Sample details: 43d2970d2f8b129a362637cfc244838b --

Hashes
MD5: 43d2970d2f8b129a362637cfc244838b
SHA1: a64ee1fdaac83cd82a0fae391ccf4e475e97501a
SHA256: 4d7f8631561a48991aba76e5515220eae13e86c5312f278fd53039562b352716
SSDEEP: 12288:9eXmKKz/XOz6htbWFAsc6J+796GH2Vee9O:ckzvO0bWFAsc6J+J6w2Vee9O
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Studio_NET | YRP/Microsoft_Visual_C_v70_Basic_NET_additional | YRP/Microsoft_Visual_C_Basic_NET | YRP/Microsoft_Visual_Studio_NET_additional | YRP/Microsoft_Visual_C_v70_Basic_NET | YRP/NET_executable_ | YRP/NET_executable | YRP/NETexecutableMicrosoft | YRP/IsPE32 | YRP/IsNET_EXE | YRP/IsWindowsGUI | YRP/IsPacked | YRP/IsBeyondImageSize | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 |
Source
http://maryshoodies.com/igb.exe
Strings
		!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD.
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
Wc````
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
oIDATXG
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATXG
9Qv-Np
3SlxsB8
"B	5}M}
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^
\~Rj!cU
7gxX-Z.[C
Ex*~0W#fp$v
9%7c0,Nc
XLj#C$
0r'vgq
j1S./)
d%;NKC
.MVVnG
Me' A<X
W8!K;Z}
Sb7JF+h
Es{2NZ
83l'=;
B	[aeh
MV[#|u}
I+3)4_EU
x' X-/
vGWRo;
qbuI(S}7	%
`E*#Dy
D.sC8P
=6CD"~,
C3vs3%
[u2Y47
PFsaDI
R#|4{L
bU+!R:$
xje1F@
RM@0&q2%
:P\e0mz
SmMu~xN
&6DT)D
E$UP	a1
C:g}}!
m:t>DW
R8\R"!
HBrbSg
s"M_HI
 o&ddQ!
#^:"']6
%uwm~^
RaJGt'
goEeeL
XLjDMSG
[LjOV?
#\}mB|J
8j_Y+'0
57[@x3
B&oP2{R*
b IAsP
;NtjM`
E@\~YC
6F;d~H
Xgn|w!o
V{# 6	
"jk#"!=c5
9YMoUk
$C8pm,3
M:p'HE
xThBHI
]D?p@k
0rCg2C@p
=qO(fh
=B[/Ay
Y[?s*3
q<}1M>'
[|#pL>a
d|5Y	5
C0RRz)
w+-Xi1
>L-&4g&
F|=^@x
)_vy&:
VVFF!")T
+wd)Li
+WD8nk1
"@HeL}
;c1J{?1i
'st>N[5
i`6~6Y
sGIDP&{y
n}D$RT
YVD?"\
V;9)_LNc
ff2ze;
w9^0EA
;&?|'?
n-e&<h
N,Gn/b
fVWsf4
Q9@qy+
sA6"5B
Z>][LO
1~)EqN
5oBeQ/4
wFaj?K0
.3q;w%
.>;fp]
mZ27d+/:Wb;
d	&\3_
emTd' 
"k&w*ggT
3wH:^C
Zzv+IIv
>|-"	}
%XJqKi
y>'V%R5
iEJS;38
]z\_HY
q=bnj2Z5
7k9OzXe
t][DX]
}IQW$l]<
ADoGn|
Yz6Z[h
p#FoLX|
/E2g_yQ
Bf @5R
v'kx6)g
$@$ErEl|WB
<Ah_=Te&
_I~l2l
ejDU'c
^w&KI_~
%DvV@s
 z$Szv
Vw`l'uR
k%&s[q
;ghuo4-;
a#@wz|*
_DN[R3d
4j&b}DO
o9;%XD
n\0dF3u
rIz'!]
IDAT,J
C8kfNe
Uj/F[F
b`7iK+6
B>DZRy
XxRx_A
s"[xt?
