!This program cannot be run in DOS mode.
`.rdata
@.data
uRFGHt
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect begin
VMProtect end
VMProtect begin
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
PQRSVW
_^[ZYX
<0rF<9wB,0
VMProtect begin
VMProtect end
VMProtect end
VMProtect end
VMProtect end
RQWPVS
[^X_YZ
PQRSTUVW
_^]\[ZYX
[^_YZX
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect begin
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect begin
VMProtect end
VMProtect begin
VMProtect begin
VMProtect end
+E +E(
+E +E(
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
QRSVW3
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
3E 3E(1E
?hffff
?h3333
?h3333
?h3333
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
t(ENEN;
L$$_^]
T$$_^]
D$$_^]
D$0UVW
L$$_^]d
D$4SUV
L$89l$8}
D$(t,;
L$(CH;
D$4SUV
L$ QUS
t$ htr
@tXWWh
L$$9^8u
\$ <@u
L$DPQR
L$8_^[
T$ RPW
L$X_^d
L$DQRf
T$$RPQ
T$0QRS
T$XPVR
t6Ht Ht
D$$~9+
F\_^][
L$D_^][d
L$ QRh
T$ QRh
L$$_^d
L$@^[d
D$PQRP
L$pPQR
D$hRQP
9L$x~k
L$T_^][d
L$lRVQ
D$hQRP
D$hQRP
T$pPQR
DRQPh\
\$8UVW
L$DPQj
\$8UVW
L$DPQj
L$ _^d
W9^du-
L$ PQh
L$L_^][d
L$D_^][d
L$@RUQ
D$ j<P
DRQPh\
L$$^][d
DRQPh\
L$$^][d
DQWPh
L$x_^3
|$89^Hu
L$|_^][d
L$|_^][d
L$|_^][d
T$0VRPSQ
L$4_^[d
V#D$,WPQ
D$@UPQ
T$XUSR
T$HQRP
L$x_^d
D$(SUV
T$8RWj
L$ _^][d
l$<VWj
L$(VQVj
L$(UUh
t$LUPh
o0SSSSU
D$dSUVW
D$@WPS
L$`_^][d
D$,RVh
L$TQVSh
|$XSSW
T$TQRPh
D$`QRP
D$hSUV3
D$,Pj<j
L$h_^][d
L$X_^d
t$ 90t
T$LRUj
D$89Vdu
FpHt&Ht
D$LUSWP
L$$_^][d
L$,_[3
L$,_[3
L$(WQR
QQUWSS
L$P_]^[d
T$hQRWW
t]9|$<tW
L$x_^]
L$<SQR
T$<RVW
9|$8tt
T$<WRh
T$lPRh
T$ SRh
9l$xtU9
u29l$xu,
L$XSQh
D$,SPh
T$,SRh
T$,SRh
T$,SRh
t$(SSh
t$$RVP
|$,RPQ
L$H][d
L$HSUVWP
D$XPQU
D$8VPQ
T$ SWRP
L$L_^]3
t%RSQP
XY[Z[]
~'PSQR
\$<VW3
L$4_^3
D$XQRWP
D$dQUWRP
|$D.tm
L$0^[d
D$0WPQ
T$$+D$4
L$L^[d
9^xu5j
L$X_^]3
h9n`u;
D$8RPj
T$DQRU
D$PRPQ
L$TSWQ
l$HQRVU
D$H_^][
\$lUV3
L$h_^]3
T$\jdSR
L$Hj&Q
;t$Xu";\$\u
L$DSVQ
L$,_^]3
L$$_^][d
L$0PQS
L$ ]_^
L$ QSR
D$TVPW
D$TRPW
WWVQRWWS
D$$QRP
T$,PQR
D$$RSSP
D$8WVRPQ
L$XRQP
l$@VW3
L$8_^][d
u"8D$yu
D$(_^][
8MThdu
