popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2021-09-24 22:29:30

PDB Path

C:\Users\Administrator\Desktop\40eGtUYe2LW47DV.pdb

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x001cf55c 0x001cf600 5.99913223526
.rsrc 0x001d2000 0x0000aaa8 0x0000ac00 7.92293196411
.reloc 0x001de000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x001d2130 0x0000a46f LANG_NEUTRAL SUBLANG_NEUTRAL PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
RT_GROUP_ICON 0x001dc5a0 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x001dc5b4 0x00000340 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x001dc8f4 0x000001b4 LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain
!This program cannot be run in DOS mode.
`.rsrc
@.reloc
Qx?Z}b
"33s?(
Qx?Z}b
"33s?Z}b
Qx?Z}b
p}?Z}b
"fff?}N
l#ffffff
#<ZX}b
#<ZX}c
p}?Z}b
"333?Z
"333?}
k"fff?Zi
Qx?Z}b
MbP?X(i
MbP?X(i
MbP?X(i
MbP?X(i
MbP?X(i
l#ffffff
l#ffffff
@@ZXV
l#ffffff
@@ZXV E
l#333333
?ZiXT &
?ZiXT
l#ffffff
l#333333
?ZiYT $
l#ffffff
l#ffffff
l#333333
l#333333
p}?Z}b
p}?Z}b
p}?Z}b
"fff?Z}
"fff?Z}
l#ffffff
"333?}
L>ZY}b
L>ZX}b
L=ZY}c
L=ZY}c
L=ZY}c
@?ZX}b
@?ZY}b
@?ZX}c
@?ZY}c
afeffeefefef
Xfeffeefefefa
afefeffefefea
afeffefefeef
Xffeeffeefefa
Yfeffeefefef
& ~3
~7 X
Yfefefeffeefhah
afeffefefehah
Yffeefefeffea
`ffeefefeffe_:"
tm,fa
Yffeefeffeefa
Xl#ffffff
"fff?}
"fff?}
"33s?}
"fff?}
"33s?}
"33s?}
"fff?}
"33s?Z}b
[l#333333
[l#333333
0@ZBIL
Qx?Z}b
L>ZY}c
0@Z=>6
[kYY(g
"fff?ZY}b
l#ffffff
kekZ}b
AZXV d
"33s?Z}b
L>ZY}b
"33s?Z}c
Qx?Z}c
"33s?Z}b
AZXV e
"33s?Z}c
"fff?ZX}b
[kYY(g
>ZXX}b
"333?}
"333?}
"333?}
"fff?}
"fff?}
"33s?}
"fff?}
l#333333
l#333333
l#ffffff
l#333333
l#333333
l#333333
zt?4/
[lZY#fffff&U@
l#ffffff
l#333333
?XkYZ}
l#333333
@@ZX}b
l#ffffff
l#333333
>Z"333?X
>Z"333?X"
~fefeffeef
9fefefeffe
feffeeffefe
afeffeefef
fefefeffefe
Bffeefeffeef
Bfeffeefef
feffefefe
afefeffeef
~ffeeffefe
feffefefeef
feffefefea(d
mfefefeffeYa*
`ffefeeffeY
VffeeffefeefXa*
feffefefeY
ffeeffefea
fefeffefefe(m
l#333333
L=ZX}f
L=ZXV
L=ZXV
L=ZXV
L=ZXV
l#333333
l#333333
#<ZXV
#333333
#333333
#333333
#333333
#333333
#333333
#333333
#333333
L=ZXV
L=ZXV
L=ZXV
l#333333
l#333333
l#333333
l#333333
l#333333
l#ffffff
Mb`?ZioO
Zl#a2U0*
Zl#a2U0*
l#a2U0*
Mb`?Zi
l#333333
l#ffffff
MbP?Zi
@H&?Zi
@H&?Zi
MbP?Zi
Mb`?Zi
zt?ZioO
l#ffffff
6:?Z[k
6J?Z[k
L=ZXV
L=ZXV
@@[ioO
L=ZXV
L=ZXV
l#333333
l#333333
l#333333
l#333333
L=ZXV
L=ZXV
L=ZXV j
L=ZXV
L=ZXV
L=ZXV
L=ZXV
L=ZXV
L=ZXV
L=ZXV
L=ZXV s
L=ZXV |
L=ZXV v
L=ZXV
L=ZXV y
L=ZXV
L=ZXV
L=ZXV p
L=ZXV
L=ZXV
L=ZXV
L=ZXV
L=ZXV
L=ZXV
L=ZXV
L=ZXV
L=ZXV m
v4.0.30319
#Strings
%:&[&p&{&
','<'P'^'
(>(H(Z(e(u(|(
)()3)])
*2*A*N*Z*a*u*
-'-/-S-w-
5!6B6c6l6t6
7P7\7l7|7
<T=j=q=P
LocalBuild.exe
System
Object
IntPtr
Thread
System.Threading
DebuggerHiddenAttribute
System.Diagnostics
NotSupportedException
String
ValueType
EventArgs
System.IO
IDisposable
Assembly
System.Reflection
Activator
Convert
EventHandler
Single
Random
DateTime
AsyncCallback
Stream
IAsyncResult
Exception
Console
WaitCallback
ThreadPool
StreamWriter
StreamReader
Encoding
System.Text
BitConverter
Dictionary`2
System.Collections.Generic
FileStream
TextWriter
TextReader
Environment
SpecialFolder
Monitor
ResourceManager
System.Resources
CultureInfo
System.Globalization
RuntimeTypeHandle
DebuggerNonUserCodeAttribute
Boolean
CryptoStream
System.Security.Cryptography
RijndaelManaged
UnicodeEncoding
FileMode
SymmetricAlgorithm
ICryptoTransform
CryptoStreamMode
BinaryReader
BinaryWriter
Directory
DirectoryInfo
ArrayList
System.Collections
Double
IEnumerator
StackFrame
StackTrace
MethodBase
MemberInfo
RuntimeMethodHandle
StringBuilder
AssemblyName
EndOfStreamException
ArgumentOutOfRangeException