{*me&>
,$\o1}
-OS}f3o?U`
XJjg$@(
bd&m(<
8.dveE3
07h'a;
76c}wu"We
P__x"b
+](k78$
6eY;CO
 l*iODW
'z;-C/
?|k4{l
5Vv/!R?
=j=!FG
UN%4!s`_
1a);Cz187%D
Jyv>d9=dY
9fwg3Q
_1{zO:,
re<-mo
rvGdBO9
Er8CJ1;i
6(asbo
?yAEq>
.K,fb|
5"|Oq'
;vCG;W6
EdTKLl
63.Dzq
	ij*ts
e9r8Fz1zx
-n1ds8
i4ad^}
5Kq60"bH
OUC=c(f
v!t}+n
QRL4Af
2uz;oep
y0&azr
Cs4GKLJAE`_
:7In'U
8?wm7pV
kMbl[C^
W~v\haK
U\Z1VxB
~3U^Y,
qW]8c-@
bOr/h#
[zv^R)
5]_NC7
wp66{4
0;^Nv1
I&T]$i
k6KE{IT>
#~+XfgJ
K>}C^2
:Bu'i#
_#h6<Y
!k?H*jm
 bm'e|I%
oB'^gIF
?J0y;Z
+m'/ds
$|.#GlB)mw
wgQw]:
S<j4&_
r<e(%M
3$QxOI
\Nyl s
GmW}Zv-
>Pe^K%
4~'gfl
VkG$T&
T\PcIZ$
srIg^NT
jf\^C^
 @Pfbb
	KOoeV
q79'Y.
\$Qy{j
qDJ*zV
31+kAR
&>SGc']'
N.j ko
/dMnsv
*6Qr;3q
z$Q6Fre
2HJ[.k
F2VGAXL/
s9kq]N
XWY{cZT
r*nwEw
*fFS$Qvk
)QloeE#
oagqQu
dHL~p;.Te
/3l|CZ
{wY=w!k
~}*gsw
rb6%1U
m5''<b
rAg4bn
Y)+x5X
zIT\.%@
U-h(@8s
\:J x]J
2l\]4o
;G0qkn
:U<O1%wL
y}l(1q
QjTr,e8)
3$&,@8
v|h(Eg	
l#4g-e
v3"&F1l
Ud4Z!1
\0aE]^TH
I'x3L,FYM
GfptY2
cc`7i+ 
bm%&mUC
iNoE$w
-!7^3iN9F
u]NK%j
?a?VvB
UU3xt'
T5Vv8@p
d:NSP45
8J9aKIJs
]'>eT_
N Y8![
0)afZ/b|
1r^K]+%k
z.o* r
e{Sn%^
)#(imM
+-G_%r
WKb(|y
R.q[Qw
MEeK{b
!@,L3X
<<N8So
1Q;Im5%+
Sp*i%7
fTk<^:3
~ ;CUX\
V	&,1!
Ci.UGD
:	&:hL=
>Cz1f%
 rN0YI
(r#yTM
-VxQka#
Ctg"VG
UjDW7zt
&=J~v<$r
9a[7cF/
_m"@x3
}&v(gG
U=1hxO
riEu:%|
{Fy$jY
LT~1gNJ}WV
<SqH/"}G=q
3o{<9;
^!/hp&
J f1MN
wr;j%Y
h3?F8$	'`
g0g*3e
*S:ruD
MQ^{L5f
IJS-{&
.%|o.q;
:O.7$q
.1Mu8>|
).|S}A
`r9z%(
VYNYH:Q
7T0yCa
C5LQ)<
0@>?f&
uq'l[Y
Mm-w{>'W
$'WxYAF
b&i-D9[b
~d'!!'y08
tlOyn)
'u+}+.
DNu'8l#
Sf{r-c
o'^73g
[A)rL]j
s{@0*Oo
V9b{s=K
ShPYFj
xE|dRf*?
)E.pT=
K.[v,w
FwtP,iL
RL8,{(
f3Lisu?
