|*!Wq
yzn:t6k
>veIW3Jo#
zn)T]Ws
,P&SJj
g7`8Up1
OEZJ%y
:^xNk7
oVD0/n
5KjMpn
1Qe.5V
$e[QV7v
8x%X!m
#3*~{g
I,`Y\#
#g$KFk
7'otjuO]
\[](7T
$ecA?V
R'/)+^
]7gGfS
oy9K	|ob
F[Vr1+
hz&|r?UO
25]MGz=
mEWP\`
:,DsYa
Y_hm@|3T=
c6~'{ :
rMq$-y
~O`/[#
TZy(FN@
?#L.c(
KrHI%(T
=f+>Bev
0Wx#Mb
`A9kuQ
GZ|ZV*
:]vjXC4
GHe8";
ovvqeR)
qsjK	G
1&mq)Z
6[60fEyX
wb-iRt
i9ESyc
v4|:i,
Kl.[l[$
.V=zV$
Q9jQJG	\
D}E4;(
i]E\YX
I-+WG}P
0|P$	#t
6U!i{s
D}/xj&mY
4;KAlcx2
+>]%/h
mmVe]Yc
wsmv*_
mHr%#W
fy*qB%
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
System.Text
Encoding
get_Default
GetString
Conversions
NewLateBinding
LateGet
LateIndexGet
Operators
ConcatenateObject
String
System.IO
WriteAllText
SubtractObject
ToInteger
AddObject
ModObject
ToByte
STAThreadAttribute
c.Resources.resources
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
AssemblyFileVersionAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
MRK779245
MRK779245.exe
MyTemplate
8.0.0.0
My.Application
My.WebServices
My.Computer
My.User
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
WrapNonExceptionThrows
	19.10.1.2
(c) 2017 D.R. Horton
D.R. Horton New Taker
D.R. Horton
D.R. Horton Take
_CorExeMain
mscoree.dll
rP?=~)
82<;W7"
\szv~e
ldR4k%