Multi-License Discount Quote

Change Region

English
Threat Database Potentially Unwanted Programs PUP.Bulz.LJ

PUP.Bulz.LJ

By CagedTech in Potentially Unwanted Programs

Analysis Report

General information

Family Name: PUP.Bulz.LJ
Signature status: No Signature

Known Samples

MD5: c2bde35c4e4b5bc34674f51dee2e2e32
SHA1: f1e6d04e2bd3a5edff6af50137a922f7bfb97833
SHA256: FEE550694783280714DDDA03EE2BBEB93D8EA769FB7D343B512A47FB3007AD33
File Size: 5.81 MB, 5808576 bytes
MD5: ee07edb34fa6956bb0fc9777df4aadb4
SHA1: e0c162867b1e160c14f9ac07dcdf6bb5b1177bfe
SHA256: B8A0C887F2BBE727980E4AB31E10208F9CE5AD5DDDE6A255355DF9870C3AC549
File Size: 5.81 MB, 5809600 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have security information
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name Sysinternals - www.sysinternals.com
File Description Vmmap - process memory analyzer
File Version 3.4
Internal Name Vmmap
Legal Copyright Copyright © 2009-2023 Mark Russinovich
Original Filename Vmmap
Product Name Vmmap
Product Version 3.4

File Traits

  • HighEntropy
  • VirtualQueryEx
  • WriteProcessMemory
  • x86

Block Information

Total Blocks: 2,847
Potentially Malicious Blocks: 102
Whitelisted Blocks: 2,151
Unknown Blocks: 594

Visual Map

? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x x 0 x x x x x x x 0 x x x x x x x 0 0 0 0 0 0 ? ? ? 0 0 ? 0 0 0 0 0 0 0 0 0 ? 0 0 ? ? 0 x 0 0 ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 ? 0 ? 0 0 0 x 0 0 0 0 0 0 0 ? 0 0 0 0 0 ? 0 0 0 ? 0 x 0 0 ? 0 0 0 0 ? 0 0 0 0 ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 ? ? ? ? ? 0 ? ? 1 0 0 0 0 0 0 ? ? ? 0 0 ? ? x ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? 0 0 0 0 0 0 0 ? ? 0 0 0 ? 0 0 0 0 0 0 ? ? ? ? ? ? ? ? ? ? 0 ? 0 ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? 0 ? 0 ? ? 0 ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x 0 ? ? ? ? 0 0 ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? 0 0 0 0 ? 0 0 0 ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? 0 0 ? ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 ? 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 ? 0 ? ? 1 1 ? ? ? 1 1 1 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 0 ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 1 0 ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 ? 0 ? ? ? 0 ? ? ? ? ? ? ? ? 0 ? ? ? ? 0 ? ? ? ? ? ? ? ? 0 ? ? ? 0 0 ? ? ? 0 ? 0 ? 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 ? ? 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 ? ? 0 0 0 0 ? ? ? ? x ? 0 0 0 ? 0 0 0 ? 0 0 ? ? ? ? ? ? 0 ? 0 0 ? 0 0 0 0 0 ? ? ? ? 0 ? 0 ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? 0 ? 0 ? ? ? ? ? 0 ? ? ? 0 ? ? 0 ? ? ? ? ? ? ? x ? x x x x x 0 x ? ? ? ? ? ? ? ? ? ? 0 0 ? ? ? ? x ? ? ? 0 0 ? 0 0 0 0 0 0 0 0 ? 0 ? 0 ? ? 0 0 0 ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 0 ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 ? ? ? 0 0 0 0 0 0 0 0 0 0 0 2 3 1 1 1 1 1 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 ? 1 1 0 0 0 0 0 0 1 0 1 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 ? 1 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 1 2 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 2 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 2 0 ? 0 0 0 ? 1 0 2 x 0 0 1 0 ? 0 0 0 0 0 0 0 0 0 x 0 0 ? 0 0 0 ? ? ? x ? x ? ? x 0 ? ? x 0 ? x x ? x ? ? x 0 0 x x x x x x x x ? x ? x x x x 0 ? 0 0 ? x 0 0 0 x 0 0 ? ? x ? 0 ? x x x ? ? 0 x x 0 0 x 0 0 0 x 0 x 0 0 0 0 x 0 ? ? x ? ? ? ? ? 0 0 ? x x 0 x 0 0 x ? ? ? ? 0 0 x x ? ? ? ? ? ? ? 0 x ? ? 0 x 0 x x ? x 0 ? x x 0 x ? 0 0 ? 0 0 ? x ? ? ? ? ? x 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? ? 0 x ? ? ? ? ? ? ? 0 ? ? ? ? ? 0 ? ? ? ? ? ? ? x ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Trending

Most Viewed

Loading...