~P9~Pun
t&9^$t
F(9V8tQ
F<_^][
F<_^][
|$@ Wu
|$D UV
L$8^]_3
@;l$\~Z
L$X;L$
uh9^8uX
F89^8u&j
L$T_^][d
L$L_^][d
D$,;\$|
L$0PQR
PQj WUS
T$dPQR
L$l_^][d
L$8WPQR
T$DQSR
D$49D$$}
T$\;D$Xu
L$(PQR
T$,RQP
T$(PQR
L$x_^][d
L$l_^][d
L$TPQR
L$dPQRV
u +\$l
L$4SUV
L$4WPQR
D$ |2;
L$@_^][d
u._^][
L$ WPQ
T$,RQP
L$\_^][d
L$@RQj
D$@RPQj
L$T_^]d
FD uy9D$$}s
FD@ul9L$(}f
L$P_^d
L$\_^][d
;D$xt&
9D$$t+
L$D_]d
L$ ^][d
D$$QUP
L$|_^][d
L$t][d
D$$SUV
D$DURP
RVPUSQ
L$$_^][d
j VUPWQ
T$(QVURWP
L$,_^][d
D$$_^[
D$$_^[
L$4VQUP
L$$_^][d
L$4UQWP
L$$_^][d
T$0SUV
L$(_^][d
T$8QRP
L$(_^][d
L$8_^][d
|$LtE;
t$PPVS
L$8_^][d
T$\WVR
jBWVSSQ
D$(_^]
\$ PQV
L$$_^][d
L$H_^][d
SWVVVRPV
L$$^]d
L$D_^[d
T$(Qh$
T$(Qh$
T$(Qh$
T$DWRh
D$,QRPS
L$$RPQS
L$<_^][d
L$(RPQ
NTRPQj
L$(RPQ
T$(PQR
D$(QRP
T$DPQRW
L$<RPQW
L$T_^]
Nh;NX|
Vh;VX|
Fxt_;FTu@
Nh;NX|
P$RWPh
D$0QVRP
L$$PVh
D$4RPQ
D$ PQR
=pscat
=YARGtD= BGRt
h BGRUPV
hYARGUQV
=lcmnw_tQ=tsbat-=knilt
=rtnmto
hknilUPV
htsbaUQV
=rtrpt =rncst
=capst
= baLt = ZYXt
TADIut
tkPUSV
ETLPuF
D$8QVRPU
QRVWPU
D$$SPh
3;L$4s
T$8QRU
L$Xh`[
T$,SRW
T$0;t$
PPPQSG
D$ EJ;
D$4SUVW
L$$QWV
D$0UhP
D$,Hx;@
D$(CM;
D$Hvm3
L$Lvj3
D$(FO;
L$t_^d
D$ RPUhD
L$l_^][d
L$$^[d
L$(WSR
T$0PQR
WjdjdPQh
|z;^<}uWS
L$D_^][d
L$\_^][d
It#Iu%
^l_^][
tI;Ftr
tL9~HvG;
~(9~$u
D/ VPS
L$<RWUQV
L$$j QV
L$(VQU
hPCCiU
L$(RPVQWU
l$,WuAS
|$ VurU
D$@QRPU
T$ PQW
Ht&HtcI
D$(SUW
=TADIt
TADIu"
hTADIV
Ht]Ht2Ht
HtfHt;Ht
t$,u%:D$<u
:L$<t;
\$$u9f;
\$@QUR
;=3333v
HtHHuz
V,_^[Y
D$ _^][
EHPWVS
u]9B uX
uR9BxuM
'9A`u"9
tq9~Dt
nd9~dt
tS9~@uN
T$LPQR
|$HPWS
L$(RPQ
T$DPVS
T$LRWS
Fdf+Fh
D$(8D*
tRHt}H
NH_^][
T$LWUQVR
L$4WQUVS
;l$ }:
|$$}$WP
\$\}-j
O(_^][
T$H} VP
T$$PRV
D$(QPW
L$,SUV
L$0SUV@W
NX9NXu
QPSWVR
T$PQRP
D$$SUV
D$(;l$
\$(UVW
D$,_^]
D$(CUSWP
9o4u'V
9t$0v8
T$,RWV
T$,RWV
T$,RWV
L$,QWV
T$,RWV
L$ RUPj
9t$Tu
T+3x%A
;D$<s!
T$,PQh
|$ WUSV
L$(SUV
N4_^]3
t.It+It
HDIt+It
|$DPPh
D$$j Ph
D$(j Ph
L$TUUj
L$<PQV
L$ Qj.j
L$ SVWPh
T$$QRVWUS
T$$QRVWUj
T$$QRVWUj
T$ QRVPWUS
D$$RPVWUS
\$4UVWS
T$<_^]
L$0][d
\$4UQPS
L$<PQR
D$8FtdW
\$4VWh
L$8_^[d
L$HRPWUQ
SUVWhH
L$$_^][d
L$8_^[d
L$<^[_]d
D$8QRP
" !
!!!!!
L$lQPR
L$8RPQ
L$8PQR
T$$RPQV
T$ URQPV
T$$RPQV
\$0UVW
D$PRPV
L$@j%Q
L$@j%Q
L$(_^]d
L$<_^]
T$<_^]
D$<_^]
L$<_^]
T$lPQR
T$$j%R
L$lRPQ
T$,IJQR
D$(IPQ
T$Pj%R
D$`PQR
L$$QPR
L$8_^]d
L$ QWPR
l$PVWU
L$0_^]d
\$(UVW
L$PQRP
T$`RPQ
T$8RPQ
L$PPPQ
T$PRPQ
D$`PQR
D$8PQR
L$0QSR
L$<_^[d
D$8QVRP
D$8QVRP
D$4WSP
D$4WSj
D$DWSUj
D$0QRP
L$,RPQ
T$,PQR
T$,PQR
JUHRPQ
BU@RPQ
\$dUVW
D$4PSQ
T$PRQP
L$(SPVW
L$ QUR
NLQj<P
t$ WPV
L$ _^[d
L$8RPQ
t$LPQR
L$4_^][d
D$HQRPW
L$4_^]d
D$0_^][
\$,UVW
L$d^_]
L$,RPQ
L$H_^][d
S#D$$SPQR
T$TSSR
L$P_^][d
D$$VPQ
T$ RSUP
t`Ht7Hu}
D$DSUV
?h3333S
T$`h33
?h3333R
L$@_^][d
D$hVPQ
L$@QWR
L$ PVWj
L$`_^][d
L$0UQW
D$Du)+
T$ SU3
L$ PSW
D$,FI;
L$D_^]
L$,QPR
L$(^][
T$8PWR
|$$~EW
L$,PRVQ
^lSj<P
D$Hu)+
L$T_^][d
L$XPPQ
|$LWQP
L$0_^]d
Fdf+Fh
~(9~$u
|$ WUSV
D$$SUV
T$LPQR
|$HPWS
L$(RPQ
T$DPVS
T$LRWS
T$,RWV
T$,RWV
T$,RWV
L$,QWV
T$,RWV
L$ RUPj
T$,PQh
L$(SUV
N4_^]3
j RPSW
D$ UPh
T$ URh
d$ SWR
T$ URh
L$ UQh
nd9^hu@
D$ UPh
WWWj(j(j<
L$HPQR
}?9\$0~9
L$HPQR
L$HPQR
L$h]_^[d
:;|$0}D
|$<UQVRW
L$h_^][d
L$8PQj
l$8;l$H}
L$(][_
T$,J9U
;l$T~?W
L$PUPQW
T$PPSRW
L$<_^][d
;l$(}OS
|^;\$,}&W
D$`SUV
L$8QUS
L$XQUS
T$DRQP
T$@RQP
T$@RQP
L$@_^]d
D$@PSQ
L$tQSW
D$0Pj<Q
L$$QPW
L$l_^][d
L$4Qj<R
l$(UPQ
|$(WPQ
L$p_^][d
D$ QPS
L$L_^]3
9\$,u5
D$4RPW
L$4PQW
L$4PQW
T$(WRQh4}
L$0WQR
L$l_^]d
L$P_^][d
L$p_^[d
L$P_^][d
L$p_^][d
L$@|-;
L$(SUV;
@;D$<~
T$ QWR
L$4PWQ
L$LPWQ
D$XRWP
D$`RWP
T$dQWR
L$hPWQ
T$XQWR
L$\PWQ
D$`RWP
L$x_^d
L$,_^d
D$0PQWS
L$ QPjNR
F<SSj1
L$8RUQ
L$P_^]
D$XWRVUP
T$XPQR
L$4_^][d
L$4RPQ
t$\9|$`
L$LPQR
D$<QRP
d$LPVQ
D$4uu=
D$XQRj
d$,RPQ
d$$PSQ
L$ QPjNR
L$ QPjNR
L$<SVW
<1\t}I
L$ PQS
T$8PRV
L$ PQV
D$`WRP
T$(WRh
L$P_^d
T$(WRh
L$P_^d
IPPQUPP
SSSSRUSS
L$ _^[d
T$ WVR
L$hWUVPQ
D$DPQU
~ ;l$ t
9\$<u<V
T$4j R
D$HPWU
D$$SUV
|$DWhx
@APBQRV
QWSRPh
L$$SQV
D$$=MZ
V<_^]3
D$(0jb
od_^]3
D$<h`jb
L$<h`jb
f9|$>t
D$<h`jb
u0_^][Y
T$0RWV
T$0RWV
T$0RWV
L$0QWV
T$0RWV
L$PRPQ
L$(RPQ
T$PRVS
9t$Tu
T+3x%A
;D$<s!
