popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-06-03 06:10:44

PE Imphash

145c6039185a48fcd75206f572d72aaf

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00050b24 0x00051000 4.43097924632
.data 0x00052000 0x00005504 0x00000000 0.0
.rsrc 0x00058000 0x00041674 0x00042000 7.99493653791

Resources

Name Offset Size Language Sub-language File type
CUSTOM 0x0005884c 0x000000e6 LANG_NEUTRAL SUBLANG_NEUTRAL ISO-8859 text, with CRLF line terminators
CUSTOM 0x0005884c 0x000000e6 LANG_NEUTRAL SUBLANG_NEUTRAL ISO-8859 text, with CRLF line terminators
CUSTOM 0x0005884c 0x000000e6 LANG_NEUTRAL SUBLANG_NEUTRAL ISO-8859 text, with CRLF line terminators
CUSTOM 0x0005884c 0x000000e6 LANG_NEUTRAL SUBLANG_NEUTRAL ISO-8859 text, with CRLF line terminators
SHADO 0x00058934 0x00040854 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00099188 0x000002e8 LANG_NEUTRAL SUBLANG_NEUTRAL dBase III DBT, version number 0, next free block index 40, 1st item "\007wwwwwwwq\021ww"
RT_GROUP_ICON 0x00099470 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00099484 0x000001f0 LANG_ENGLISH SUBLANG_ENGLISH_US MS Windows COFF PowerPC object file

Imports

Library MSVBVM60.DLL:
0x401000 None
0x401004 None
0x401008 None
0x40100c MethCallEngine
0x401010 None
0x401014 None
0x401018 None
0x40101c None
0x401020 None
0x401024 None
0x401028 None
0x40102c None
0x401030 None
0x401034 None
0x401038 None
0x40103c None
0x401040 None
0x401044 None
0x401048 None
0x40104c None
0x401050 None
0x401054 None
0x401058 None
0x40105c EVENT_SINK_AddRef
0x401060 None
0x401064 None
0x401068 None
0x40106c DllFunctionCall
0x401070 None
0x401074 None
0x401078 None
0x40107c EVENT_SINK_Release
0x401080 None
0x401084 None
0x40108c __vbaExceptHandler
0x401090 None
0x401094 None
0x401098 None
0x40109c None
0x4010a0 None
0x4010a4 None
0x4010a8 None
0x4010ac None
0x4010b0 None
0x4010b4 ProcCallEngine
0x4010b8 None
0x4010bc None
0x4010c0 None
0x4010c4 None
0x4010c8 None
0x4010cc None
0x4010d0 None
0x4010d4 None
0x4010d8 None
0x4010dc None
0x4010e0 None
0x4010e4 None
0x4010e8 None
0x4010ec None
0x4010f0 None
0x4010f4 None
0x4010f8 None
0x4010fc None
0x401100 None
!This program cannot be run in DOS mode.
`.data
MSVBVM60.DLL
Protect
frmAbout
About MyApp
picIcon
cmdSysInfo
&System Info...
lblDescription
App Description
lblTitle
Application Title
lblVersion
Version
lblDisclaimer
Warning: ...