Gp^c4&w
HEb=f\]C
X\"#)&;
(&NXLdY<
G`:r0{|
g4g_me
Q!6a?Y
7Cd=]?4C
A?b/m'
mh#gWH l$
!w&IS6
B1b0EJ[6
F$O6b%\
Kl[DHtu
kF"A[_r'*
k$	&YO0Y
 oY{$&
p{=^/r
	0MdOiK
G2Q0a)
fVs8|]z
TrX[TL
LXgXWY{
6/Yvu"'O
9U}]9&
2eN2%R
~W-P\4
'1Sq[f
4Ql!;S
0BFc]X
IJ4|J :
L9&-]l
dkH~fU8+
PDN!<1
SKv\*g
#Q^(5V1N
hs~m!K
]afh-@| qb|
#=h4X<
K(([Hs
5<jTu[
TUczZ"9
j')}([g
HV]%-W;`1
FD/;Fr
d)L	DG
3=Y;b<
g3}c[9O
wOfrN0
vx9GWX
0uPKJR
l5g~|[
/.`Kt=
|SAFr W
~	EhWV9
O5`TL4
C8%p'C
PmDZ/S2
R8b;{3
=d2m%&,
#kG]6N
So u&1(
mD=v	.
?HbP`*
A]8qb)S;
n#np).
Y;"a`	
	&+@pa
_M01'2
x2t<kG
</vd4 g
YEl>"U
X2X)@(Y
p[~)7r
9R8lwE
OD1h~{Y
(E8/1i
 6-4W0
%rNy	f
DsV.Eu
n3<.8c
Vc?3pa,
(Iu-X/
6slJ{1
rNSjy>
=oMNb0
+3d'~%1
;[8pv!a
&7IR!3?E
I9]1^rb
;w	'jI
c5'W,@
s$b,c/
-Z3nY"
Bz{5%f[1
 ,IQ~H
0XjITE
k+kME8w*^
a_CIJ2
S%@$Q0
9LZhKh
rbC@ /
DFD>>k
0jR&N%
caY Wg
i:D8%a5
*!3QWv
QNg("%=
'3Bc;z
m	E4Mi
`+olnQ0/
sd&eh?
g<6+J<
f-=<Wa
#6OZ,H
I=+Vpnx8
]&WGH-
O!i'T	
HJ',ZA
j-Fg,e&z3E[
P{UG~ZM
aLJTVw
>P`?[ANbGz
%@LRQK
DJ .@D
&xq;OD
6[ 7z=#
w!q{)!F
AT/7fn|
jQ Mc<
fn$#L0a_]
:t=VR:
:$56"^
egM":<
-E$`\[D"
IL8_Inb
;pdsM>
(b7~"ii
?C;0e`0
d=aD-Q{
)nsJVA
JsO.9W2
zZmD_'
m+[1kp;V
A<#:[8
v`u_{~|8I
HLtx	K
T8~!/L
F(UW\O
=l=x8W
q:x7O,7
PR\)&3
bss-j[
YDcoSt
no )p1/,6
mt~.E1
:3,w3~
-f2~b+
,C+Nu6fB
v#pS>W
`G5cc6
s$5^Iz
@OM0P9&;
;.U;~Ah
Vxrr{:w
vr`l7z
2G-?.7iM
?iw}0;
m..|A~
XaDeOTe
q{~C~l
;q~'\3
5OR8j>
v!]OOa
o[YU8@
D;	#v<$
-ggu]\
GQA/z${s
%xc$1kZq
NWaD./7
IEnYH"
OcLe&p
=85^_u
Era</f
poaOb>
Y:=)@c
Ur?/	C
-@xP?b]
 r'H~6
ppKV~L
2~H*rR8
|loP(@x
\0a;Vl
zH K43
zy/w5{b
d1_J~a
 "=6)f
73htg'
h*K)ZP
q_g"k_
QE1I?K
wv @{%Q
`"9zE(
LZ]Nq{
)6'cW%
-\a[cj
6p'^l4
qJ}.-N,
eA:GtL
v"_mdK
jGZV3&
'rHs46
9;"V3M0
;;S-`1'Jb)
:KV1++
O9u32	w(
c%IfQx
Sr?Hr'
"FVP|B
v!ba+ba 
G-|1	I
(6x5"6
(^D\$}
Qi+I[)
.T(;r9l
E7/5b/
Z>vY=)V.