L$ RUPj
T$,PQh
D$0Qht
L$(SUV
N4_^]3
~(9~$u
D$ _^]
T$ _^]
D$DRPQ
L$PPQR
:te<\ta</t]SVW
L$DRSQ
L$,SQR
T$8QRU
T$8QRU
L$8PQU
D$8RPU
D$dUPh
RPVhhQ
RPQVhhQ
L$L^][d
L$(_^d
L$ _^[d
;D$xt(%
D$l_^][
PWRVPWQf
D$tKQMSUP
t#Hu1;{
T$<QPh
T$<PRh
L$XQSPUR
D$0WVQ
D$0QRWVP
T$@PQR
u+9Fdu&
te9Fhu`
L$8RPQ
T$$SWj
L$4SQh
^,~FH;
L$hRPQV
PPPPPPPPPPP
T$ PQRV
ND_^][
T$4PQR
L$@_^][d
Q#D$HRP
#D$DQRP
L$T_^d
T$4HPQR
L$DHAP
L$D@APQ
T$4PQR
L$LHIPQ
D$LJHRP
L$XQSPV
L$`_^[d
D$8SUVWt
j$SWRPj
Ph_^][
Rh_^][
D$(SUW
L$0PQR
L$0PQR
L$0PQR
L$pRPQ
D$hQRP
L$@_^][d
L$(RPQ
NTRPQj
L$(RPQ
T$(PQR
D$(QRP
T$DPQRW
L$<RPQW
L$T_^]
\$4t|Ht@H
T$ QRP
Ft_^][
^t_^][
T$(QRSU
tC9{dt
D$ _^]
uAUUUUj
GUUUVj
C<PQWR
9|$$t6
L$0RPVQ
D$(WPS
D$,WPS
L$8RPVQ
T$,WRS
T$8VRS
D$@VPS
thOt3Ot
<zv[<Ar
<ZvS<0r
<9vK<-tG<_tC<.t?<:t;</t7
T$ QRP
T$(QRU
T$,QRP
D$(RPU
T$,QRP
RQWPUV
T$@PQRUV
D$8t!j
T$$RPWUV
L$DQRPUV
D$ QSRPU
T$ PSQRU
D$ QSRPU
T$DSRWQh
D$4RPU
T$8QRP
D,@,QE
<fu&8M
\$LUVW
RUVh`)d
D$0PUVh
L$0PQh
t:It-P
D$,Rh$
T$0hMMS R
IDQWWPR
RQPj3V
L$DQUR
L$(PQVU
D$,WRP
|$DPWVU
L$PPWQ
D$,WRP
SUVWh4
D$$Vh(
SUVWjH
\$,WUS
T$ RVW
L$$QQP
SUVWh8
T$0QhH
L$0Ph4
T$HQRP
T$PRht
D$(Ph$
UWSPh`
D$0vT2
T$8RPQ
T$4PQR
<0|!<9
D$"EAB
SUVWjp
}\PWVQ
T$0u`U
V<j PR
F<j QP
T$HRj$
T$<RWP
D$ QRPW
T$ PQRW
D$(PQhD
L$,PhD
T$@SRhD
\$(UVW
L$4PUQ
D$$QRWVPU
T$@QRj
L$4PQj
T$4QRj
L$(PQj
T$8QRj
L$,PQj
D$lRPj
T$<QRj
T$dQRj
D$`RPj
T$0QRj
L$|PQj
T$XQRj
D$dRPj
T$4QRj
T$\QRj
D$DSUVW
D$DRPj
T$0QRj
L$`PQj
D$<RPj
T$(QRj
L$XPQj
D$@RPj
T$,QRj
L$\PQj
;t$<}
;t$<}8
D$(SUV
|$<tM;
T$8QRj
L$,PQj
T$,QRj
L$ PQj
T$,QRj
L$ PQj
L$dPQj
D$8RPj
D$\RPj
T$XQRj
L$,PQj
D$|RPj
L$PPQj
D$XRPj
T$,QRj
L$|PQj
T$PQRj
L$DSVW
D$DRPj
T$4QRj
L$dPQj
D$8RPj
T$(QRj
L$XPQj
D$8RPj
T$(QRj
L$XPQj
d$t_^][
F$@;F(v
F$@@;F(v
QQSVWj
QQSVWd
t.;t$$t(
B 02CV
C =02CVu
VC20XC00U
PPPPPPPP
^}%95`
uRFGHt
YHYtLHt9
tn<%t2
HHtiHtGH
HtHHt(
HtOHt)H
Ht Ht&Ht
QQSUVWj
_^][YY
8 t9UW
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
t/WWUPj
QQSVW3
QQSVW3
sO;>|C;~
HHtpHHtl
>Cu28V
t FGQPS
btHHt.