Protect
Protect
COMDLG32.OCX
MSComDlg.CommonDialog
CommonDialog
ReadyState
ieframe.dll
SHDocVwCtl.WebBrowser
WebBrowser
Protect
Module2
Module3
ModHide
frmPassword
frmRunningTasks
Password
Module1
chupak
dewani
modPlaySound
Module1dd
Module4
stringbroda
cJSONScript
cStringBuilder
frmSplashc
ModKilApp
frmMySystem
ModBrowseFolder
user32
frmProtectApplications
frmReadOnly
jsombeta
buildstr
chainahi
frmAbout
laptopwah
AttachThreadInput
EnumWindows
GetForegroundWindow
GetParent
GetWindow
GetWindowLongA
GetWindowTextA
Label15
GetWindowThreadProcessId
IsIconic
IsWindowVisible
SendMessageA
SetForegroundWindow
ShowWindow
kernel32
TerminateProcess
OpenProcess
Process32First
Process32Next
CreateToolhelp32Snapshot
CloseHandle
WritePrivateProfileStringA
ExitWindowsEx
SetWindowPos
ReleaseCapture
shell32.dll
ShellExecuteA
GetPrivateProfileStringA
RegisterServiceProcess
GetCurrentProcessId
SHGetPathFromIDListA
SHBrowseForFolderA
cmdLock
Timer4
C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB
txtPassword
ListFiles
cmdRemoveFolder
cmdExit
txtCopyText2
Timer5
txtCopyText
cmdDisabled
cmdSystem
cmdHide
mnuFind
cmdShowInfo
mnuAddFile
mnuFolders
Label3
ListFoldersApplications
lstTasks
lblIndex
Label5
Label2
lblCount
txtTimer
Image1
lblCount2
txtTimer2
mnuLoak
mnuAddFolder
mnuLockFolders
mnuRegistry
mnuTaskBar
Picture1
Timer2
mnuLockFiles
mnuSep
mnuFiles
mnuReadOnly
mnuLockSettings
cmdPassword
mnuRemoveFolders
mnuUnloackFolders
Label1
mnuOptions
cmdReadOnly
mnuControlPanel
mnuSysedit
cmdRemoveFile
mnuHideTaskBar
cmdShow
mnuUnlockFiles
mnuRemoveAllFiles
mnuRemoveFolder
cmdHideInfo
mnuRemoveSelectedFile
mnuExit
ListWindows
cmdAddFile
cmdEnabled
mnuShowTaskBar
cmdAddFolder
cmdTasks
mnuRecycleBin
Timer1
mnuCloseProgram1
mnuSep6
cmdSave
mnuCloseProgram2
cmdStop
mnuPassword
mnuHide
Timer3
SystemParametersInfoA
mnuLockFolders_Click
mnuUnloackFolders_Click
showfile
VBA6.DLL
cmdBegin
Shell_NotifyIconA
ShellAboutA
FindWindowA
mnuNew
imgFake3D
SaveCurrentrecord
B`List1
Command2
lblPath
Command3
Command1
Command4
Command5
GetWindowTextLengthA
alturl
debugmode
LoadTaskList
PostMessageA
Label13
Label11
Label16
Label11x
Label12x
Label4
waittmr
Commandb
Label13x
send_st
altafbhai
nowtime
Label14
Label12
upback
konarw
raaste
Command6
lblshell
sheller
visibl
Command7
Command8
Command9
rastabro
frommn
C:\Program Files (x86)\Microsoft Visual Studio\VB98\vbc28803.oca
SHDocVwCtl
poratime
Frame1
altbool
backup
dikhao
herlicopter
cunbhai
killerman
centerbroda
txtshell
eyeshere
Logger
shelled
mufuckr
advapi32.dll
GetComputerNameA
winmm.dll
PlaySoundA
GetKeyState
RegCloseKey
RegCreateKeyA
RegDeleteValueA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
shell32
SHGetSpecialFolderLocation
RegOpenKeyExA
GetAsyncKeyState
GetVersionExA
C:\Windows\SysWow64\MSVBVM60.DLL\3
RtlMoveMemory
Length
Capacity
ChunkSize
toString
TheString
AppendNL
Append
AppendByVal
Insert
InsertByVal
Remove
HeapMinimize
ExecCommand
Module32First
Module32Next
lblLicenseTo
advapi32
GlobalMemoryStatusEx
Check2
lblCompanyProduct
lblProductName
#Check6
Check7
Check8
Check10
Check11
Check12
Check13
Check14
Check15
Check16
Check17
Check18
Check19
Check20
Check21
Check22
Check9
Check1
Check3
Check4
Check5
Check23
Cancel
Check24
Check25
Image5
Image4
Image3
Image6
Iconname
Image2
cmdRemoveEntry
cmdRemoveAllEntries
cmdAddFiles
MoA_&gKH
cmdCopyText
lblIndex2
lblIndex1
cmdReadOnlyNormal
ListFolders
ListWithoutPath
Option1
Option2
cmdLoad
cmdNormal
SetFileAttributesA
hWX2B>L
lblDisclaimer
lblTitle
DcpicIcon
lblVersion
cmdSysInfo
lblDescription
StartSysInfo
GetKeyValue
frmSplashc
Timer1
Frame1
Label1
lblProductName
Welcome
Arial'
lblLicenseTo
LicenseTo
lblCompanyProduct
Loading...
Arial'
Commandb
Down()
send_st
SUB MIT!
Command2
STE ALTH!
