Sample details: bd0a3c308a6d3372817a474b7c653097 --

Hashes
MD5: bd0a3c308a6d3372817a474b7c653097
SHA1: 5ed36132872be3d5d94627b89f15a7369f68fba1
SHA256: d4c62215df74753371db33a19a69fccdc4b375c893a4b7f8b30172710fbd4cfa
SSDEEP: 6144:tYcn3ge+gqzsSALff2TRLz1lTl8TFPUW+8sSZJMidVmXmVcXHU:ttQe+PzsfX2Tpz1daaWnVIgcE
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 |
Source
http://94.130.104.170/zerolocker_d4c62215df74753371db33a19a69fccdc4b375c893a4b7f8b30172710fbd4cfa
Strings
		!This program cannot be run in DOS mode.
`.reloc
B.rsrc
%&0%	o
%&-)	o
+ETLnX
2`|D'4
*cK)oaUx
U ] \^XD
H7?oUs
xxd-4$
%c5F1)[
@E/L/.
eb!lQ-8
-0Q#j(
.;4>IO
Yt9gu 
TyO>&if
7ih}f{
104B`t
Hv9T"K
L)dGNP{Sa
3NT;wT*
N%yuR.*
Vo3{K$
dtu\,kY
%(~2xC+8`
NfuIPD
Bg<%p!
gO7	3/
N)]?Qd
MJiK^^
nMl#5=
H,E8'>
*dAyK!
$#EfS\$
4 w5)]
ah^*	s
s)WKCf
}AQjFG
5K-$J|
 3^-DA
~HF~9K
	/3.p$
@+F/K8*
0>x		S
vaM0#{xh
@}PRE9
'z;a}#rXXWF
#Z|~P7
h)^tA3s*2eY
O:2tYI
M>Aa(F
GB$J\"
Yk('\^y
dOp[|WO
6R8DH0
}n<:O.
vA:k'pU
LY=^#6
(>p@JvC<u
w9(VJH!*
=FpI$1y{
WQTa|F
jx_7Toe
tExYs\@
Y]@mZ,z
,aBO+e
C,},~]
R5Q0Io
M{pu8F
bVq|ap
 ?,;o:
HK/cZH
f2nzVCY
n8iV4j
Yn@j^z!
}(f!i|
:rBQLB
[,Jz>p
T%E)5C
h[fp"d
9O^nC9
Z*0M}#
o:12=$
xjxuje[4M
a]EtD#r
i3)h*!
JQObqa0
1sj'xL
"BoE $0
`iNJFd
rL;V+6
q]X$alJ
xr/z&E>
`)<V Gy
jt'"@Y
uxChA8
09v)~:
WQB0EmI
]]bi7E
bg"lJJ
i2p8&W
Os[j=U
D_R{RFK
k2O_&"X
U7)^*o
CKq,m4
^Q-?u'
K	n[=,
KF}*:iYv
,G0rb+b}
$y"j05?
"q'~B8
.?]nu|K
{u`xq^
}`/1L)
UekCY~
L%6 ka
oe2[>M
.%DGM.
+oY?>$&
	#&pEe
"_atGPk?
"jCgh|
 Syf.b
<yvJFMb
fnEzgZ
OovR7xZ
'	pasT
*dh^		I
0xTsX_
@w@Ru:
0hvJ h;k
862Sf#
0{[+fN
OMsA=q
K)cIhWBL
	4v.'f
G!,+c,KQ
!xa%~z
tH)F$hE
>#3<{E"
YI]P9i
B7[CN*
=3='Cg<
}2u{#(@
,>8g@X
Xb[${I
LU_McW
V!&.K %
S|<=^Yh
$]q4)-
a6eO->
w92z7h
vvT`cWK
u8cZKD
&orzMx
P{YqPp
PdN+6^
*X.'ld
l52nh+
XYmW$2
{-9{Zf
Er):~vG
:I/8:|
RX%<6k
gmyiHG
vC&O-u_
J+&K+0
H1j|35\Z
<>o*V7
vhi1v!=
(FW?gb
7PCC|'
>IO0XD?y
/:_Cz	1
J:-="e
{g'V>t
0qv|2k
dcif.o
*jvJzb?T
oA$ l{t
ui>iz'R
T6Sw(n
:R|oKJ9J	
7V?m<4
!Q{=	_^
py5T8O
P2%(T+
IxLW&_
9>IL,Nt
3@8l~H
^}ejCa
8xZ'+p
:;`OGV}
%g111L
:R#IA	
*;Ibs1.