HSVHWtgHHtF
<]t_G<-uA
QQSVWj
>:uNFV
>:u#FV
,f9=\7
PPPPPPPP
PPPPPPPP
t+Ht$Ht
Ht HHt
+ttHHtd
WQj1Pj
Vtvj0j
F PjPWj
F$PjQWj
F*PjTWj
F+PjUWj
F,PjVWj
F-PjWWj
F.PjRWj
tEj@Vh
F@j@Ph
uW9=,8
It[IItM
E WWWWS
zu^SSS
E VVVV
T$PRUh
L$(USRPQV
USPQRV
l$$VWU
T$$RSf
t j@SV
IQSPPj
Hu"WSV
uI8^Lu=
D$4PRh
L$$UQV
T$,WRV
D$$UPV
L$,WQV
<[uZGj]W
L$$Qh<
t$ t"3
NxZ;7sV
P3L$4Q
D$ PVV
T$<<%t
<ar7<fw3
<ar7<fw3
T$,_^]
D$,SUVW
<ari<fwe
D$,SUVW
<ari<fwe
D$Q}!;
D$XSUV
;L$0tI
tB;L$(u
D$0PUVRWQ
T$ SUV
\$ AFE;
t+IuDSV
;D$ t
;L$0t<
t5;L$(u
T$,PRVQWU
L$ QRU
D$$j:V
M<~u9;
\$DVj8
|F)D$$
|F)D$$
L$$SUV
D$(PVQW
T$4_^]
D$4_^]
L$$SUV
D$(PVQW
T$4_^]
D$4_^]
L$4_^]
\$$UVW
;L$$w(;L$$u
T$D_^]
\$$UVW
;L$$w(;L$$u
T$D_^]
L$D_^]
L$XSUVW3
;\$$t_
t ;D$,u'
T$0QRSPVU
D$09D$
L$ ;\$
D$$PQS
L$$_^]+
D$$_^][
CGE;t$
FCGE;|$
L$(_^]+
\$8UVW
L$$;L$4}
;L$$tU;L$(tO;L$ u
T$(SUVW3
T$ UVW
;T$$t=;T$(t7;T$ u
D$TPhXp
W(9W$u
tX9H tS9H$tN
Fdf+Fh
D$(8D*
~(9~$u
L$,;l$$
;D$4uY
;T$8tG;
;D$8tC;D$4uL;
L$0RPQSWUV
;T$4uV
;D$8tG;
L$$_^3
;D$8t?;D$4uH;
D$0QRPUWSV
|$ WUSV
t$4;L$
T$LPQR
|$LPWS
T$ PQR
T$PRWS
L$PQVS
T$,RWV
T$,RWV
T$,RWV
T$,RWV
L$ RUPj
9t$Tu
D$X98u
T+3x%A
;D$<s#
|$8t +\$
C(UVWj
T$,PQh
{4_^]3
nt2Ht#Ht
F`jBWP
F\jLSP
u$SShe
~\j<SW
ue;= 4
Wj(_Wj
hWj@_;
PQQQQQ
PPPPhd
tvWWWWU
F,_^][
(wqt\HHtS
t>Ht Ht
QSUVWj
n0SSSSU
_SSSSU
Ph_^][Y
tD9_Pt?
Ht#HHt
@t4Ht1Ht_Ht
^$_^[]
F(_+F$^[;E
9~4u@j
9~4u:j
F0_^][
<A|2<Z
<A|@<Z
+t|HtlHt\HtCHt%
+tJHt:Ht*
P<PuWSV
PWVWWW
9n$v(W3
F$;F uA
$C;_$r
F,;F8u6
N(;N,r
F0_^][
uK9{$t?