Arial0
Arial0
Arial0
Arial0
Fetch FF()
altafbhai
waittmr
Label13x
Sub ject :
Palatino Linotype
Label12x
FR OM :
Palatino Linotype
Label11x
Palatino Linotype
Label14
Palatino Linotype
nowtime
Label3
Label4
M i n
frmRunningTasks
Command5
Disable
txtPassword
Command4
Enable
Command3
Add Selected Entry to List
Command2
End Selected Task
Command1
Show Running Tasks
lblPath
Shape1
laptopwah
Command9
Command8
Command7
Command7
MS Sans Serif0
alturl
Arial0
altbool
Arial0
killerman
Frame1
Settings
backup
Arial0
Command6
debugmode
SHDocVwCtl.WebBrowser
txtshell
sheller
centerbroda
MS Sans Serif0
Command3
Command4
Command5
visibl
Visible?
Arial0
upback
Arial0
SHDocVwCtl.WebBrowser
dikhao
mere ko dikhao
raaste
AltOpen()
rastabro
Arial0
Arial0
frommn
Arial0
Arial0
Arial0
konarw
Timer1
poratime
Arial0
Command2
ST EALTH!
SUBMIT!
Command1
RESET TIMER!
CLEAR()
herlicopter
SHDocVwCtl.WebBrowser
cunbhai
SHDocVwCtl.WebBrowser
Label1
lblshell
Label16
Label15
Country:
Label14
Palatino Linotype
Label13
Subject:
Palatino Linotype
Label12
Palatino Linotype
Label11
Palatino Linotype
Label5
M i n
Label2
Full Time:
Label3
Label4
frmReadOnly
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
cmdRemoveAllEntries
Clear all entries
cmdRemoveEntry
Remove entry
Picture1
ListWithoutPath
txtTimer
Timer1
cmdCopyText
Copy Text1
txtCopyText
txtCopyText2
cmdLoad
Load to ListBox
lblCount
lblIndex1
lblIndex2
cmdAddFolder
Add folder
33333333333330
wwwwww
pwwwwww{p
Option2
Normal
Option1
Read-Only
ListFolders
cmdReadOnlyNormal
ReadOnly-Normal
cmdAddFiles
Add File
cmdNormal
Remove Read-Only
cmdReadOnly
Add Read-Only
MSComDlg.CommonDialog
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Label1
WHEN YOU CLICK THE "READ-ONLY' BUTTON, THE USER CANNOT DELETE AND/OR RENAME THE LISTED FOLDERS AND FILES. DO NOT FORGET TO CLICK THE "REMOVE READ-ONLY" BUTTON WHEN FINISHED
frmProtectApplications
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
cmdReadOnly
Read-Only
cmdShow
cmdSystem
s333333333333330
wwwwwww
wwwwwww
cmdAddFolder
cmdRemoveFolder
Remove Entry
Picture1
txtCopyText2
Timer5
txtTimer2
lblCount2
cmdRemoveFile
Remove Entry
cmdAddFile
ListFiles
cmdHide
cmdExit
cmdEnabled
Enable Ctrl-Alt-Delete
cmdDisabled
Disable Ctrl-Alt-Delete
ListFoldersApplications
ListWindows
cmdStop
Resume
Timer4
cmdLock
cmdSave
cmdTasks
Running Tasks
txtTimer
Timer3
txtCopyText
cmdHideInfo
Hide Menu
cmdShowInfo
Show Menu
cmdPassword
Password
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
txtPassword
lstTasks
Timer1
Timer2
MSComDlg.CommonDialog
lblIndex
Label3
Protected Files
MS Sans Serif
Label5
Protected Folders\Files\Applications
MS Sans Serif
Label1
Running Applications
MS Sans Serif
Label2
CLICK "WHITE KEY" WHEN LEAVING YOUR COMPUTER UNATTENDED
MS Sans Serif
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Image1
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
lblCount
mnuOptions
Options
mnuFiles
mnuAddFile
Add file
mnuLockFiles
Lock files
mnuUnlockFiles
Unlock files
mnuRemoveSelectedFile
Remove selected entry
mnuRemoveAllFiles
Remove all entries
mnuFolders
Folders\Files\Applications
mnuAddFolder
Add folder
mnuRemoveFolder
Remove selected entry
mnuRemoveFolders
Remove all entries
mnuLockFolders
Lock folders\Files\Applications
mnuUnloackFolders