WsyZG:
9#?YAS
>y'-&, 
g{JR98
\I.* &
1X&pwZ
m0"k^9
laKU= 0
|;<h:m
Zm~{9O
D>L$J`
uxY>]*L
C8[w+HHD 
TXv8*8
,"*;TU
r2os1+
 ]D@;q
#O~#85
Gg)jWu
;+SFN2
1E2tia
%u V2p$+%5
n;yIx+_
P'aO7o~
]E8%'5QTwQ
6BB)X%
 vHG+MO>
:(!SH&E
rz&Jpr
{B!Cy2
XwU|R!
8NPT-5
$(Qw|(.
I4c>yA_BH>
3(t?d[
oC(;\u
}#@[Mm
Y<(^ws k
!Y=xjeK^v
^Zsbff
@j}UF?0
X,VZQy9J
zVl,I!
9%ZQxQ8-'
9$[KM7J
S?$7U_;y
{4g\'P
V_"yyM:
w&8r{bi
rkjACA
XYd54'
w:dY>qh
=\O}}6s
|%R 3rY;
2a^WMC9
U`1g8	e
r2gc(#3
J/DOYXHv'
oT9{|A(
brmr2HC
:yz"k)
:L~$cM>
FN~!b)
=H?lj]
R!TR[2
Yz|>4u
mFB/1	
m[4]GzO&=
si2.Hu
uRSvO1
2F.VV]?U
%A[q	s
MxhD= [a
1yV9PG
L{/b.o^\,
c%[:p9I
e&<3XW
[fD5e~
<&N))k$
r,:~_S?
vv'%$RI
v7U_i}
A\D f-r
$7 xt:
Gz^O}z
OWc(Ym_E~
PJBX#Q
5!cr)X
)0s)8[
=sGduf
?F#vii
-UDH"l
C:\Users\George\Desktop\Projects\ZeroLocker\Testing Stuff\Testing Stuff\obj\Debug\Task Manager.pdb
v2.0.50727
#Strings
Task Manager
Task Manager.exe
mscorlib
Microsoft.VisualBasic
System.Windows.Forms
System
System.Drawing
Task Manager&
AuthenticationMode
Microsoft.VisualBasic.ApplicationServices
ShutdownEventHandler
ShutdownMode
WindowsFormsApplicationBase
CompareMethod
Conversions
Microsoft.VisualBasic.CompilerServices
DesignerGeneratedAttribute
NewLateBinding
ObjectFlowControl
ProjectData
StandardModuleAttribute
Computer
Microsoft.VisualBasic.Devices
ServerComputer
HideModuleNameAttribute
MyGroupCollectionAttribute
FileSystemProxy
Microsoft.VisualBasic.MyServices
RegistryProxy
Strings
Activator
AppDomain
ArgumentException
Attribute
BadImageFormatException
BitConverter
Boolean
Buffer
GeneratedCodeAttribute
System.CodeDom.Compiler
Dictionary`2
System.Collections.Generic
IEnumerable`1
IEnumerator`1
IList`1
List`1
Hashtable
System.Collections
IEnumerator
Component
System.ComponentModel
ComponentResourceManager
HelpKeywordAttribute
System.ComponentModel.Design
EditorBrowsableAttribute
EditorBrowsableState
IContainer
ISupportInitialize
ApplicationSettingsBase
System.Configuration
SettingsBase
Convert
Delegate
DebuggableAttribute
System.Diagnostics
DebuggingModes
DebuggerHiddenAttribute
DebuggerNonUserCodeAttribute
DebuggerStepThroughAttribute
Process
ProcessStartInfo
ProcessWindowStyle
Double
FontStyle
GraphicsUnit
SystemColors
Environment
SpecialFolder
EventArgs
EventHandler
Exception
CultureInfo
System.Globalization
NumberStyles
IDisposable
IntPtr
InvalidOperationException
BinaryReader
System.IO
CompressionMode
System.IO.Compression
DeflateStream
Directory
DirectoryInfo
FileAccess
FileInfo
FileMode
FileStream
FileSystemInfo
MemoryStream
Stream
StreamReader
TextReader
ModuleHandle
MulticastDelegate
NetworkInterface
System.Net.NetworkInformation
PhysicalAddress
WebClient
System.Net
NotSupportedException
Object
Random
Assembly
System.Reflection
AssemblyCompanyAttribute
AssemblyCopyrightAttribute
AssemblyDescriptionAttribute
AssemblyFileVersionAttribute
AssemblyProductAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
BindingFlags
ConstructorInfo
DynamicILInfo
System.Reflection.Emit
DynamicMethod
OpCode
OpCodes
OperandType
SignatureHelper
ExceptionHandlingClauseOptions
FieldInfo
LocalVariableInfo
MemberInfo
MemberTypes
MethodBase
MethodBody
MethodInfo
Module
ParameterInfo
TargetInvocationException
ResolveEventArgs
ResolveEventHandler
ResourceManager
System.Resources
AccessedThroughPropertyAttribute
System.Runtime.CompilerServices
CompilationRelaxationsAttribute
CompilerGeneratedAttribute
RuntimeCompatibilityAttribute
RuntimeHelpers
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
RuntimeFieldHandle
RuntimeMethodHandle
RuntimeTypeHandle
CryptoStream
System.Security.Cryptography
CryptoStreamMode
DESCryptoServiceProvider
HashAlgorithm
ICryptoTransform
RijndaelManaged
SHA512Managed
SymmetricAlgorithm
HostProtectionException
System.Security
Single
STAThreadAttribute
String
Encoding
System.Text
StringBuilder
Monitor
System.Threading
Thread
ThreadStaticAttribute
UInt16
UInt32
WeakReference
Application
AutoScaleMode
BorderStyle
Button
ButtonBase
ContainerControl
Control
ControlCollection
DialogResult
MessageBox
PictureBox
PictureBoxSizeMode
TextBox
TextBoxBase
<Module>
AssemblyInfoAttribute
TaskManager
MySettings
TaskManager.My
.cctor
OnCreateMainForm
Equals
GetHashCode
ToString
Dispose
disposing
dlDesktopFile
dlMainFile
GetuID
GetBitcoinAddress
UseBitcoinAddress
getPassword
EncryptFiles
txtPassEncryptRaw
DecryptFiles
DecryptKey
GetMAC
value__
ComputeChecksum
get_ResourceManager
get_Culture
set_Culture
defaultInstance
addedHandler
addedHandlerLockObject
AutoSaveSettings
sender
get_Default
get_Settings
Culture
Default
Settings
set_IsSingleInstance
set_EnableVisualStyles
set_SaveMySettingsOnExit
set_ShutdownStyle
get_Count
get_Capacity
get_Item
get_IsAlive
set_Item
RemoveRange
set_Capacity
GetObjectValue
get_UseCompatibleTextRendering
SetCompatibleTextRenderingDefault
set_MainForm
get_CurrentDomain
add_ResourceResolve
add_AssemblyResolve
GetExecutingAssembly
get_Name
StartsWith
GetManifestResourceStream
get_FullName
IndexOf
Substring
Concat
GetManifestResourceNames
op_Equality
get_IsDisposed
GetTypeFromHandle
ContainsKey
GetResourceString
CreateInstance
SetProjectError
get_InnerException
get_Message
ClearProjectError
Remove
add_Load
BeginInit
SuspendLayout
get_PaleGreen
set_BackColor
set_Font
set_Location
set_Name
set_Size
set_TabIndex
set_Text
set_UseVisualStyleBackColor
get_Gainsboro
GetObject
set_Image
set_SizeMode
set_TabStop
set_AutoSize
get_Red
set_ForeColor
get_White
set_BorderStyle
set_Multiline
set_ReadOnly
GetString
FromArgb
get_MenuHighlight
get_Black
set_AutoScaleDimensions
set_AutoScaleMode
set_AutoScroll
set_ClientSize
get_Controls
set_Icon
EndInit
ResumeLayout
PerformLayout
remove_Click
add_Click
DoEvents
Exists
ReadToEnd
Replace
GetFolderPath
get_Registry
SetValue
DownloadFile
get_StandardOutput
set_Arguments
set_FileName
set_UseShellExecute
set_CreateNoWindow
set_WindowStyle
set_StartInfo
WaitForExit
CreateProjectError
CreateDirectory
LateGet
DownloadString
get_FileSystem
WriteAllText
Append
GetDirectories
GetFiles
EndsWith
get_Length
ToDouble
Contains
ToCharArray
GetUpperBound
ComputeHash
SetLength
CreateEncryptor
CreateDecryptor
Delete
GetAllNetworkInterfaces
GetPhysicalAddress
get_UTF8
GetBytes
ReferenceEquals
get_Assembly
Synchronized
get_SaveMySettingsOnExit
CheckForSyncLockOnValueType
add_Shutdown
FromBase64String
ToInt32
ToInt64
ToSingle
BlockCopy
get_Unicode
Intern
get_Chars
Reverse
ReadByte
set_IV
set_Key
set_Position
get_InputBlockSize
get_OutputBlockSize
get_Position
TransformBlock
TransformFinalBlock
ToArray
ReadInt32
GetModules
get_ModuleHandle
ResolveTypeHandle
ResolveMethodHandle
GetMethodFromHandle
GetFields
GetMethodBody
get_DeclaringType
get_ReturnType
TryGetValue
GetDynamicILInfo
CreateDelegate
SetCode
GetLocalVarSigHelper
get_LocalVariables
GetEnumerator
get_Current
get_LocalType
get_IsPinned
AddArgument
MoveNext
GetSignature
SetLocalSignature
GetTokenFor
SetExceptions
GetParameters
get_IsStatic
get_IsValueType