K,+C(;C,v4
C,9{$u
9^0u/j
F09^4u*j
F49^8u&j
^,_^][
shell32.dll
kernel32
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32
kernel32
kernel32.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
ole32.dll
ole32.dll
Kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
User32.dll
kernel32.dll
kernel32.dll
ntdll.dll
psapi.dll
shlwapi.dll
user32
kernel32
kernel32
kernel32.dll
kernel32
kernel32
kernel32.dll
kernel32
kernel32
iphlpapi
kernel32
kernel32
kernel32
kernel32
IPHlpApi
kernel32.dll
kernel32
kernel32
kernel32
kernel32
kernel32
kernel32
kernel32
ntdll.dll
kernel32
kernel32
kernel32.dll
kernel32
user32
user32
user32
user32
Kernel32.dll
Kernel32.dll
user32
user32
user32.dll
user32
user32.dll
user32.dll
kernel32
ntdll.dll
user32
user32
user32
user32
user32
user32
user32.dll
user32
user32.dll
user32.dll
kernel32.dll
user32
user32
user32.dll
kernel32
user32.dll
user32
user32
user32
ole32.dll
ole32.dll
ole32.dll
kernel32
kernel32
kernel32
msdk.dll
msdk.dll
msdk.dll
msdk.dll
ole32.dll
msdk.dll
msdk.dll
msdk.dll
msdk.dll
msdk.dll
msdk.dll
msdk.dll
kernel32
kernel32.dll
ntdll.dll
kernel32.dll
ntdll.dll
kernel32.dll
ntdll.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
kernel32
kernel32
kernel32
kernel32.dll
kernel32.dll
ntdll.dll
ntdll.dll
kernel32
ntdll.dll
user32
ntdll.dll
kernel32
kernel32
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
user32.dll
user32
user32
ntdll.dll
ntdll.dll
ntdll.dll
kernel32.dll
ntdll.dll
kernel32
ntdll.dll
Kernel32.dll
ntdll.dll
user32
user32
user32
user32
user32
user32.dll
user32.dll
user32
user32
ntdll.dll
ntdll.dll
ntdll.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
kernel32
user32
user32
user32
user32
kernel32.dll
ntdll.dll
user32
ntdll.dll
kernel32.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
user32.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
kernel32
ntdll.dll
ntdll.dll
ntdll.dll
kernel32
ntdll.dll
kernel32.dll
kernel32.dll
kernel32
psapi.dll
Shlwapi.dll
user32.dll
user32.dll
user32.dll
user32.dll
user32
user32
user32
user32
user32
user32
user32
user32.dll
user32.dll
user32.dll
NTDLL.DLL
user32.dll
user32
user32.dll
user32
user32
user32.dll
msdk.dll
ntdll.dll
advapi32.dll
advapi32.dll
advapi32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
StrCmpNA
IsBadReadPtr
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
IsBadCodePtr
lstrlenA
lstrcpynA
WinHttpCheckPlatform
WinHttpCrackUrl
WinHttpOpen
WinHttpSetTimeouts
WinHttpConnect
WinHttpOpenRequest
WinHttpSetCredentials
WinHttpCloseHandle
WinHttpSetOption
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpQueryHeaders
CoInitialize
CoUninitialize
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrcpynA
CreateWaitableTimerA
SetWaitableTimer
MsgWaitForMultipleObjects
CloseHandle
lstrcpyn
RtlAdjustPrivilege
GetModuleFileNameExA
VirtualQuery
ReadProcessMemory
StrToIntExA
VirtualProtect
CoInitialize
MessageBoxTimeoutA
GetComputerNameA
GetVolumeInformationA
GlobalMemoryStatusEx
GetSystemInfo
GetDriveTypeA
GetDiskFreeSpaceExA
GetProcessHeap
HeapAlloc
GetAdaptersAddresses
HeapReAlloc
GlobalSize
RtlMoveMemory
HeapFree
GetAdaptersInfo
CreateFileA
DeviceIoControl
HeapAlloc
DeviceIoControl
HeapFree
CloseHandle
DeviceIoControl
DeviceIoControl
NtSetContextThread
TerminateProcess
OpenProcess
IsDebuggerPresent
GetStartupInfoA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuStringA
VirtualAlloc
VirtualFree
GetDesktopWindow
GetWindow
IsWindowVisible
GetWindowTextLengthA
GetWindowTextA
GetClassNameA
TerminateProcess
NtSetContextThread
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuStringA
GetDesktopWindow
GetWindow
IsWindowVisible
GetWindowTextLengthA
GetWindowTextA
GetClassNameA
RtlMoveMemory
FindWindowExA
IsWindow
IsWindowVisible
GetWindowThreadProcessId
CreateToolhelp32Snapshot
Module32First
CloseHandle
EnumWindows
GetWindowThreadProcessId
GetWindowTextA
GetClassNameA
CoInitialize
CoInitializeEx
CoUninitialize
CreateIoCompletionPort
GetQueuedCompletionStatus
CloseHandle
M_Open_VidPid
M_ReleaseAllMouse
M_ReleaseAllKey
M_Close
CoInitializeEx
M_ResolutionUsed
M_LeftClick
M_RightClick
M_MoveTo3_D
M_KeyDown
M_KeyInputStringGBK
M_LeftDown
GetExitCodeThread
TerminateThread
GetCurrentProcessId
ZwTerminateProcess
TerminateProcess
GetCurrentProcessId
ZwQueryInformationProcess
OpenProcess
ZwOpenProcess
DebugActiveProcess
WaitForDebugEvent
ContinueDebugEvent
DebugActiveProcessStop
ZwQueryObject
ZwQuerySystemInformation
NtReadVirtualMemory
ZwWow64ReadVirtualMemory64
RtlMoveMemory
ZwQueryVirtualMemory
ZwQueryInformationProcess
ZwClose
GetHandleInformation
lstrlenW
lstrlenA
WideCharToMultiByte
WideCharToMultiByte
RtlMoveMemory
ZwDuplicateObject
GetVersionExA
GetSystemInfo
RtlGetNtVersionNumbers
GetSystemMetrics
RtlAdjustPrivilege
GetModuleHandleA
GetProcAddress
lstrcpyn
CreateDirectoryA
MoveFileA
ShellExecuteA
lstrcpyn
lstrcpyn
CreateWaitableTimerA
SetWaitableTimer
MsgWaitForMultipleObjects
CreateThread
SuspendThread
ResumeThread
MapVirtualKeyA
GetKeyNameTextA
SetParent
SendMessageTimeoutA
RtlMoveMemory
RtlMoveMemory
LdrGetDllHandleEx
MultiByteToWideChar
LdrLoadDll
MultiByteToWideChar
NtWriteVirtualMemory
ZwWow64WriteVirtualMemory64
RtlMoveMemory
ZwProtectVirtualMemory
PostMessageA
GetDesktopWindow
GetForegroundWindow
GetClassNameA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsIconic
OpenIcon
SetWindowPos
ShowWindowAsync
GetWindowLongA
LdrGetProcedureAddress
LdrGetProcedureAddress
LdrUnloadDll
CryptAcquireContextA
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CreateMutexA
WaitForSingleObject
SetTimer
SetWindowLongA
KillTimer
DispatchMessageA
CallWindowProcA
ReleaseMutex
ZwQueryInformationThread
PostThreadMessageA
ZwAllocateVirtualMemory
VirtualAllocEx
ZwCreateSection
ZwOpenDirectoryObject
ZwMapViewOfSection
ZwLockVirtualMemory
ZwUnmapViewOfSection
ZwUnlockVirtualMemory
GetCurrentThreadId
ZwSuspendThread
ZwYieldExecution
ZwQueryInformationThread
ZwSetInformationThread
ZwSetTimer
MsgWaitForMultipleObjects
ZwCreateTimer
ZwDelayExecution
ZwGetContextThread
RtlMoveMemory
RtlMoveMemory
ZwSetContextThread
ZwResumeThread
ZwAlertResumeThread
CreateRemoteThread
ZwWaitForSingleObject
ZwFreeVirtualMemory
ZwTerminateThread
ExitThread
OpenThread
ZwOpenThread
GetWindowThreadProcessId
CreateToolhelp32Snapshot
Module32First
CloseHandle
GetModuleFileNameExA
PathFindFileNameA
GetWindow
IsWindowEnabled
IsWindow
FindWindowA
FindWindowExA
GetCursorPos
ClientToScreen
IsWindowVisible
SetForegroundWindow
GetWindowRect
MoveWindow
ShowWindow
GetAncestor
ScreenToClient
GetWindowPlacement
GetClientRect
GetMenuBarInfo
AdjustWindowRectEx
WindowFromPoint
SwitchToThisWindow
SetActiveWindow
AttachThreadInput
RedrawWindow
EnumWindows
ZwQueryInformationProcess
MapVirtualKeyA
IsZoomed
GetDlgCtrlID
GetDlgItem
ChildWindowFromPointEx
IsWindowUnicode
SetPropA
GetLastActivePopup
M_MouseWheel
ZwClose
CreateFileA
OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