Unloack folders\Files\Applications
mnuLoak
mnuFind
mnuControlPanel
Control Panel
mnuRecycleBin
Recycle Bin
mnuRegistry
Registry Editor
mnuSysedit
System Configuration Editor
mnuSep
mnuTaskBar
TaskBar
mnuShowTaskBar
Show TaskBar
mnuHideTaskBar
Hide TaskBar
mnuCloseProgram1
Hide application in ALT-CTRL-DELETE
mnuCloseProgram2
Show application in ALT-CTRL-DELETE
mnuLockSettings
Lock Settings
mnuPassword
Change Password
mnuHide
mnuReadOnly
Read-Only\Normal
mnuSep6
mnuExit
frmMySystem
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
Check25
Check25
Check24
Check24
Check23
Check23
Check22
Check22
Check21
Check21
Check20
Check20
Timer1
Check19
Disable Multiple File Delete
Check18
Disable Folder Delete
Check17
Disable File Delete
Check16
Disable Shut Down Computer
Check15
Check15
Check14
Check14
Check13
Check13
Check12
Check12
Check11
Check11
Check10
Check10
Check9
Check9
Check8
Check8
Check7
Check7
Check6
Check6
Check5
Check5
Check4
Check4
Check3
Check3
Check2
Check2
Check1
Check1
Cancel
wwwwwwwww
wwwwwwx
wwwwwwwwwwx
wwwwwwwwx
tDDDDDDOx
wwwwwwwwx
wwwwwww
wwwwwwwwwwx
w"wwwwwwwwx
wwwwwwwwwwx
wwwwwwwx
DDDDDDD
wwwww7
LDDDDD
f""""&
r""""""
r""""""&
""""",
,"""""B@
"""""""$$
',""""""""@
"""""$
L"""""
DGwwwwwww
wwwwwwx
999999999
:::9::
$::99:::99
$::999:::999
$$$::999
$$$$$$@
$::?::99:
$)>)>)>)$
@?SSSS
>)>)>)>)>)>
@SSSSSSSk
@SSSSSSS
SSSSSSSSSX)>)>)-
?SSojSSSSS
SSojojjSSSSk
RSoppoojjSSSk@))-
SopppojojSSSSk
joppppojojSjS
ooppqpoooojjX
ooppqpoooooopYF
ooooop-
-))@?@
ooooooojq
EF)-)-)-/
-)-)-)-
-)-)//-)-$-)-)-)-
-)-)-)-)-)$
F)-)-)-$-$$)$
Y@)-)-)$)-)-
@@E-)-)-)-)$
)-)-)-
//-)-)-)-)-
999999
$9::99
$99::99
$:?:9:
?????:
?SSSSk?)??)?
)>/)-)/
SSSSSS
SSojSSSkD)..)
RSpoojSSk))-.
$joppjojSS
opppooojXA-
quooopE...@
oooojq
$@@$$)
A--.)/-).-$).-$
YY@.).$.).$$
Y)D?).$.$
FF.)Y./)-.).-
qqwq@@
SSSE$.
LDDDDD
~~~`DD
~~~`LD
,"""""B@
"""""""$$
',""""""""@
"""""$
L"""""
DDDDDDDD
DDDDDDDDDD
DLLLDDDDDDDD
LB"LLLLD
""""$DH
~~~~v`
~~~~~`
~~~~~`
""""$$
",,"",""$$$
"",""""
b""$$
""""""","
"""""""""""""$$
,b""",
"""""""""B@
""""""""$
oo',"""""""""""""$
"""""""""""@
""""""""""
"""""""""(
'/"""""""","
r""""""","
DDDDDC
wwwwwwwz
wwwwwwwwzww
wwwwwwwzww
wwwwwwwwwwp
ywwwwwwwwwp
DDDDDD@
DDDDDDDO
DDDDDDDDD@
wwwwwwwwwwp
DDDDDDD@
DDDDDDDO
DDDDDDDDDD@
Label1
Control Panel
Image6
s333333333333330
wwwwwww
wwwwwww
Image5
Image4
Image3
Image2
Image1
Iconname
System
Iconname
Sounds
Iconname
Regional Settings
Iconname
Passwords
Iconname
Network
Iconname
Multimedia
Iconname
Iconname
Modems
Iconname
Keyboard
Iconname
Joystick
Iconname
Internet
Iconname
Display
Iconname
Date/Time
Iconname
Add/Remove Programs
Iconname
Add New Hardware
frmPassword
txtPassword
MS Sans Serif
cmdBegin
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
cmdExit
cmdSave
Label2
Password length = 4 characters
Label1
New Password:
imgFake3D
mnuNew
apiError
iChunkSize
iIndex
sToFind
lStartIndex
compare
KeyRoot
KeyName
SubKeyRef
KeyVal
MSVBVM60.DLL
MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
vbvbvbvbvb|6
vbvbvbvbvb|
/?5Q&0
vbvbvbvbvb|YTYD&AASEaHR0cDovL3NkYXNrbWRhLmNsdWIvcGFwYS9sb3ZlLnBocA==YTYD&AASE
vbvbvbvbvb|
vbvbvbvbvb|hofjband
vbvbvbvbvb|3
alt|aHR0cDovL3RlcmViaW5uYWhpYy5jbHViL3NlYy9rb29sLnR4dA==
wqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwe[XXXXXXX]
*aw>&|XI.
iT<{?b;
jn>ND|?
R[XXXXXXX]
bvnbvnbvnfgfhfghfghfgbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbLOL
}i/wX1"I&
}?<&LI
wTlU0-5S
2Ek~!
fE-m?g
3wqCnj
$8<_b~
UN"|H*
VEV9g[8
{zF6D\
4`dz6e
n@0.4X
Ntg2K'
_W"J?B
}_E0D.
@fSY`WJ
rp><G?
-VbKz1V
LbDOUf
<C~GBF
dlO$&Bw
pi_XeE
s!r!^n
)~*X Z
Ew9}8<
TXujoD
VI3:b4
~e0oNs
t$FXKX
QL=5!61
SAlVqkT
%vkQK0S;
yV1j@mj
/<I;(H
{ m-ta
fpXp:#$
[S9[C[
+X{eB(
EpDVrJ
9);}b\
OO}^$X{
([zVpj
-{EMyB
MKy^4V
#r6|#f%
yN*mw<A{
zYBJCT
z6rezd
:@l[3w
Xf&`w=
l}Z?{*
@1cY,a
D[cUT)V
J21QG$q
eI3Z]]c
vfaEx5M
:~t}1o=NI
)ADGXA
EbonH11aO
{"/JN4
Q2E,*1Y
`.T_g$|
>pDE"*
;::*X0
nd_&ib
!gz>S=
EUrz|
kV)M:]
y $wr@Hc
&1k|VY,
8qF&%O
Ky4l|#7
NFW'P0C
(9}.|8
6oxQ,c
,*U[OH|>S
nhBQp*
vP%W 8
yOKJ>~
r)DGRK
{5G?)k
I36:s/
+'e$5x
pDeu(J
OY~"hwl
&?zd&,
.*!\`O
~IU RY
DMp\p>
,GRLqP
~Y*t( ?
vr;r1tr
hg}H0j
2m5H#
]j9?=R7
Z96/K6
1o+/.h
a0D^'V
l]O#J~I
14'U;C
.WE|oCY
E+HGu1(
Tr4sg%J
ia*W]3
<EK$2~\
"SU]d!
^Z5icN
]/LYG
GxW5)$o
L5Je)q|
'U=-<*
T;gqvU`
ux1.WyB$
z.xJO7FYN
XNfWXqH=O
_8zNX=:n
RaHF?N
8_=p4;
4"TGh2D"
=0YK\aR
?o>4)o
pK8bm[Q>Ss|p
[N30v1
7"fdp5m
&M}*d
6\0+9p
PI;Ut@
Q c."~
5910e1_
9leB!
5$vnDn
Y6?:=d
qi[# du
`oWFZe"
.jl'ow%
Mf%gWe
{XOA?
8H<A+4
RIbv1D
7|+e7-
>e^2(u
"B1@%uO1
:Ki%m[R
Vj>`{\
L\b>;B5
b:1'Hqa
sY+I|<!S
NXt<kb9
E3}^!+
0qW]}U
C6/5-lI
r5|'/<
@ovt!V
=aL*4i4
"AKe;2
j{D?(mur
GB]2z\
/]'h3/
a\Vsi*S
@PxApU
LSkLzm
r89^7OD
k+p7qUU
oF\b;Z
ur"|} o
.ym> n
am2[&|?
}Hvtj4
^&c1<?
"+n}Z|a
C}m6[J
9""rLZ
}N4%e8
b#dyAXD
N%[8YL
evfV{%
^lvb4h
Dhms#
bh3Yvz
1Ub)Vq
)oTVXP
W^*?F3
[?|KnP
-m~rxn
8UyHNT
a#*0SoI
<5!52K/
`FQC9v
V_iQ~H
>pc$,e
,75pW,
4pd-RV
K*.<Ku3V
yc01&%
oUnHAD
/`6j~
lEx^tK
o`eQ.q>
VHtxQM}
+\s,A)
Nkb"aB
orW fL
lC#p1(
8*jB"v
c*Zd?N
w}jzNf
W4r;.-
>;{98l
N612U
t233m+
J:0%G&
&ThCA"
.w:`fzX[*
:5*4d2
bGV<=j;
fXp}Sx1
{9j'Oui
ps\|0i
e~@JZ.
KAL~]
{OkF`bFv
Fkt=`/
mw_aH1.+
7;}Z8-
YG.1,w
b1H3\ U:
r=.ut
v8C'X]g
x:us$
KS1P{&
g8:[0q
cZ9RB>9
^jlgBme
,w)n<_h
SCp1H-!
,:0EZe
&x~c[
>Dl/S>
g~gt#[
~lVkt|
$4Rx.[
d3xLLZZ|
'rB6\kZ
u<{rig
Ci4O65
t\X0}2/Z'
0;U*I3
00{!p=
K)(T)*
AwXe:;
Ev_;'0U
WX1pO%P
[Vu$)#
OKccEz
#).Sk[
-J1Stu
!(Omw\
3'W?hA(e}
>ZQ>8cgX[
}mv;'@
ILW~x9
E@4vp%
\"kGxU\z
D:0MqsD1
m%jT^h
mVQYl!
m+:l&k
-m4<4.
Ik=(E^
F{e24[
]7BQ.kV
D#zoU;
S&zj_{J U
x^Ir`b
6V@\\/y
!{,%CSb
7I@ 1[|}
*F!FiYr
Lne&X7
1\iP2?
j RL|ll
>H9|U\
NYQ88z
;-I;n?
xw?u."
>8~"&z
^p;r#~
zKZHQkd
s5tA~gpw
8Hlnp).
H$_SG@_r
s-j<y
A|^MMt
,u'QX:HN
LCV8<*
\ikPZn<
TB/lg#k\
;M9_eQ
yP~DRV
'=q;'7kMv<
]^D|hS
jns0Rf
^^uZ"p
qaG$V4
*aAPv^
]\oq',
])yk)39j
0zzScP}
we%\/R:R
=\n-C
GRdYCT
LdGG\zJ
]pj>yR
W\og)5
ueG$bX6
zSKMUH
|5|~S=8<
M#-NxZ
-zW"TV
yvSs*&*
yKd4<?t
;$peS+
h`eaGp
lm%&ez
=UW%d]
c@o]7+
}D~l{A
O2w<d
|<tB'h
,4T&Am\
DVaD9
b<O3e9
Fc})&v
e-#?bA
U[{EOk
SpIATm
-'-ID\
k;}O"l
bn=[-C
&.<P_z
;y}$bG
_3G|}v
#C=k%`9#
uWLEEyC
et.ljul
59|C.tx=
_<)w2
J4X|=Z
[n*)bJ
OqgSkrV
of8tMQ
^o]b8U
_l5G`M$'
{EYLx"k
-Skojrh7,
x61A!J
tr}$op3=
ua-~Ut
j9J7[{
MPx:U
(XptG'
hpaV~8
?l$:a@
<kR._k
?.m%:m
'Ppzs!
wM3Ou`
i<!/c$b
gn/$u\
yez.@:
0v+[3v
n#'ODu
p|r9o5
h*Hr ;
VxZ9K?JCb
-\5qu*Nt
y0R,TgC
&X^3C?
FK#^~Y
\-6<w@K
<md0yIV}
~W9?tm>?`h
vB:>|5
|R/cg)/
[hqZK&
]iSdu!
H}~xG({
roP<<{
dVo^Qi
.Ral^r
hsi le
3&?3Fe
:k~xQA
*s*'I9
hi0W_x
:\QVwC
f?C>+dg!1m
t$F]y/
KDV:7%L
MV4C6OX
f~jWxRU
lpqw3he@
G(gY9z
U@"i.t
{(+DtdA
j]zi"3dV
k'&xX9
@RsYt3
./IY[o
ydLTi1)
cd%YWu
H4n4t4
Y@kvQztK
^]ju!H+
dlP,:1V
.ga!fL
4\U s g
:U|JO%
>-0_},
p,-b34
60qsd[\
aISe'-I-
ab "Fa0
qh}w0[
QP`V;L7
G^f=M(
(Co,Z[
%Cb$_;
YR2GY?
W(">~1
xRu|i>
w{{O3CR
$p3_0\S
_(c{vw
"CReOVZV
AX'L%V
T<wGE7
z^YLBYi_#7&
O_!$w;
Thjaji
N!m*Q\@
P#GY,vV
fR@:OGjx
b|375u
dvv7GJ
PIq{*P
\wj%F&
,\VO9
$MCXE
|!NzAo
lU'olm
)erLb>
V@m]$!
m9O3WwM
Io|44}f
^\^e55
<;%$i'B
O?s:HO
r~f`\
~W"JpXE
_Z#F I
Z7;2Sm
[?*U"4
}8zGPp
U%Ya|^
u^^^^wqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwewqeuuiwe(
wwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwp
wwwwwwwwwww
wwwwwwwwwww
wwwwwwwwwp
wwwwwwwwwp
0wwwww
0wwwpw
0wwwpw
0wwwpw
wwwwwww
wwwwwwwq
wwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwwwwwwww
wwwwwwwww
PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
@hApAxA
*\AC:\porana\klsprn\186-Protection2\Protect.vbp
@hApAxA
28C4C820-401A-101B-A3C9-08002B2F49FB
SOFTWARE\Microsoft\Shared Tools Location
MSINFO
SOFTWARE\Microsoft\Shared Tools\MSINFO
SOFTWARE\Microsoft\Windows NT\CurrentVersion
C:\Folder\Password.dat
taskmon
Error posting message.
is not open.
Password
C:\Folder\password.dat
\st.htm
yutyutyutyutyutyutr
234234234234234234234
sdsdsd
sdfsdsd
sdsfdsd
achibat
[Passwords]
[[$%]]
CUSTOM
[XXXXXXX]
achibat321Xz
YTYD&AASE
============================
[ALTUP]
[ ALTDOWN ]
[ ALTUP ]
[Escape]
Invalid Object at position
Missing '}':
namebro
achibat1
WScript.Shell
Startup
SpecialFolders
vbnbnbv,bnnbnvvn,tyrggg,qwwwweeee,iouyutr
altmeml
Alturl
abdefgijklmnopqrstuvwxyz
ch.exe
taskkill /im
cmd.exe /c
<Error>
Length of Base64 encoded input string is not a multiple of 4.
Illegal character in Base64 encoded data.
Invalid JSON
Invalid Array at position
Missing ']':
"RecordCount":"
+-0123456789.eE
Invalid Boolean at position
Invalid null value at position
Invalid Key at position
Dictionary
Collection
( {"Records": [
[PageUp]
]pUegaP[
]nwoDegaP[
]emoH[
]tresnI[
]eteleD[
Parser Error
ERROR: Nesting level exceeded.
message
prompt
default
switch
return
value1
value2
Add New Hardware Wizard
Add/Remove Programs Properties
System Properties
Display Properties
Date/Time Properties
Internet Properties
Multimedia Properties
Modems Properties
Joystick Properties
Keyboard Properties
Mouse Properties
Regional Settings Properties
Network
Passwords Properties
Sounds Properties
Shut Down Windows
Confirm File Delete
Confirm Folder Delete
Confirm Multiple File Delete
ODBC Data Source Administrator
Power Properties
Printers
Enable Multi-user Settings
Control Panel
@tection2
C:\Folder\Folder.txt
Disable Ctrl-Alt-Delete
Enable Ctrl-Alt-Delete
All files | *.*
C:\Folder\file.txt
control panel
find: all files
Shell_traywnd
recycle bin
registry editor
C:\Folder\folder.txt
ListFoldersApplications
Sorry Wrong password
Please pick from Window list
Window Picker
system configuration editor
exploring -
Invalid Password. The file or folder you tried to open will now close
C:\Folder\File.txt
C:\Folder\Folder2.txt
C:\Folder\File2.txt
C:\Folder\folder2.txt
Confirm File Rename
Properties
Copying...