Buffer
FileInfo
ReflectionTypeLoadException
FileSystemInfo
RuntimeHelpers
System.Runtime.CompilerServices
RuntimeFieldHandle
ThreadStaticAttribute
ConsoleColor
FileAttributes
IEquatable`1
IFormatProvider
List`1
IEnumerable`1
DebuggerBrowsableAttribute
DebuggerBrowsableState
STAThreadAttribute
CompilerGeneratedAttribute
SuppressIldasmAttribute
AssemblyCopyrightAttribute
AssemblyConfigurationAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
AssemblyCompanyAttribute
GuidAttribute
System.Runtime.InteropServices
AssemblyTrademarkAttribute
AssemblyProductAttribute
AssemblyFileVersionAttribute
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
AssemblyTitleAttribute
AssemblyDescriptionAttribute
ComVisibleAttribute
DebuggableAttribute
Hashtable
Process
IContainer
System.ComponentModel
IPAddress
System.Net
TcpListener
System.Net.Sockets
TcpClient
NetworkStream
Socket
EndPoint
SocketException
IPHostEntry
AddressFamily
GeneratedCodeAttribute
System.CodeDom.Compiler
System.Text.RegularExpressions
HttpWebRequest
WebResponse
WebRequest
MatchCollection
GroupCollection
Capture
WebException
RegexOptions
Stopwatch
HttpWebResponse
ApplicationSettingsBase
System.Configuration
SettingsBase
System.Drawing
Bitmap
System.Windows.Forms
TextBox
Button
Control
ControlCollection
TextBoxBase
ButtonBase
ScrollBars
ContainerControl
AutoScaleMode
Application
Strings
Microsoft.VisualBasic
<Module>
SEPTimegetDomainIdentity
setPersistCountersignature
IsStoppedIIDICMS
IsReadOnlyAttributeService
IClrStrongNameIUnknownSafeHandle
DeserializeMethodResponseNumPad
getLocalTypegetIsAppEarlierThanSilverlight
FSourceMuiResourceMapResourceTypeIdString
HasRelatedActivityIDFileMuiMapping
getIsAutoLayoutHebrewCalendar
IProgIdRedirectionEntryOverideEventProvider
LeaseTimeTaiwanCalendar
TotalSecondsProcArch
FloatFullTrustAll
GetConstructorTokenInternalEncoderBestFitFallback
getUserLocked
FindGoodRandWikiPage.Properties
Plugin
Terraria
DeclaredMembersGetLineNumber
HaveDaysetContentType
setOrderDuplicate
LdargSRsaFull
getControlAppDomainSetEnableAllKeywords
UndockAssemblyReferenceDependentAssemblyCodebase
ProtectedCreateEphemeralKey
IsOptionalIsSignature
getDemandedgetRuleSet
NextSpinWillYieldTotalMinutes
getControlPrincipalLifetimeEntry
ContinuationTaskFromResultTaskRootHidden
stateEmptySet
ReferenceIdentityIChannelSinkBase
WindowWidthgetParamValues
ResolveMethodHandlesetName
SetUnderlyingWriterIsNull
IsSuffixGetTypes
PolicyLevelTypeState
InitobjgetExitCode
FromDaysCultureName
DependencyAttributeTypeAttributes
TypeRequiresRegistrationEventArgs
InvalidCultureNameAssemblyReferenceDependentAssemblyGroup
GetNextArgTypeNoMangle
HaveTimeResourceManagerCultureNotFoundInConfigFile
getAddressFieldAllCritical
BackgroundColorSEPAm
ConstructionExceptionEVENTFILTERDESCRIPTOR
StackFrameCurrentUICulture
IsValidTextCustomAttributeEncoding
CreatePageFilegetParameterType
ExtensibleClassFactorycapacity
QualifiedAceIsValidTargetType
GetFuncCustDataSystemException
AccountControllersSidITuple
MethodBodysetMonthGenitiveNames
GetappendNewLine
AllDirectoriesMonthDatesep
getExceptionHandlingClausesVTCLSID
TypeRepresentsComTypeClone
MetadataSectionDescriptionDataTaskCreationOptions
LoadFromIMetadataSectionEntry
MethodReturnMessageWrapperNoCustomMarshal
EnumObjectParamgetEncoding
AtRequiredAccessDeniedCallbackObject
TRACEPROVIDERINSTANCEINFOAudit
BackgroundBluesetInitLocals
opDecrementMemoryStream
CurrentLeaseTimeITuple
GetTimeSpangetSecond
DisablePrivateReflectionAttributeAppContextDefaultValues
ReadOnlyPermissionSetHeaderVersionNumber
AsUnknownCompare
NestedAssemblyResolveFieldHandle
ServerWellKnownEntryGetAwaiter
GREGORIANXLITENGLISHLdtoken
MSILISecurityElementFactory
GetContainingTypeLibUrtSystem
value__
UtcDateTimeMissingMemberException
SetAccessRuleProtectionGlobalizationAssembly
FreeDependentAssembly
StaticIndexRangePartitionForArrayMultiply
CompatibleImplMergeLogic
NullableComparerLongTimePattern
GetExceptionPointersCodePageDataFileHeader
MinutesDiscardableAttribute
CreateFixedDateRuleClientAsyncReplyTerminatorSink
QuotaHashElementEntry
BuiltInPermissionIndexgetBaseUtcOffset
StringToCoTaskMemUniActivatedServiceTypeEntry
AccessAllowedCallbackObjectCOMServerHostFile
UnionTargetType
InProcessHandlergetLocation
WindowClassEntryFieldIdResourceTypeResourcesDependency
RegisterWellKnownClientTypeIetfLanguageTag
MakeGenericTypeInlineTok
TILE_CHANGE
PLAYER_COMMAND
PLAYER_CHAT
SERVER_UPDATE
PLAYER_JOIN
NPC_SPAWN
PLAYER_SPAWN
ITEM_SPAWN
PLAYER_HURT
PLAYER_DEATH
getContentTypeMbcsJson
AlgorithmIdBrowserHome
IsCompatibilitySwitchSetExactPropertyBinding
ResourceLocationWaitAll
EnableJITcompileTrackingHasExtension
TokenMandatoryPolicymretVal
GetHostEnumeratorSetRaiseMethod
CompatibleFrameworksMetadataEntrysetSponsorshipTimeout
MAJORVERSIONNetwork
IsLoggingIEnumConnectionPoints
getSkipVerificationVolatileRead
TotalDaysAlloc
CriticalgetTimeSeparator
IVGetSwitch
MuiResourceMapResourceTypeIdIntSometimes
FindReferenceInContextGetCheckSum
GetClassIDTaskWaitContinuationStarted
IsCallbackGetLastWriteEventError
AccessDeniedObjectIsInputRedirected
ModuleBuilderCOREDIRECTORYNOTFOUND
DefaultValuesetAssertion
CreationTimeArgArrayPlusOffTooSmall
NullAuthorityResolvePolicy
GetTagsetUrl
getThreadingModelPrograms
getDeploymentProviderCodebaseAssemblyMetadataAttribute
KeyCollectionRegistryAuditRule
UIPermissionWindowPadLeft
SerializationFormatterSoapAttributeType
IIDENTITYAUTHORITYDEFINITIONIDENTITYTOTEXTFLAGCANONICALgetCounterSection
lptcompObjectDisposedException
IsRunningSoapEntities
pluginName
pluginDescription
pluginAuthor
pluginVersion
ParserCgtUn
cxLoPANk5mzqIRHc9fk+785ARUs
.cctor
AssemblyFlagsAttributeDoubleToIntBits
BinaryReadAsync
IsRemotelyActivatedClientTypeEndBuffered
getCopyrightLSAREFERENCEDDOMAINLIST
getIsByRefPtrToStringAnsi
GetNamedPermissionSetCompoundAce
FromCanceledSECURITYLOGONSESSIONDATA
GetMemberRefPropsObjectAceFlags
Dispose
XConstantsGetHashCode
CreatePermissionSetAsyncWaitHandle
CountedUtfXmlGenericAcl
getWriteTimeoutInvalidOperationRegRemoveSubKey
XmlElementNameXmlNamespace
DownArrowZ
DateTimeTypeInfoINVOCATIONFLAGSCONTAINSSTACKPOINTERS
NotSupportedExceptionCurrentPrincipal
getSkipVerificationInFullTrustOffline
setKeywordsMoreData
InteractiveGetFilter
DataCollectionStopgetDocumentType
ComparisonComparerISymbolReader
getConfigurationFileUseLeapYearMonth
OSXAddressKind
setCalendarPrivateProcessMessage
OwnerThreadIDParamTypes
PathNotFoundmname
ObjectEndCOREIO
LeftArrowIAsyncCausalityTracerStatics
SetSecurityDescriptorBinaryFormGREGORIANUS
IEnumerableVTDISPATCH
GetConsoleFallbackUICulturegetIsNetFxLegacyManagedDeflateStream
EnumAssembliesStartOffset
RemoveOnLogSwitchLevelGetRuntimeMethod
SetMethodBodyMinutes
JustificationGetDeploymentManifestBytes
ForegroundRedRegisterObjectCreationCallback
SingleProducerSingleConsumerQueueGetDateTimeArray
STOREASSEMBLYIsNullOrWhiteSpace
ArgumentNullRuntimeHelpers
TryGetTargetgetRemotingConfiguration
HostEvidenceSafeTopLevelWindows
getCancellationTokenSoapAnyUri
BgtUnGetEncodings
ClassesRootPreAllocatedOverlapped
FindEnumerableElementTypeSDQ
ImpersonateAssert
AddKeywordWhenAny
getAppDomainInitializerArgumentsCultureName
MCMkeysNoFaultSecond
getAccessTokenGlobalResourceContextBestFitCultureInfo
LogicalSetDataInitializeSharedContext
TokenGroupsAndPrivilegesDuplicate
BoolValidateSlot
MethodCallMessageWrapperGetConnectionPointContainer
UNKNOWNGetUserStoreForApplication
IUnrestrictedCompatibleFrameworksMetadataSupportUrl
InternalActivationContextHelperMultiDomainHost
SerObjectInfoInitThread
Equals
ToString
GetHashCode
op_Equality
op_Inequality
SharedStateFileSize
TimeSpanTokenizerCer
DeploymentProviderCodebasegetIsAutoLayout
ContextIDGetAllDateTimePatterns
HaveDatePopDirectionIsolate
IContributeObjectSinkGetRuntimeMethodHandleFromMetadataToken
LargestWindowWidthMakeGenericMethod
capacityFileHashAlgorithm
HASHVALUEBooleanArrayTypeInfo
ComposedOfNoPublicMembersCheckedOverloaded
MatchServicingFReadOnly
RsaSignGetPrime
StandardNameUnspecifiedTypeSize
MiddaygetKind
SetLengthToFirstNullUnregisterChannel
ASCIIEncodingGetResourceStringUserData
op_Addition
op_Subtraction
op_Multiply
ManifestPathgetOpcode
get_Default
Initialize
Unload
onTileChanged
onPlayerCommand
onPlayerChat
onNPCSpawn
onServerUpdate
onPlayerSpawn
onPlayerDeath
onPlayerMove
onPlayerHurt
onPlayerJoin
onItemSpawn
registerHook
containsHook
MemberwiseClone
TryParse
get_CurrentThread
get_ManagedThreadId
get_Chars
get_Length
Concat
PadRight
ToLower
CompareTo
IndexOf
Substring
ToCharArray
Intern
Contains
Format
Replace
GetTypeFromHandle
get_Assembly
get_IsAbstract
get_BaseType
AppendAllText
Exists
Create
Delete
ReadAllLines
CreateText
SetAttributes
OpenText
GetType
GetExecutingAssembly
GetCallingAssembly
GetManifestResourceStream
GetName
get_FullName
LoadFrom
GetTypes
CreateInstance
FromBase64String
ToInt32
ToChar
get_Now
get_Ticks
BeginRead
WriteByte
ReadByte
set_Position
EndRead
WriteLine
set_ForegroundColor
ReadLine
set_Title
QueueUserWorkItem
IEEERemainder
get_EndOfStream
get_ASCII
GetString
GetBytes
get_Unicode
ToInt16
ToSingle
ReadToEnd
get_NewLine
GetFolderPath
GetObject
get_CurrentCulture
CreateDecryptor
CreateEncryptor
ReadInt32
ReadString
ReadBoolean
ReadSingle
ReadDouble
ReadInt16
CreateDirectory
GetFiles
GetEnumerator
get_Count
get_Item
Remove
get_Current
MoveNext
GetMethod
GetFrame
get_DeclaringType
get_MetadataToken
Append
GetPublicKeyToken
get_Name
BlockCopy
GetUpperBound
get_LoaderExceptions
get_Extension
InitializeArray
GetFullPath
ContainsKey
set_Item
GetCurrentProcess
get_Id
get_AddressFamily
AcceptTcpClient
set_NoDelay
Connect
GetStream
get_Connected
get_Client
get_DataAvailable
get_RemoteEndPoint
GetHostEntry
get_AddressList
IsMatch
Matches
set_UserAgent
set_AllowAutoRedirect
GetResponseStream
set_Method
GetResponse
get_Groups
get_Value
get_ElapsedMilliseconds
Synchronized
set_ClientSize
set_ScrollBars
Refresh
get_Text
set_Text
SuspendLayout
set_Location
set_Name
set_Size
set_TabIndex
get_Location
set_AutoSize
add_Click
add_TextChanged
get_Controls
ResumeLayout
PerformLayout
Select
ScrollToCaret
set_Multiline
set_UseVisualStyleBackColor
set_AutoScaleDimensions
set_AutoScaleMode
EnableVisualStyles
SetCompatibleTextRenderingDefault
GetChar
AddRange
Default
steam_api.dll
SteamAPI_Init
SteamAPI_Shutdown
LocalBuild
mscorlib
.resources
FindGoodRandWikiPage.Properties.Resources.resources
3System.Resources.Tools.StronglyTypedResourceBuilder
16.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
16.10.0.0
Copyright
Microsoft 2011
).NETFramework,Version=v4.0,Profile=Client
FrameworkDisplayName.NET Framework 4 Client Profile
Microsoft
$3d2b6db1-5b3f-4794-9679-a0d84099f96d
FindGoodRandWikiPage
1.0.0.0
WrapNonExceptionThrows
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
hSystem.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aPADPAD
QSystem.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Bitmap
IDATx^t
`SVd_^)
"P\P %
S-vUh>
9vcL0D
Q>9jb{
</53.4vSOO
CB6@VR9
8&\E K
I@^2b?
$W3qKz
MjnOg6
gxD(>[
VQ'F]!e~
4v:5Xu
Q![T2~
m>`I3]
}0?w|4
PCySUb
XbSR?;
\fdWRCyJX@
:-+WY6
:d/ej#
pYHv!~
ED*bI^Tq%
o4\iUC
al5z+9
pY:`L2
]*Mhwva
2^pwp,
v0`[9w
m/ik]D!
DUoQLR
II.`$r
v-L8i>+t
{zZ}+i
*v+u5o^
xA?seU
ba6h_gP
z@Llr7
m~\LUz
'_[k%S =
`LJ+O\!
K'&lU7~mq
.+x8~z
&xIwG3
kV>,o)
: |D$,
c>!PKu
XQ"u+o
rn,Z|;
4_|u`)
7{"='Mb
OMxJS@
>-Y*KH
n>:UH$
|x7.bTYN
wdsHg.
urZb{Fb
unyLSV
NtXeMr]6
Dk"|Vqa9
k5!>ds(
+\"GhmH#
htO,-reB
+q E+/
xKMc<G+
e%E|Jd{
(~qqG4
98d@{P
sYeog<
+AJ"D|
GwOjZ+
*F)Ie`=
M-5h1=
Ffk'Wy
+ ,:qI
3,r=.w
`O9m4"b}J3
j>WQ\Y
9!.fGW
?:Y| E
LhGK& Ga2$la
qKj5Z1
WH+?}+\k
}OLn_=
m\aRLKi
5>)r 8
20>BY~
A\@S[X
|)cSCa
(uJ3l
MGD5nt
p&Ve)*U!
4e`2B@
*Z [4>QA
.7"b83?(6
j#%{9}
cSkbxb
`m]uA\t
@G$pF$
&^Xi(BD
f(`y`8
+?VE1bel~
>#1H0^
IZonn\`
(.FA"0/
8){,nm
F_{`h"gz
fDE_kq
PbKEg6p
LQj*}#
.dNh*G
ZsN[R~
\RPX&?
3sk?Nc.
w8ZPp1
~"id1|[J<
e %w_?
w9}X7Pq
NE.~7*
&W]>_[
t`<h$D'
[#0oJG
>!qBBz
s-l>@
_fyrR2
}p){"rJ
N"`BA00
`Knh+f4
[,+0.p@
]\t*(r
ILzg5R
>HaQSn]
mO61A;a
:g??w'o
EhB`@]?9&+
QV>tTG
uVP_^Q
h}_) 2
H#[t T
^1M<dk
^dB$he
tJ>1<o]
q&R`Qn
-SBuNc
lfbaJs/
|Wcdb@
_MvSG/
0lS=FA
1`B#,i
LhgBXN
0),A]
&[T"0$
\0m\g~
SH%]G'
wzLX#{s
f7Lg &
PT#B=m
0@l!lZ
tmQ\6J
*O[v96
EO$`om
N|KYed
PumOkZ
T}}BZdI
<aJVSh)
;Kn'=F
wLOAqA
lS=;!2
{zB}^y
I'?{^<z-cq
E$l\e&
mk-kF.8%y
0m@h{2
-1/[wj
jT.s^'
p.Vs$T.
B,OS(m
?Ojf7m
x(gF$]
hiT)lp
~!q10_
, %''&
LK\7^`
MXj1TCo
xlkfi.R
esbY/UC
a,n?v_
Y~K~p.
%$\GB`
97/~g)
"{4|v|
AMz<@Z
`\FM>v
?\]o=g{
b,j,L7\
8Bt!5(
hjkd;7
\!bq<o@.H
msP%(6-
:}%$K}
6p75U}B
9q:eMF
;@Nl6goS
@q!$Q<z
rAN()d
*hAz@2
/</{W`
n);69Tj
XF7 B5D
7Kx(t%
!l~aM^(
~To?H
nWmd]n0
S72J=*0
`u\ZkU>
7,q%[&
kV6p,K
!(Xd '
+bgiJ+
X{6[CNo
q.:#jK
kCVSQ[V
9#Jv^$
@C^a9M
-Z7*oD
kwPpJ+
t6 wBXo
,@jeTM
%zk)\k
,K<:h-
I[P9h
g7w7 3
wLxLhAL
k'"1D
}\,n|8
I>G%q{"w-
a|.pKW
ptA4f,
lmMcz}
q_T.!x
s;mp"^
cj%jovd
xryi5t
>@jBc9
-}ab#w
ev2(;KGO
J:H\N(
-zHos-f
Iu{|8_)
Ws9iGj-
D !e(KJ
/1 R`
|\)S*.
BnTRDsn}
XYJXwHZt
>x0eJq
w%2s>\
*q[w&j.
QQPmJC7.4
W&oq_<
l_erpf
DdY5@o
>u|gRd
>]zsnj
&_9ewjS
LJdzs]ma
H@Km"`
y2~l:Q
=42'r,
z}4%7t
<~+*A(]gdw
^~$KAdj:P
)?'*%cy
jpLCkr
L\Va/*Q
Zgs^d;v
j*}-i<
<9@p+T
<\6mIl
10|rr[
K^Fc&Z
6i&Kd
*wyMuI2
Pn{qbu
o}h!~cf
m:|H]
.75"*}
Zq}!ws
e"mV)'
le7Hr{J}
RV<lt_?
k6]HWyv
vy]StX
lUBJJr
O"^}=zu
`P.vwh$]
JBc,8+
>G;dg7
//I'V?
"Aw&'4
s3b}{2A
:_ oo~Z
6v1pAK
g*N.6s
)`2y(84
];f)J3M
]G&W_vxu
Ex5(\^r{
\MMtn/
jjN.Xur
ggT3P%
p 0&>r
e-{y5Oo
^S/h#!Q1
JscWbh\
>:b#^M2H
ly@]@Y
8hV*9\
(v@L295
SmVsiY
\TM*1<
gE0B*
zIe8q#?
5GmYO'
nEp)Eo,w
}vq;vk
lm*>q6<K
32yg9<
D2Pkf6@
`%8`iB
N$,}o!
_$sr[co+!{A
5wW]V{
'eY)9.
<}"(9)5s
AvA>i.
xY0+&y+b
CaVf}Y
U4aguuu|
[GzWG(
BN}`MX{T
6R$ZHu
L=3<|h
o[i?Y>
M=s-:k
3IACAA;
OgGid1
j?.qw\
|HEmaaBvQV
\^5;,.
d:,~hV
8W8z9J>
Xs$/"`
l x2R^
h[WL}F
#?+"K?
N6`+Alv3
HIeFA#
L,xcP>(
u5-SA<
g3P0;-
d5+bs)
XwXw"c
cYv;7IY
!`90_TRa
8fHUkL"
g*o~jV<
%EI1yf
0Wopxp
Lf?gl4
E5cCcW
;#I_~y
\]onk~
}F,"(
e.~\<a\,
O}pm[~v~
Fw4E+_L
yRe~Wy
/!<{*:
NAOS9ps
ba`$$q
g7?'Mu
3UtPDDf1:
/&Nm7^;
|1AQ#2H
&twEfX
YR(e(w
BP~Lb2
mfd;bM.
Nr:s7=
gIM,T0
'%c'76
3!ytFl*yO
M[ESzf
hqqfrs
2rbFDw
CwFVoN
vdPweR
v5W8iw
%]WbAy
bTd6J^
t'fXYI?6
g:+yh~
Cd@FmG
^gzw*@
HqKMy
zsC0UsP D
Ab5HKI
3g3+C#b
$?kdF_=
yQ0Y`
U2[WY-
<(iz*A
yN8s"m
^[tbcn
o\oVWM
OfU+~I
eefRGu
FIt\Ug
hJC]XqP
1lEF/~~
C"7B'|aw
`Z`%HG
p9uh_l$
*BwMm`m
6)SUGatK
`w]+g]
q78MVtR
0+;\p6
OId,93
}v|Y?z
X-k|aE
C3y=KZB
r)T@Gm~
RR:XQ)
mIJdsXu
A7lRMDN
`YShaas
cOL@r7
55dZ$4
g+mv~n
pAHM5r@
U(@VF#
e!P!(B
y^[NG]
ve4xKZ
Ts.Y@/
QI|aVw
d~Sp)j
nz"@fG
^ef7'Y
l;"Z^/
sUcD_f
B2[BZs
>YR2OV
V\*'^
Koc>7:]
O5y#z4
[ZOWn}!?
|4sZ(,
X%(~;TNI0
8fZ`9`3
XV]hmE
Xhz7f`
,.t!~ir
5;wV76
a__-qw
/[7YM30
]8~@MNj
vKe5_b
8#zEni
@j5#6j
rC-'g'
znu(S>
x;Vlr(
%s `>"
lo.`ga
_@5JKh
HQS}j{
`tN?xM
\pTxjwM
7^Z>i@y
1RHvk4
%2zLav
>/5RXk
'G)eOw|)3
r9dBTYa
UL?=O
MoOn$8
E@;@[5~}
@%g03]
#))"~h
Xj^pubHRo
|9?b70A2~-9
A;jxO7
F1swp?
6y}^7?
dXe]xw
Hd"B*e
_}.9;)
F ]oJH
&dYQQ
{BW&d]p,
Ub^5.O
XL{baW
vQ~Akg
S!lZ0)
WTT+XV
gmXq8:
^rSh/mQv
t,J^]r.!+f
}0A#n%
Yv1lax
%_Iuff
oq#<*W
G.hnY\
,p8MPR
":Te<
iL-~+a
\2^}lW
??+&'0
j7iV[w
mMD=%;
[UpJ8T0
BnVRbJba
q^qXpbN
GOI}h0
pw?A7s
I{s4s,
WF(j&f
5X8j(l0
Z6~?'Z
q\-xgL
w&-9KoZiF
^S=)t4
[IC(=KSfq8A/
]k|E@i
$j~$2'
=9q_F@}
_&o6ZzU
scdV~A
PKBO]V
9mS*^S
,h37*C
KKy<Kv:
b\\}<
/B]Z#>1
z:R8{+
r{wG-#Q
Fg/U==|
]^q#8U\
SKXe5e
%)nG^gj9]n
Phx*n1
LfJpfc
q?0I!Vy
o:&ejW
tl\&#Z<0
qKgViW
nEb0P$
fytfyRplAq
sfiIGn
o%ff??
|F^gqA@5(A
s2^`eu)#;@
SS~\'Ni
$4FIg9
G[&llMR
/5\H5d
Ju#6LW
W\*?DE
/9-k>|i1
" TL&&A
x7/K8
#.3#(|
(h9Qx)k
!qk]<77B
RcPAA$F
z)Ln~Ei
?t=r_)
oTz^Y!3
wSsu}(
7G9nwg7
VP34xO
VN_Cc=jD
a4t*A?
,vj%dY
31@b}n
Pt>6!Z
n%EO}a
G}:%&O
;s{fYwN
(gEJ,lU}
?$PC?p
mM@^aky
.kElk-
ad1cuDY
%AmcmS
oN&Wn1
lE}^^(
;>P$ms
916NoJ
(>"0}O
9V[$P8F
>uA"/z<~:ONo
3zrwbi
f'i<1{
I8z<7~
\L.)/`
9L\s#1&\
tOEfl@
}xYI&T
~t0JIj&|
yqL"bU
_Q'f<m
Mu@pN$0
Ol[ldW
NW1dq4+
IWf4vl
j8S^e_
rmD`h8
N-fOon^
O.B@[q
3QCk/$
#D&kI0
mH"W1O
sOor&TY@
fzg{:]
ogCi.l
)}ws|3
|`^vck
v{N;U\9
oQz*9?
V[o#ej
Z7K9f!KR
bn:GgT
$6BgF6
r#^]C@
kBjn/
vrs8uo
[4-\P!
t%E3h>a
iE!&L8
/z36K
^\lC|y
J#3rj>
C2PF;@d
_CorExeMain
mscoree.dll
C:\Users\Administrator\Desktop\40eGtUYe2LW47DV.pdb
719~e!
rZw|z
}#?2>1
h}iEE?
?<R._W*
\=:U*f
o&&'n(
$4UCB7
RRH%RP
Mcnn.5^
sik"b'
9,>d,
@!A1R/
S#Fn$w
j"MSes
ESLUWzQn
?H9o*LeLa
dA_[?S
\rR+('Zl
D%IUS@4
;[Fb,
(V?kQsZ]j?
OmVc]L
k_796u
O}0Fa&
XpnzMB
}\]X_{
7h)5FH
eY_X[]{
6u]7u]O
JtMW4M
[___m4
X/ (oO
D!{{Z}
4CUU%zCGs
|jrj2u
IMU5UW7
O!a*0x
#*$qAUq
f`h&&G
9d'Rp5
]_[_Z^^>
h4jwV*
766._[;
1)Zc?h
Y_^Yy,
b>ZZI)
]?3:2z
oPzkPQ
lll`ll
sssX__
AUyB`dM
N{~(^
Je;>G1WC
(#^[[C.
=*<qSy
]M|THv
KAAD=Roh
Q?/Z(3(>
|Ndk.Z
r[jtbR\!
r'ngM|#
D2hZk6
#>/kyq
%x=ZN<
u,..bvn
,.-byi
KKKX\Z
.6660;;
$*IDAT
&&&0::
,x~P?
DOjp|7^hU
HJ)\/
Fe}ayeyfnfn
X8GQX2r
:&,:d@X
VVV0;;
^I/[\Z
P .E&@
e!4###
LLL`jj
gggf7j
cv&.:)
m4?b@@
?7s~ume
\n3b?9
J#1A8$
vtM*K-R
tZ[[2
F} .f
,mUvKu
ul=~V>
$IR,K2
e5.e}A
>/j/a}
<?xml version="1.0" encoding="utf-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" name="MyApplication.app" /><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"><requestedExecutionLevel level="asInvoker" uiAccess="false" /></requestedPrivileges></security></trustInfo></assembly>
Greater Manchester1
Salford1
Comodo CA Limited1!0
AAA Certificate Services0
040101000000Z
281231235959Z0
Greater Manchester1
Salford1
COMODO CA Limited1+0)
"COMODO RSA Certification Authority0
HCgNr*
2http://crl.comodoca.com/AAACertificateServices.crl04
http://ocsp.comodoca.com0
Greater Manchester1
Salford1
COMODO CA Limited1705
.COMODO RSA Extended Validation Code Signing CA0
191007000000Z
221006235959Z0
943491
Private Organization1
Dubai1
Dubai1;09
2Business Central Towers, Tower A, Office 2301 23031
Telegram FZ-LLC1
Telegram FZ-LLC0
https://sectigo.com/CPS0U
Dhttp://crl.comodoca.com/COMODORSAExtendedValidationCodeSigningCA.crl0
Dhttp://crt.comodoca.com/COMODORSAExtendedValidationCodeSigningCA.crt0$
http://ocsp.comodoca.com0#
AE-943490
Greater Manchester1
Salford1
COMODO CA Limited1+0)
"COMODO RSA Certification Authority0
141203000000Z
291202235959Z0
Greater Manchester1
Salford1
COMODO CA Limited1705
.COMODO RSA Extended Validation Code Signing CA0
=U5W5H
https://secure.comodo.com/CPS0L
;http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q
/http://crt.comodoca.com/COMODORSAAddTrustCA.crt0$
http://ocsp.comodoca.com0
Greater Manchester1
Salford1
COMODO CA Limited1705
.COMODO RSA Extended Validation Code Signing CA
20210320173440Z
Greater Manchester1
Salford1
Sectigo Limited1,0*
#Sectigo RSA Time Stamping Signer #2
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA0
201023000000Z
320122235959Z0
Greater Manchester1
Salford1
Sectigo Limited1,0*
#Sectigo RSA Time Stamping Signer #20
https://sectigo.com/CPS0D
3http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
3http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
http://ocsp.sectigo.com0
New Jersey1
Jersey City1
The USERTRUST Network1.0,
%USERTrust RSA Certification Authority0
190502000000Z
380118235959Z0}1
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA0
?http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl0v
3http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt0%
http://ocsp.usertrust.com0
rRj;B7|
[C]e=P
Greater Manchester1
Salford1
Sectigo Limited1%0#
Sectigo RSA Time Stamping CA
210320173440Z0?
New Jersey1
Jersey City1
The USERTRUST Network1.0,
%USERTrust RSA Certification Authority
5AWfq@gY6
aeiouy
!$,6>FOV
8797:7;7<7=7>7?7TU
NullTextWrit
VS_VERSION_INFO
StringFileInfo
000004B0
Comments
BuildID
CompanyName
BuildID
FileDescription
BuildID
FileVersion
1.0.0.0
InternalName
BuildID.exe
LegalCopyright
Copyright
BuildID 2011
LegalTrademarks
BuildID
OriginalFilename
BuildID.exe
ProductName
BuildID
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0
VarFileInfo
Translation
Antivirus Signature
Bkav Clean
Lionic Trojan.Multi.Generic.4!c
Elastic malicious (high confidence)
MicroWorld-eScan Clean
FireEye Generic.mg.efbdabf385c389aa
CAT-QuickHeal Clean
ALYac Clean
Cylance Unsafe
VIPRE Clean
Sangfor Clean
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Clean
K7GW Trojan ( 00587e361 )
K7AntiVirus Trojan ( 00587e361 )
BitDefenderTheta Clean
Cyren Clean
Symantec ML.Attribute.HighConfidence
ESET-NOD32 MSIL/Spy.Agent.DFY
Baidu Clean
APEX Clean
Paloalto generic.ml
ClamAV Clean
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Clean
NANO-Antivirus Clean
ViRobot Clean
Tencent Clean
Ad-Aware Clean
Emsisoft Clean
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition Artemis!Trojan
CMC Clean
Sophos Mal/Generic-S
SentinelOne Clean
GData MSIL.Trojan-Stealer.Redline.5Q6DXS
Jiangmin Clean
Webroot W32.Trojan.Gen
Avira Clean
MAX Clean
Antiy-AVL Clean
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Gridinsoft Clean
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:MSIL/DarkStealerLoader!MTB
Cynet Clean
AhnLab-V3 Clean
Acronis Clean
McAfee Artemis!EFBDABF385C3
TACHYON Clean
VBA32 Clean
Malwarebytes Malware.AI.4227419416
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Clean
Yandex Clean
Ikarus Clean
eGambit PE.Heur.InvalidSig
Fortinet Clean
AVG FileRepMalware
Avast FileRepMalware
MaxSecure Trojan.Malware.300983.susgen
No IRMA results available.