StartServiceA
ControlService
DeleteService
DeviceIoControl
ReadProcessMemory
ReadProcessMemory
ReadProcessMemory
ReadProcessMemory
ReadProcessMemory
ReadProcessMemory
WriteProcessMemory
WriteProcessMemory
WriteProcessMemory
WriteProcessMemory
WriteProcessMemory
WriteProcessMemory
d09f2340818511d396f6aaf844c7e325
F7FC1AE45C5C4758AF03EF19F18A395D
27bb20fdd3e145e4bee3db39ddd6e64c
A512548E76954B6E92C21055517615B0
5F99C1642A2F4e03850721B4F5D7C3F8
{B6F7542F-B8FE-46a8-9605-98856A687097}
4BB4003860154917BC7D8230BF4FA58A
0B4337DA651B4b619ACF61334A7E8B47
7B68736E818E41c5A28B0AE4D43C128C
AF6AD80AA4244A59AFB3D83ECF5173CC
42305932-06E6-47a5-AC79-8BDCDC58DF61
52F260023059454187AF826A3C07AF2A
A6B983789F624b2cBDFD7D671249C097
7F54B9CE8887428dBA9CEEB94CEF4C72
707ca37322474f6ca841f0e224f4b620
80CF4A6B3E09425bA57935A3A0E4C473
window
EditBox
PicBox
GroupBox
Button
CheckBox
RadioBox
ComboBox
ListBox
ProcessBar
CommonDlg
ComObject
Variant
CPUInfo
HDInfo
TreeBox
ListView
TransLabel
PageControl
SuperBtn
RichEdit
Download
TaskParam
ntdll.dll
user32.dll
Information
Thread
Process
Object
Control
Device
Single
Create
!This program cannot be run in DOS mode.
H(9u$t|
go=?xh
#|_Mh >&
kH_{BW
U( q{`
haB oQ
H\f"O`
,o[.^5G
s&R[V_
Bx0`\60ImV<
S`\SR^
,i8c a
:",m@l}
4j]Fn(
c9&q^!-J\
ONNECT %s:%d HTTP/1.1
Proxy-Connecti
Keep-Alive :
Authoriza&BasicH$
d *C]te
etcp.dllkRSDS
C:\Users\Adminin
B4.2\Re
dCompleo
Status
IsBadRe
c(LastErro
loseHand
alize.
En`r8T]
6LwvNl[
len#ts
jit_fdiv
??2@YAPAXI@Z
_beg/th
rWSAItl
j*@.&%M
XPTPSW
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PA
KERNEL32.DLL
MSVCRT.dll
USER32.dll
WS2_32.dll
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
wsprintfA
etcp.dll
@wsd12312@#%@@#@
@#@#wsdun8
10004|
10001||1|
where|and|=|>|<|set|select|'|insert|update|delete|union|drop|truncate|declare|xp_cmdshell|net user|exec|execute|xp_|sp_|?|eval|open|sysopen|system|&|join|union|like|create|modify|rename|alter|cas|convert|Array|root|char
http://pv.sohu.com/cityjson
", "cid": "
{"cip": "
"cname": "
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.87 Safari/537.36
http://www.ip138.com
<iframe src=
</title>
OPTIONS
DELETE
CONNECT
Cookies
User-Agent:
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept:
Accept: text/html, application/xhtml+xml, */*
Accept-Encoding:
Accept-Encoding: gbk, GB2312
Accept-Language:
Accept-Language: zh-cn
Content-Type:
Content-Type: application/x-www-form-urlencoded
Cache-Control:
Cache-Control: no-cache
Connection
keep-alive
Connection: keep-alive
Cookie:
Cookie:
Set-Cookie
Set-Cookie:
Location:
$@<meta.+?charset=[^\w]?([-\w]+)
gb2312
Adodb.Stream
Position
Charset
ReadText
WinHttp
WinHttp
WinHttp
WinHttp
=deleted
z>WinHttp.WinHttpRequest.5.1
SetTimeouts
SetProxy
Option
Accept:
Accept: */*
Referer:
Referer:
Accept-Language:
Accept-Language: zh-cn
User-Agent:
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Content-Type: application/x-www-form-urlencoded
SetCredentials
Basic
Proxy-Authorization
SetRequestHeader
Cookie
ResponseBody
GetAllResponseHeaders
Status
StatusText
@ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
10001|
10002|
10003|
10004|
10005|
10006|
10007|
10008|
10009|
10010|
10011|
10012|
10013|
10014|
10015|
10016|
10017|
10018|
10019|
10020|
10021|
10022|
10023|
10024|
10025|
10026|
10027|
10028|
10029|
10030|
10031|
10032|
10033|
10034|
10035|
10036|
10037|
10038|
10039|
10040|
10041|
10042|
10043|
10044|
10045|
10046|
10047|
10048|
10049|