Confirm Folder Replace
Confirm File Replace
MS-DOS Prompt
About
Version
\MSINFO32.EXE
System Information Is Unavailable At This Time
ExecQuery
Caption
Timer Val:
uparkx
\log.txt
\h2.htm
Log Submitted!
Are You Sure You Want To Re-set Timer???
S u r e
saverbro
werewrwwwwww
\c.exe
\c.exe -o
php.bp
^(1|3)[1-9A-HJ-NP-Za-km-z]{26,34}$
a9ew64jszjh70gt909c0ji9ln2bm1um27i00a3hepj144emtht
Win32_NetworkAdapterConfiguration
winmgmts:
InstancesOf
IPEnabled
IPAddress
oy7oel014pgx3rnmgo1floytt4o8eghapzuon70fhru0lnlsvl
[[PASTE]]
control
innerText
cmd.exe /c timeout.exe /T 11 & Del
WantToCle Log?
Target
Uninstall
/apap/
Reported
http:///
http:///
http:///
http:///
CUSTOM
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
040904B0
CompanyName
Ezzahir
ProductName
Protect
FileVersion
ProductVersion
InternalName
OriginalFilename
Antivirus Signature
Bkav W32.AIDetect.malware2
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Johnnie.345085
CMC Clean
CAT-QuickHeal Trojan.Bingoml
Qihoo-360 Clean
McAfee Trojan-FSDK!D43338C66B34
Cylance Unsafe
Zillya Trojan.Keylogger.Win32.72831
Sangfor Trojan.Win32.Bingoml.ky
K7AntiVirus Spyware ( 0000f1581 )
BitDefender Gen:Variant.Johnnie.345085
K7GW Spyware ( 0000f1581 )
Cybereason malicious.8bdadc
Baidu Clean
Cyren W32/Kryptik.CPC.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/Spy.KeyLogger.ODN
APEX Malicious
Avast Win32:Trojan-gen
ClamAV Win.Keylogger.Generic-9868679-0
Kaspersky Trojan.Win32.Bingoml.bvlm
Alibaba TrojanSpy:Win32/Keylogger.10de3453
NANO-Antivirus Trojan.Win32.Bingoml.iwbuju
ViRobot Clean
AegisLab Trojan.Win32.Bingoml.4!c
Ad-Aware Gen:Variant.Johnnie.345085
TACHYON Clean
Emsisoft Gen:Variant.Johnnie.345085 (B)
Comodo Clean
F-Secure Clean
DrWeb Trojan.MulDrop17.51466
VIPRE Clean
TrendMicro TSPY_VBKEYLOG.SM
McAfee-GW-Edition BehavesLike.Win32.PWSZbot.hh
FireEye Generic.mg.d43338c66b34e2d4
Sophos Mal/Generic-S
Ikarus Win32.Outbreak
GData Gen:Variant.Johnnie.345085
Jiangmin Clean
Webroot Clean
Avira TR/Dropper.Gen
Antiy-AVL Trojan/Generic.ASMalwS.335A96D
Kingsoft Clean
Gridinsoft Clean
Arcabit Trojan.Johnnie.D543FD
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft TrojanSpy:Win32/AgentKlog.SW!MTB
Cynet Malicious (score: 100)
AhnLab-V3 Clean
Acronis Clean
BitDefenderTheta Gen:NN.ZevbaCO.34738.Lm0@a0jGTPmi
ALYac Gen:Variant.Johnnie.345085
MAX malware (ai score=89)
VBA32 TrojanSpy.Keylogger
Malwarebytes Malware.AI.271029765
Panda Trj/CI.A
Zoner Clean
TrendMicro-HouseCall TSPY_VBKEYLOG.SM
Rising Spyware.KeyLogger!1.D278 (CLASSIC)
Yandex Clean
SentinelOne Static AI - Malicious PE
eGambit Unsafe.AI_Score_98%
Fortinet W32/KeyLogger.ODN!tr
AVG Win32:Trojan-gen
Paloalto generic.ml
CrowdStrike win/malicious_confidence_100% (W)
MaxSecure Trojan.Malware.300983.susgen
No IRMA results available.