G"Uy1G
.gz3/tv
6-n @x+!
$_g."%
r-SG&P
p6#N-d
s(Zjp8Nd
"dN%y"
;XLVP3o
	&<<KMf
rM8i@	A
{mT^K8
-l8PL:
v"?}+5F
N	&3|8
Yf&@xhM9
XzS-v)OG_
~'bz7"pK
#J<^	&
 @4<Pb
Y%@8A'
^h qSK
aYiLm[
)bvG_"
Hq}8|A
a<u*NP
:S$&!@
q"3q+O
cF`Mo6
0y}_,&
*YT=ZQL
|#H0a-
MR\*HL
]`6&[$
}BIDAT
 "/9ri
%@4Q015
LrcA|*k
*IyJ >
#VfEr#
G<hfSJ
`RIZCi
}qSlE&
a2c*f3
a&wGH ,
bBH{`C
b|V0"m
 tQ9q6m
p7N{J5i%:
"+<=Zst
wd5bQpI3g
Rg>	3[
@0Q%IsJi
HaJ 0}
3=)1;K
Y~Xm7L
X*;_vz
I)nSzi
	l7InY
m'30^Q
@?_+YE-W
CiQ7"<7
H ,ukN,
P6[usd
J^$@l3W
bo%eGh
mewvGO 
HbPY(3
eTc{e)aMfrTW\
h:zj18o
}n[dOjZ
%&h#KQJz
R8CzXm@i
$=,ILhA-%S
l#@DRa
RUQtqP
4!Nc%'
8x'6NXu
)&,gg8`v=
#mbTY(
AWsvk,"]
\I*!~{
VjM8@b
YBk+uzf
Invoke
v2.0.50727
#Strings
HSttzeRaHDB3ydeikic5oO6
mscorlib
System.Drawing
System
System.Windows.Forms
Microsoft.VisualBasic
VistaTaskDialog.CommandLink.resources
VistaTaskDialog.frmSample.resources
VistaTaskDialog.Properties.Resources.resources
VistaTaskDialog.TaskDialog.resources
.resources
<Module>
CastCodesVista
VistaTaskDialog
Object
List`1
System.Collections.Generic
Bitmap
GetPixel
op_Inequality
ToString
String
ToCharArray
Replace
Convert
ToInt32
AddRange
IEnumerable`1
get_Height
get_Width
ToArray
CommandLink
UserControl
DialogResult
034506
IContainer
System.ComponentModel
Control
set_DoubleBuffered
get_HeaderText
Refresh
set_HeaderText
get_DescriptionText
set_DescriptionText
get_Image
Dispose
set_Image
get_ImageScalingSize
set_ImageScalingSize
get_ImageVerticalAlign
set_ImageVerticalAlign
get_Font
set_Font
get_FontFamily
FontFamily
get_Size
get_DialogResult
set_DialogResult
OnPaint
PaintEventArgs
get_Focused
get_Graphics
Graphics
OnClick
EventArgs
ContainerControl
get_ParentForm
KeyPressEventArgs
get_KeyChar
ToChar
OnKeyPress
OnGotFocus
OnLostFocus
get_Enabled
OnMouseEnter
OnMouseLeave
OnMouseDown
MouseEventArgs
Rectangle
get_ClientRectangle
RectangleToScreen
Cursor
get_Position
Contains
OnMouseUp
OnEnabledChanged
3252214
GraphicsPath
System.Drawing.Drawing2D
Matrix
Translate
Transform
FromArgb
set_SmoothingMode
SmoothingMode
DrawPath
DrawHighlight
LinearGradientBrush
get_White
get_Transparent
set_WrapMode
WrapMode
FillRectangle
DrawHoverState
SolidBrush
DrawPushedState
DrawNormalState
set_TextRenderingHint
TextRenderingHint
System.Drawing.Text
set_PixelOffsetMode
PixelOffsetMode
MeasureString
get_ForeColor
SystemColors
get_GrayText
get_Left
get_Top
DrawString
get_Bottom
DrawImage
DrawForeground
RectangleF
get_Location
PointF
AddArc
get_Right
CloseFigure
RoundedRect
683538
ColorMatrix
System.Drawing.Imaging
ImageAttributes
FromImage
Single
RuntimeHelpers
System.Runtime.CompilerServices
InitializeArray
RuntimeFieldHandle
SetColorMatrix
GraphicsUnit
GetGrayscale
PerformClick
SuspendLayout
FontStyle
set_Name
set_Size
ResumeLayout
InitializeComponent
CategoryAttribute
BrowsableAttribute
DefaultValueAttribute
DefaultEventAttribute
value__
Normal
Pushed
Disabled
VerticalAlign
Middle
Bottom
frmSample
Button
LinkLabel
ShowDialog
MessageBox
btnAsk_Click
Process
System.Diagnostics
linkLabel1_LinkClicked
LinkLabelLinkClickedEventArgs
IDisposable
set_Location
set_TabIndex
set_Text
ButtonBase
set_UseVisualStyleBackColor
EventHandler
add_Click
set_AutoSize
get_CornflowerBlue
set_LinkColor
set_TabStop
set_VisitedLinkColor
LinkLabelLinkClickedEventHandler
add_LinkClicked
set_AutoScaleDimensions
set_AutoScaleMode
AutoScaleMode
set_ClientSize
get_Controls
ControlCollection
set_FormBorderStyle
FormBorderStyle
set_MaximizeBox
PerformLayout
MainXModes
Buffer
BlockCopy
dasdasdsada
Assembly
System.Reflection
Interaction
CallByName
CallType
fdsfsafsafsafasfas
VistaGlassTheme
ResourceManager
System.Resources
AppDomain
get_CurrentDomain
GetAssemblies
GetObject
Encoding
System.Text
get_Default
GetString
.cctor
VistaModulesX
TaskDialog
853281
171406
PictureBox
SystemIcons
get_Application
ToBitmap
get_Error
get_Information
get_Question
get_Shield
get_Warning
627764
set_Width
set_Height
AdjustSize
SetButtonYesText
SetButtonNoText
ISupportInitialize
BeginInit
set_SizeMode
PictureBoxSizeMode
set_Anchor
AnchorStyles
set_MinimizeBox
set_ShowInTaskbar
set_StartPosition
FormStartPosition
EndInit
IconType
Application
Information
Question
Shield
Warning
Resources
VistaTaskDialog.Properties
CultureInfo
System.Globalization
GetTypeFromHandle
RuntimeTypeHandle
get_Assembly
get_ResourceManager
get_Culture
set_Culture
get_check2
get_delete2
EditorBrowsableAttribute
EditorBrowsableState
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
CompilerGeneratedAttribute
Settings
ApplicationSettingsBase
System.Configuration
SettingsBase
Synchronized
<PrivateImplementationDetails>
5003101
__StaticArrayInitTypeSize=6
ValueType
__StaticArrayInitTypeSize=20
AssemblyDescriptionAttribute
AssemblyFileVersionAttribute
CompilationRelaxationsAttribute
AssemblyCopyrightAttribute
DebuggableAttribute
DebuggingModes
AssemblyTitleAttribute
RuntimeCompatibilityAttribute
GuidAttribute
System.Runtime.InteropServices
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyConfigurationAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
Command Appearance
Header Text
Description
fSystem.Drawing.Size, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
U)VistaTaskDialog.CommandLink+VerticalAlign
Behavior
UzSystem.Windows.Forms.DialogResult, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.0.0.0
1.0.8.0
Copyright 
  2008
VistaTaskDialog
WrapNonExceptionThrows
$9FB25BC3-62E0-43FF-9A58-432AA1D36BF9
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
    <security>
      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
      </requestedPrivileges>
    </security>
  </trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGX