Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00002000	0x00030ccd	0x00030e00	7.95071554303
.rsrc	0x00034000	0x00004758	0x00004800	2.23194543248
.reloc	0x0003a000	0x0000000c	0x00000200	0.101910425663

Name	Offset	Size	Language	Sub-language	File type
RT_ICON	0x0003406c	0x00004028	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_ICON	0x000380d0	0x00000014	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_VERSION	0x00038120	0x00000412	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_MANIFEST	0x0003856e	0x000001ea	LANG_NEUTRAL	SUBLANG_NEUTRAL	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

!This program cannot be run in DOS mode.

`.rsrc

@.reloc

v4.0.30319

#Strings

Yzfprb.exe

Yzfprb

Program

WindowsFormsApp1

mscorlib

Object

System

<>c__DisplayClass2_0

<>o__3

Settings

WindowsFormsApp1.Properties

ApplicationSettingsBase

System.Configuration

Cfvfawcntyao

WindowsFormsApp1.Qiemoqjrebacwl

Gceleflj

WindowsFormsApp1.Oyskwxqn

Tinehhvzfcmk

WindowsFormsApp1.Xcpascvc

Uoojvqkdmv

WindowsFormsApp1.Vhpgixrfiwoksq

Lmlqcgiycjtrn

WindowsFormsApp1.Dcpxuh

Ccfrlj

WindowsFormsApp1.Kwzjhz

Bowgshyni

WindowsFormsApp1.Jdqzyvsqs

Leveeuqsevng

WindowsFormsApp1.Gwtcmegmxv

Mtukmyp

WindowsFormsApp1.Rstmteszi

Fomlxkalg

WindowsFormsApp1.Mcczldqwv

PoweredByAttribute

SmartAssembly.Attributes

Attribute

resourceName

<>p__0

System.Core

CallSite`1

System.Runtime.CompilerServices

Action`5

CallSite

defaultInstance

CurrentDomain_AssemblyResolve

Assembly

System.Reflection

ResolveEventArgs

sender

ShowGCStat

GetEmbeddedResourceContent

<GetEmbeddedResourceContent>b__0

ToString

get_Default

.cctor

Default

CompilationRelaxationsAttribute

RuntimeCompatibilityAttribute

DebuggableAttribute

System.Diagnostics

DebuggingModes

AssemblyTitleAttribute

AssemblyDescriptionAttribute

AssemblyConfigurationAttribute

AssemblyCompanyAttribute

AssemblyProductAttribute

AssemblyCopyrightAttribute

AssemblyTrademarkAttribute

ComVisibleAttribute

System.Runtime.InteropServices

GuidAttribute

AssemblyFileVersionAttribute

TargetFrameworkAttribute

System.Runtime.Versioning

CompilerGeneratedAttribute

GeneratedCodeAttribute

System.CodeDom.Compiler

STAThreadAttribute

WindowsFormsApp1.ClassLibrary1.dll

WindowsFormsApp1.Resources.Qcfqdlhpjgh.dll

WindowsFormsApp1.Resources.Wtiatfs.dll

ResolveEventHandler

AppDomain

get_CurrentDomain

add_AssemblyResolve

System.Windows.Forms

Application

Stream

System.IO

CopyTo

MemoryStream

ToArray

IDisposable

Dispose

GetExecutingAssembly

GetTypeFromHandle

RuntimeTypeHandle

get_Namespace

String

Concat

GetManifestResourceStream

CollectionCount

Console

WriteLine

Thread

System.Threading

Func`2

Enumerable

System.Linq

SingleOrDefault

IEnumerable`1

System.Collections.Generic

GetManifestResourceNames

ClassLibrary1

get_MaxGeneration

GetGeneration

GetTotalMemory

Microsoft.CSharp

CSharpArgumentInfo

Microsoft.CSharp.RuntimeBinder

Create

CSharpArgumentInfoFlags

Binder

InvokeMember

CallSiteBinder

CSharpBinderFlags

Target

Invoke

DateTime

get_Now

Collect

WaitForPendingFinalizers

op_Subtraction

TimeSpan

get_TotalMilliseconds

Double

ReadKey

ConsoleKeyInfo

Activator

CreateInstance

Contains

Format

SettingsBase

Synchronized

WrapNonExceptionThrows

Discord - https://discord.com/

Discord Inc.