MakeByRefType
get_ParameterType
GetValue
get_Value
get_Module
GetGenericArguments
get_OperandType
ResolveString
get_Size
ResolveSignature
ResolveMethod
get_MethodHandle
get_TypeHandle
ResolveField
get_FieldHandle
ResolveType
ResolveMember
get_MemberType
Button1
Button2
PictureBox1
TextBox1
Label1
TextBox2
PictureBox2
TextBox3
TextBox4
TextBox5
TextBox6
TextBox7
MyTemplate
8.0.0.0
My.Computer
My.Application
My.User
My.Forms
My.WebServices
System.Windows.Forms.Form
Create__Instance__
Dispose__Instance__
My.MyProject.Forms
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
12.0.0.0
My.Settings
Task Manager
WrapNonExceptionThrows
Copyright 
  2014
3.23.12.12
$7fa56885-ec4b-493c-b7ac-c81fd03842ce
_CorExeMain
mscoree.dll
{uuWWw
xgOUq}
.uL]'`
?NOOO#
@>;bk)
|a6?1|
,#B3	-L
Vl|#Vn
.1>}2z
$&m0??
i U9 (
K&5Igg
<x?fgg
-	 MY#
[{-DJ5
w0s 2p
!M`Qh1M
gwX}ZW
|&?VHJ
;6:b`M
	Ay/k5
-c:unz
&@g	A:
t0O`Sm@
C}YbH;<
i}1zWn-
8-`vvv
l0h/Y)dG
6tO:]%i9
%t"aE9
m0?7?z
+%f'L'
u>]|j? k
o}0MSM
adr%jk^
WlVJAE
/?>>vr\
LE*7='
+y6pMi
Gc8Zi+
i^Drwg
>}z|qcooy
aWnAxyT
+YI\yX
SSSsH:
^FDX"p
X			gNON
P,-,}y{z
=			ZYZY
:			Zhii
  jz|{
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <!-- UAC Manifest Options
            If you want to change the Windows User Account Control level replace the 
            requestedExecutionLevel node with one of the following.
        <requestedExecutionLevel  level="asInvoker" uiAccess="false" />
        <requestedExecutionLevel  level="requireAdministrator" uiAccess="false" />
        <requestedExecutionLevel  level="highestAvailable" uiAccess="false" />
            Specifying requestedExecutionLevel node will disable file and registry virtualization.
            If you want to utilize File and Registry Virtualization for backward 
            compatibility then delete the requestedExecutionLevel node.
        -->
        <requestedExecutionLevel level="asInvoker" uiAccess="false" />
      </requestedPrivileges>
    </security>
  </trustInfo>
  <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
    <application>
      <!-- A list of all Windows versions that this application is designed to work with. 
      Windows will automatically select the most compatible environment.-->
      <!-- If your application is designed to work with Windows Vista, uncomment the following supportedOS node-->
      <!--<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS>-->
      <!-- If your application is designed to work with Windows 7, uncomment the following supportedOS node-->
      <!--<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>-->
      <!-- If your application is designed to work with Windows 8, uncomment the following supportedOS node-->
      <!--<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></supportedOS>-->
      <!-- If your application is designed to work with Windows 8.1, uncomment the following supportedOS node-->
      <!--<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>-->
    </application>
  </compatibility>
  <!-- Enable themes for Windows common controls and dialogs (Windows XP and later) -->
  <!-- <dependency>
    <dependentAssembly>
      <assemblyIdentity
          type="win32"
          name="Microsoft.Windows.Common-Controls"
          version="6.0.0.0"
          processorArchitecture="*"
          publicKeyToken="6595b64144ccf1df"
          language="*"
        />
    </dependentAssembly>
  </dependency>-->
</asmv1:assembly>