$14114f08-d35c-4bb2-9fc8-ffc79450bc62

0.0.52.0

.NETFramework,Version=v4.0

FrameworkDisplayName

.NET Framework 4(

#Powered by SmartAssembly 7.5.2.4508

KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator

11.0.0.0

!This program cannot be run in DOS mode.

`.rsrc

@.reloc

v4.0.30319

#Strings

ClassLibrary1

System.IO

GetData

inputData

mscorlib

CreateInstance

CompressionMode

IDisposable

get_Name

get_DeclaringType

GetType

Dispose

GuidAttribute

DebuggableAttribute

ComVisibleAttribute

AssemblyTitleAttribute

AssemblyTrademarkAttribute

TargetFrameworkAttribute

AssemblyFileVersionAttribute

AssemblyConfigurationAttribute

AssemblyDescriptionAttribute

CompilationRelaxationsAttribute

AssemblyProductAttribute

AssemblyCopyrightAttribute

AssemblyCompanyAttribute

RuntimeCompatibilityAttribute

System.Runtime.Versioning

String

get_Length

ClassLibrary1.dll

GZipStream

MemoryStream

System

AppDomain

get_CurrentDomain

System.IO.Compression

System.Reflection

MethodInfo

MemberInfo

InvokeMember

Binder

Transalator

Activator

System.Diagnostics

GetMethods

System.Runtime.InteropServices

System.Runtime.CompilerServices

DebuggingModes

GetTypes

BindingFlags

GzipDecompress

Object

Environment

ToArray

Assembly

op_Equality

WrapNonExceptionThrows

ClassLibrary

2021

$7c158b45-9dc4-4066-8cda-58e028d1a857

1.0.0.0

.NETFramework,Version=v4.0

FrameworkDisplayName

.NET Framework 4

_CorDllMain

mscoree.dll

+C7+BVN

X7|^q.

MAU9T%Q

j?)RM

jB|JMb'p

0,4\m8

8at8bA

[h3F|-

YByE%`

KIl?v]

%(q[%`

uUTUYT

uT@tlD

m^L^uG

6$wk<CCc

~)bekG

!(41&2

S3#CJ"

iqB}j-

^ZIhdJ

'!h;`sC

DD@PPH

@QQQQBQ

I=zNp

Ts}cA<

ER}$hQ

2l#{zG

s9rd7!+

)maw(f

]|$ul"wGQ<

kb\co:

Lt|[WV

VCon-T

}=${Is

9se(wR

c%79E~

XCI="{b

hox_jk

K0>08`

DZ50_j

v[_;+o

|W;?~~

n6$hXh

!N!^!n)|

n`L`T`|@O*`

L=<B}_

T"YcC/

?b2Dwu|>

:H[:HZ

Y%I@Y!

H`fH9(

E=Y'IC$

@/IK%&

?Z!"PT

rA_Y'IMD

d-%;rAS2:

ATdDJ?

d|J:$j

n67pJV$:

%3rA'7

Qw$ip:o

wd^x[!

fr2dk"

Y:UC@]W

B'}!01

*Mn](s

e|v5zI

UJAx4

~4xGL.

}5h<ba

.AMpyQ

NErb@JP

cfzl9

@[]6Kk

:+^d>h

ue v/"

4"Vj"

kW?z=j

VM{V~x

#MjB@P

5r{bSe

vkxZ)h

<@z3^t

Nw\`WI

>a|lBlX

O'@Ze4~$o

v@Z>IM

7IjdyT

xdo-~G

]wfaMj

W$i.RC

}2=6Trc

i-[ZKV

Rt|S%R

#z\]YS

.]Vpub/

{Q^fCF

giQ0"m

wq4cq{

\45>%N

Dj;{>q

!j2/M]A

X%YcS&

LG@1dGt

Y\oY\R

`~<0_:

TYjB'DL

Ar,:|D

hqZ)Rp

xkNiWr

G[k9[Z

@'vLO^{7.

+7E"tb

*q>Fl?

r)59GxLr

f&,6(~

,[m@.:

_>j(ikC

:=xX;6t

0Dq@l`

!vb3!vI

>,/|63

=OM^soE>K

MaV3Gu

y)kN5*}H

Kse(,Z@

]jME0!

t,G*.9

ZlI>E&d

ZM4$cm

L]nmO`

&[*V.q2

v jkZ'`x

])I%<f

}>K8nE_V

KbMOb<

t3\A6Y

d..igHkqx!OQ

06?x,a

TmAba7

L]>O)S|j8sK:2

7t7t12

dC_Tm9

Dd0&yq;'L~

P\0DG9

[c+Ws,

c3Abqc

(,np3m

KW@=hS

,|IrlH

N6#]N]

}<Lvr"

Ft^qy%

s5>X`r

s(|?d'

qxG+]51

&"=iE0

+RsDZJ

_|)T:HhG

Mf,z]i

Fm1ZB?qy

YDhQ5Z

-de([l

5z7=zm

"IQTE!

q'K'J4

0l)U5$

MDii5MM

:tm&em\

pH.00

!H/G_

s6NCNf

UP'=7G

zd\HA}a

_8,5nAA

B1:sI/

[r~=c)"

yPL_Bmq

o#U;px

o9]{,G

IFO5Jt

\+"H#&

`~K+%\

_ r-^_K+

z=Q=jy

|::Xg%\

"-rF"n

RRi/Eh

[W`" fr

%'{RBNFJ

@4-BRa

:!&Eqw

CeA5`N

1}@_4[

b*kdvH

F|=El>

~"Ib:~

yesv^9l

wMUVk:

`Z-6Dk

UjD-V#

4qkUq\-v

L+%]=Rt

3=Au.c]]

/5o._Z

,ffYLW

H\P*}-

aF*/{nG~W

p%[PIu

aBR-,F>

Dd@N@f/

egCG's'

pD@T@8

ff7s)*=b

f(BQi)

]c#sIs

2'Q,Kiz

.~>kUp

T+7G}K]%H

=l/Sqw

lQl|BQ

;};o}G

U:\Qbe

8nL$2#

qDOvAy

v^.'s\

Q _3[6C

X=pU&\

0xGbIg

P3(~uw\~

T>B#V}

7"1kIrw

@o]kB$

+y,#.=

>-$N>dY

WYv*A^

m;JRmkzkWA

XeSq0A

BXfLXK4

@ELHKH

( ~H$G

SBzG!+%d

Pji $n

v]_t<.J

\O&6UT>gY

H,P;y/q7

U~M##>

6D+Z;K

!wwdxI

r,>gN'

:1B+ss

et%h1z

CcGYZ[

|0>}J8

rkI{L+z

_\b~3!l"

5@+(c'

D1 .ls

yQTnG@

AobeT@[

umIM]Cf

2z O]<pT0

L<m{QZ

s%#?zc

1CeN3d

*a<En"

,|(0c"

AJeA4}

00SMe]"

d<+MvZ

WYI*+9

]Ki;K8*J

W.W'=S

X-Sf)g

:]OnOM'U

IG~"&#O^

Zgr>>>

dzNN.sR

KHUkB*}A

ivKDfZ

c3}qzo^

4l[C;s

mbZfHp[Y

:+-"Ge

.ZMh@r

4|V^PO&/p

)_TIC(

6EW{wld/

6<.^6Xc

[Z58=1u

pCFd$k

CF)440

Pjlfrv:

{0xepE

GX=Pe{

Z(`70gg

1b5*;I

XD{5|}

r{[VI9s

ZY"TG

wEy!WDv?OQ

FAuITQ

tw0#PY

#*JMG)

6f`U3Pd

IF'Yfu

N0MN2;E,U

dp9J[eD

D9%nwT

xFc\R0k

de2E:d

_CorExeMain

mscoree.dll

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>

DigiCert Inc1

www.digicert.com1+0)

"DigiCert EV Code Signing CA (SHA2)0

180314000000Z

210218120000Z0

Delaware1

Private Organization1

51288621

California1

San Francisco1

Discord Inc.1

Discord Inc.0

_v<WBP

US-DELAWARE-51288620

1http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07

1http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0K

https://www.digicert.com/CPS0

http://ocsp.digicert.com0H

<http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0

DigiCert Inc1

www.digicert.com1+0)

"DigiCert High Assurance EV Root CA0

120418120000Z

270418120000Z0l1

DigiCert Inc1

www.digicert.com1+0)

"DigiCert EV Code Signing CA (SHA2)0

+.+1Xf

http://ocsp.digicert.com0I

=http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0

:http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0@

:http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0

.http://www.digicert.com/ssl-cps-repository.htm0

DigiCert Inc1

www.digicert.com1+0)

"DigiCert EV Code Signing CA (SHA2)

20200910175959Z

DigiCert Inc1

www.digicert.com1!0

DigiCert Assured ID CA-10

141022000000Z

241022000000Z0G1

DigiCert1%0#

DigiCert Timestamp Responder0

https://www.digicert.com/CPS0

2http://crl3.digicert.com/DigiCertAssuredIDCA-1.crl08

2http://crl4.digicert.com/DigiCertAssuredIDCA-1.crl0w

http://ocsp.digicert.com0A

5http://cacerts.digicert.com/DigiCertAssuredIDCA-1.crt0

iW!]4/q

DigiCert Inc1

www.digicert.com1$0"

DigiCert Assured ID Root CA0

061110000000Z

211110000000Z0b1

DigiCert Inc1

www.digicert.com1!0

DigiCert Assured ID CA-10

.http://www.digicert.com/ssl-cps-repository.htm0

http://ocsp.digicert.com0C

7http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0

4http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0:

4http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0

DigiCert Inc1

www.digicert.com1!0

DigiCert Assured ID CA-1

200910175959Z0#

.ClassLibrary1.dll

generation 0 checked {0} times

Wtiatfs

memory in heap {0}

heap have {0} generation

RENAULT

Qcfqdlhpjgh

Object car in {0} generation

Size of memeory in heap {0}

Transalator

CountReponse

size of heap {0}

start GC

GC worked

size of memeory {0}

Object car in {0} generation.

{0} with speed{1} km/h

VS_VERSION_INFO

VarFileInfo

Translation

StringFileInfo

000004b0

Comments

CompanyName

FileDescription

ClassLibrary

FileVersion

1.0.0.0

InternalName

ClassLibrary1.dll

LegalCopyright

2021

LegalTrademarks

OriginalFilename

ClassLibrary1.dll

ProductName

ClassLibrary

ProductVersion

1.0.0.0

Assembly Version

1.0.0.0

VS_VERSION_INFO

VarFileInfo

Translation

StringFileInfo

000004b0

Comments

Discord - https://discord.com/

CompanyName

Discord Inc.

FileDescription

Discord - https://discord.com/

FileVersion

0.0.52.0

InternalName

Yzfprb.exe

LegalCopyright

LegalTrademarks

OriginalFilename

Yzfprb.exe

ProductName

Discord - https://discord.com/

ProductVersion

0.0.52.0

Assembly Version

0.0.52.0

RAny use of this Certificate constitutes acceptance of the DigiCert CP/CPS and the Relying Party Agreement which limit liability and are incorporated herein by reference

Antivirus	Signature
Bkav	Clean
Elastic	Clean
MicroWorld-eScan	Clean
FireEye	Generic.mg.716e89179126809c
CAT-QuickHeal	Clean
Qihoo-360	Clean
McAfee	Artemis!716E89179126
Cylance	Unsafe
VIPRE	Clean
SUPERAntiSpyware	Clean
Sangfor	Clean
K7AntiVirus	Clean
Alibaba	Clean
K7GW	Clean
Cybereason	malicious.70a118
Arcabit	Clean
Baidu	Clean
Cyren	Clean
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Generik.FORMXHP
APEX	Malicious
Avast	FileRepMalware
ClamAV	Clean
Kaspersky	Clean
BitDefender	Clean
NANO-Antivirus	Clean
Paloalto	generic.ml
ViRobot	Clean
Tencent	Clean
Ad-Aware	Clean
TACHYON	Clean
Sophos	Clean
Comodo	Clean
F-Secure	Clean
DrWeb	Clean
Zillya	Clean
TrendMicro	Clean
McAfee-GW-Edition	Artemis!Trojan
CMC	Clean
Emsisoft	Clean
SentinelOne	Static AI - Suspicious PE
Jiangmin	Clean
Webroot	Clean
Avira	Clean
Antiy-AVL	Clean
Kingsoft	Clean
Gridinsoft	Clean
Microsoft	Trojan:Win32/Wacatac.B!ml
AegisLab	Clean
ZoneAlarm	Clean
GData	Clean
Cynet	Malicious (score: 100)
AhnLab-V3	Clean
Acronis	Clean
BitDefenderTheta	Gen:NN.ZemsilF.34684.nm1@ai8pWHj
ALYac	Clean
MAX	Clean
VBA32	Clean
Malwarebytes	Malware.AI.4276529596
Zoner	Clean
TrendMicro-HouseCall	Clean
Rising	Clean
Yandex	Clean
Ikarus	Trojan.MSIL.Inject
eGambit	Clean
Fortinet	Clean
AVG	FileRepMalware
Panda	Clean
CrowdStrike	win/malicious_confidence_90% (W)
MaxSecure	Trojan.Malware.300983.susgen

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports