Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00029cb0	0x00029e00	6.55761900593
.data	0x0002b000	0x003b692c	0x00013e00	7.77951522367
.rsrc	0x003e2000	0x00019c9a	0x00019e00	4.49265394553

Name	Offset	Size	Language	Sub-language	File type
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x003faa68	0x00000468	LANG_SYRIAC	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_STRING	0x003fb404	0x00000354	LANG_SYRIAC	SUBLANG_DEFAULT	data
RT_STRING	0x003fb404	0x00000354	LANG_SYRIAC	SUBLANG_DEFAULT	data
RT_STRING	0x003fb404	0x00000354	LANG_SYRIAC	SUBLANG_DEFAULT	data
RT_ACCELERATOR	0x003fb758	0x000000a8	LANG_SYRIAC	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x003fb934	0x00000076	LANG_SYRIAC	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x003fb934	0x00000076	LANG_SYRIAC	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x003fb934	0x00000076	LANG_SYRIAC	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x003fb934	0x00000076	LANG_SYRIAC	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x003fb934	0x00000076	LANG_SYRIAC	SUBLANG_DEFAULT	data
RT_VERSION	0x003fb9ac	0x0000025c	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_MANIFEST	0x003fbc08	0x00000092	LANG_NEUTRAL	SUBLANG_NEUTRAL	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

!This program cannot be run in DOS mode.

<|D<d

<&|D<d

|E<t|D<d

|D<Rich

`.data

generic

iostream

system

iostream stream error

Unknown exception

CorExitProcess

bad allocation

Visual C++ CRT: Not enough memory to complete call to strerror.

LC_TIME

LC_NUMERIC

LC_MONETARY

LC_CTYPE

LC_COLLATE

LC_ALL

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~

HH:mm:ss

dddd, MMMM dd, yyyy

MM/dd/yy

December

November

October

September

August

February

January

Saturday

Friday

Thursday

Wednesday

Tuesday

Monday

Sunday

FlsFree

FlsSetValue

FlsGetValue

FlsAlloc

(null)

`h````

xpxxxx

SystemFunction036

bad exception

Illegal byte sequence

Directory not empty

Function not implemented

No locks available

Filename too long

Resource deadlock avoided

Result too large

Domain error

Broken pipe

Too many links

Read-only file system

Invalid seek

No space left on device

File too large

Inappropriate I/O control operation

Too many open files

Too many open files in system

Invalid argument

Is a directory

Not a directory

No such device

Improper link

File exists

Resource device

Unknown error

Bad address

Permission denied

Not enough space

Resource temporarily unavailable

No child processes

Bad file descriptor

Exec format error

Arg list too long

No such device or address

Input/output error

Interrupted function call

No such process

No such file or directory

Operation not permitted

No error

united-states

united-kingdom

trinidad & tobago

south-korea

south-africa

south korea

south africa

slovak

puerto-rico

pr-china

pr china

new-zealand

hong-kong

holland

great britain

england

britain

america

swedish-finland

spanish-venezuela

spanish-uruguay

spanish-puerto rico

spanish-peru

spanish-paraguay

spanish-panama

spanish-nicaragua

spanish-modern

spanish-mexican

spanish-honduras

spanish-guatemala

spanish-el salvador

spanish-ecuador

spanish-dominican republic

spanish-costa rica

spanish-colombia

spanish-chile

spanish-bolivia

spanish-argentina

portuguese-brazilian

norwegian-nynorsk

norwegian-bokmal

norwegian

italian-swiss

irish-english

german-swiss

german-luxembourg

german-lichtenstein

german-austrian

french-swiss

french-luxembourg

french-canadian

french-belgian

english-usa

english-us

english-uk

english-trinidad y tobago

english-south africa

english-nz

english-jamaica

english-ire

english-caribbean

english-can

english-belize

english-aus

english-american

dutch-belgian

chinese-traditional

chinese-singapore

chinese-simplified

chinese-hongkong

chinese

canadian

belgian

australian

american-english

american english

american

Norwegian-Nynorsk

`h`hhh

xppwpp

GetProcessWindowStation

GetUserObjectInformationW

GetLastActivePopup

GetActiveWindow

MessageBoxW

Complete Object Locator'

Class Hierarchy Descriptor'

Base Class Array'

Base Class Descriptor at (

Type Descriptor'

`local static thread guard'

`managed vector copy constructor iterator'

`vector vbase copy constructor iterator'

`vector copy constructor iterator'

`dynamic atexit destructor for '

`dynamic initializer for '

`eh vector vbase copy constructor iterator'

`eh vector copy constructor iterator'

`managed vector destructor iterator'

`managed vector constructor iterator'

`placement delete[] closure'

`placement delete closure'

`omni callsig'

delete[]

new[]

`local vftable constructor closure'

`local vftable'

`udt returning'

`copy constructor closure'

`eh vector vbase constructor iterator'

`eh vector destructor iterator'

`eh vector constructor iterator'

`virtual displacement map'

`vector vbase constructor iterator'

`vector destructor iterator'

`vector constructor iterator'

`scalar deleting destructor'

`default constructor closure'

`vector deleting destructor'

`vbase destructor'

`string'

`local static guard'

`typeof'

`vcall'

`vbtable'

`vftable'

operator

delete

__unaligned

__restrict

__ptr64

__eabi

__clrcall

__fastcall

__thiscall

__stdcall

__pascal

__cdecl

__based(

{flat}

`non-type-template-parameter

unsigned

short

,<ellipsis>

throw(

`template-parameter

cli::pin_ptr<

cli::array<

`anonymous namespace'

generic-type-

template-parameter-

`unknown ecsu'

union

struct

class

coclass

cointerface

extern "C"

[thunk]:

public:

protected:

private:

virtual

static

`template static data member destructor helper'

`template static data member constructor helper'

`local static destructor helper'

`adjustor{

`vtordisp{

`vtordispex{

const

volatile

signed

double

wchar_t

UNKNOWN

__int128

__int32

__int64

__int16

__w64

__int8

std::nullptr_t

1#QNAN

1#SNAN

bad locale name

ios_base::badbit set

ios_base::failbit set

ios_base::eofbit set

wonerulekefavosixo

Tidimicibibofu yamezolinonu fobiyudu cikac fosufuvevohuris

%s %d %f

Piwigekihosepi xaruwireyedabic xasoyebuvuma tiwohi

letuwuvulat yonohuvudagumagu kinoyicocojakijihowazo

Guneh fitevawuluvicas pikocuvujewe

pojizovexokowitor curesufizowihasaseyucenahehalota

kozonafiyafomehetihitezu

kuvovepuzotazoyafojuwu

dazipataxapijetuk vuz

batehesuhasibevepesufuzofanas

invalid string position

vector<T> too long

string too long

bad cast

D$$^][

_9>t&j

QQSVWd

.t|PVj@

t"SS9] u

VPPPPP

HHtXHHt

?If90t

uhd+@

^SSSSS

j@j ^V

t=MOC

HtHu4j

t*=RCC

;7|G;p

tR99u2

F Pj*S

F$Pj+Sj

F(Pj,S

F,Pj-S

F0Pj.S

F4Pj/S

F8PjDS

F<PjES

F@PjFS

FDPjGS

FHPjHS

FLPjIS

FPPjJS

FTPjKS

FXPjLS

F\PjMS

F`PjNS

FdPjOS

FhPj8S

FlPj9S

FpPj:S

FtPj;S

FxPj<S

F|Pj=S

C PjPV

C$PjQV

C*PjTV

C+PjUV

C,PjVV

C-PjWV

C.PjRV

C/PjSV

CHPjPV

CLPjQV

PPPPPPPP

<+t"<-t

+t HHt

tM<it-<ot)<ut%<xt!<Xt

<it|<otx<utt<xtp<Xtl

HHtiHHt

HHtYHHt

URPQQh

HHt*HHt

<0|<9

tK<_t<<$t8<<t4<>t0<-t,<a|

<z~$<A|

<0|L<9

tI<A|2<P

t]<@tS<Zt

tp<@tl

OtFOt#OuV

t4<@t;V

Tt^HtTHtJHt

0t1HHt

<@tJ!~

AtJHt4Hu

<?tG<Xt

t VV9u

;t$,v-

UQPXY]Y[

D$tfkp

UUUh$G@

CreateMutexW

lstrcmpA

EnumCalendarInfoA

GetNumaProcessorNode

GetStringTypeA

SetUnhandledExceptionFilter

EnumCalendarInfoW

GetCurrentProcess

GetEnvironmentStringsW

WriteConsoleInputA

SetComputerNameW

FreeEnvironmentStringsA

CreateRemoteThread

WaitNamedPipeW

EnumResourceTypesA

GetDriveTypeA

SetHandleCount

GlobalAlloc

WideCharToMultiByte

LoadLibraryW

GetPrivateProfileStructW

GetSystemPowerStatus

GetConsoleAliasExesLengthW

SetConsoleCP

GetFileAttributesA

GetComputerNameExA

SetConsoleMode

GetConsoleAliasW

SetConsoleCursorPosition

GetVolumePathNameA

FindNextVolumeMountPointW

CreateMailslotW

GetNamedPipeHandleStateW

EnumSystemLocalesA

OpenMutexW

GetLastError

InterlockedFlushSList

GetProcAddress

BackupWrite

RemoveDirectoryA

GlobalGetAtomNameA

PrepareTape

ResetEvent

LoadLibraryA

OpenMutexA

InterlockedExchangeAdd

SetCalendarInfoW

SetCommMask

GlobalFindAtomW

GetModuleFileNameA

FindNextFileA

GetModuleHandleA

CreateMutexA

RequestWakeupLatency

GetVersionExA

GetDiskFreeSpaceExW

GetFileInformationByHandle

DeleteFileA

KERNEL32.dll

GetMenu

USER32.dll

ReportEventW

ADVAPI32.dll

WinHttpGetIEProxyConfigForCurrentUser

WINHTTP.dll

InterlockedIncrement

InterlockedDecrement

EncodePointer

DecodePointer

InterlockedExchange

InitializeCriticalSection

DeleteCriticalSection

EnterCriticalSection

LeaveCriticalSection

HeapFree

HeapAlloc

HeapReAlloc

GetModuleHandleW

ExitProcess

GetCommandLineA

HeapSetInformation

GetStartupInfoW

RaiseException

RtlUnwind

LCMapStringW

MultiByteToWideChar

GetCPInfo

GetACP

GetOEMCP

IsValidCodePage

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

SetLastError

GetCurrentThreadId

GetCurrentThread

UnhandledExceptionFilter

IsDebuggerPresent

TerminateProcess

IsProcessorFeaturePresent

HeapCreate

HeapDestroy

WriteFile

GetStdHandle

GetModuleFileNameW

SetFilePointer

InitializeCriticalSectionAndSpinCount

GetFileType

FatalAppExitA

SetConsoleCtrlHandler

FreeLibrary

GetLocaleInfoW

FreeEnvironmentStringsW

QueryPerformanceCounter

GetTickCount

GetCurrentProcessId

GetSystemTimeAsFileTime

HeapSize

GetUserDefaultLCID

GetLocaleInfoA

IsValidLocale

GetStringTypeW

GetConsoleCP

GetConsoleMode

SetStdHandle

FlushFileBuffers

WriteConsoleW

CreateFileW

CloseHandle

.?AVerror_category@std@@

.?AV_Generic_error_category@std@@

.?AV_Iostream_error_category@std@@

.?AV_System_error_category@std@@

.?AV_Locimp@locale@std@@

.?AVlogic_error@std@@

.?AVinvalid_argument@std@@

.?AVlength_error@std@@

.?AVout_of_range@std@@

.?AVoverflow_error@std@@

.?AVbad_typeid@std@@

.?AV__non_rtti_object@std@@

.?AVtype_info@@

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUVWXYZ

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUVWXYZ

.?AVbad_exception@std@@

.?AV?$ctype@D@std@@

.?AUctype_base@std@@

.?AVfacet@locale@std@@

.?AV?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@

.?AV?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@

.?AV?$basic_iostream@DU?$char_traits@D@std@@@std@@

.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@

.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@

.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@

.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@

.?AV?$_Iosb@H@std@@

.?AVios_base@std@@

.?AVruntime_error@std@@

.?AVexception@std@@

.?AVfailure@ios_base@std@@

.?AVsystem_error@std@@

O06%(C

~JChiT

:;5RQ

M_FdM{w

7Bn;N$

I1!{7Y

!n5vv.

6cGE"i

J1eLs\

UH1K`W

Q|TX.R

go7$xs

0K\S-f

2Jo(OZ

5'l($$

$I'(x/

Mag,,ku

9_)]cC

e2-w(u

qB^(~<

Z@#Osg'V

Kfj}qD

3}ah@YX

30_6m$

|7sdfX

WpqZvM3N

yOU?obL

MH =j<

#wJ8%]

9q?dE]

#f;yhp

g$=]]]

Nv5Z/5V

"7laL^

ROz^*=]

Uxcg!Z

PHDS('

BNo+C0Z

:h%h>jO

>r<t>?nu|

Z]?1G]|

#9'/2)

]k/yo

2aNf#@

G'WUyt

62V:Q\

kh)rv*9

oeW=U?

ewx/4T

)\T|.^

C`vev'

;&]L'("R

(_LPQF

)l#9(W 5k

,dW#c|

s|*t<L

E7FK#P

AYs\PZ

%y"VJ,

LHT$o7

VY4{z;

`%K6Ba

QQ#9hTO[R

XK9Q9@<

3YioKq

]YdDD1}

.QWAZ~

O]^ u8

}W`JoD

MI-"_*

%<@;Ir

.tO|tf

/pB9F_

-QX+Rg(\

otXt@~

c;npA(

-=e0T;Rg

BTD#|4w

tb,!h^

Uy[j+G

Wf,HId

2/q?nC

0]eS_/h

--dN\Ho

V,k-6-

Hd(iO(k

?GLkE~

pQ6@JH>)\

?k:)Zd

%hL4$$p.

Lc==mg

bE!kHU

!>RkH=;

b:./:m

?a7o5f

`TmK1a

8z/og%

C_;)@,

"-P#na

<*SC;K

U_ilZYlB

s$^.&K

G}o`hqc`^(

jmV>ptn

:1W}w1.

; )AiB

s!$+dg

?s2Wi3C

]wFQ7O

Hw>iR

;(mtSX

zguzFX@

Uw2Ign

71^=WWK

C:@UMQ|[

!stukQ

BcGZLy

ECU^2s

U%cD^Z

U.,D \

@U\ME)zbf8g

BTJ0)Xo

R+'xe-

9})JVV$

(LocJ8b

RR2`xU

5EHi.+

jNL5py0U

!L5k#93-

.?AVbad_cast@std@@

.?AVbad_alloc@std@@

AAAAAmmmmmmmmmmlmlll!

;Vjj===

gPPPPPPPPPPPPPPE

g+PPPPPPPPPPPPPE

gPPPPPPPPPPPPPPg=

g+PPPPPPPPPPPPPEjjA

gPPPPPPPPPPPPPPg

++PPPPPPPPPPPg

+++PPPPPPPg

++PPPg

__**g*Eg

___**gE

__**gw

))))))))))))))))))))

{{~|~y

||{~~}

}|y~{z{y

|~{~}{{

~||y~}{

|}}{z{

zy}~|~

}~{}~}}

zz{{|z

{{~|}~

~~z~}~

|{z~~}{

~{y|}|

||~{{{

|}~||}|{}

}{~|~}|

|}z}~|

}~}zzz|

}||~}}

|}{}|~z

}}}{}~

~~{~}{z}{|}

~z~{}}

}{}|{~

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAA

~AAAAAAAAAAAAAA

dAAAAAAAAAAAAAA8U

AAAAAAAAAAAAAW

AAAAAAAAAAAAA

AAAAAAAAAAA9

3AAAAAAAAAAAA

FAAAAAAAAAA

/AAAAAAAAAAA

AAAAAAAAA

/AAAAAAAAA

1dSAAAAAA

AAAAAAA[

b4>S"Riii

AAAAAAA3S

"2iiii

dAAAAAAA

iiiiii

AAAAAA

iiiiiii

h=DAAAAAAAA

/AAAAAAAAAA^

AAAAAAAAAAAAAAA*

AAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAA

pAAAAAAAAAAAAAAAAAAAAAAAAAAAA[

AAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

|L=====

====L|

======

==========q==========

|`vvvvvvvvvvv;;;;;;;;`|

|%;,,,,,,,,,,,,,,,,,

ddddddtddddddddtd

tttttttttttttrttttt

drrrrrrrrrrrrrrrrrrrrrd

drccrccrccrcccccccc

hhhhhhhhhhhhhhhhhhhhhhhhhhh

@@@@@@@@

pKKKKK

kkkkkkkkkkkk@

Yk'''''''''EE'EEK

~~~~~~~~~~~~~~~~~~~

~~~~~~~~

~~~~~~~~FJJ

JJJX~~~~~~~~

~~~~~~~~v

~~~~~~~

+~~~~~~

##r.~~~~~~~~~~~

~~~~~~~~~~~~.

r~~~~~~~~~~~~~~v

~~~~~~~~~~~~~~.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGw^^^^^^^^^^^^^^^^^^^^^^^^^^?^^?

GGGGGGGGGGGGGGG

qqqqqqqqqqqqqqqqqqqqq

GGGGGGGGGGGGG

^GGGGGGGGGGGG

lNNN

qqqqqqqqqqqq

w^GGGGGGGGGGG

w^GGGGGGGGGG

^GGGGGGGGG

qqqqqqqqq

^GGGGGGGG

^GGGGGGG

^GGGGGGG^

^GGGGGGG?

^GGGGGGG^

2^^2^^2^^2^^2^^2^^2^^^

^GGGGGGG^

wwwwwwwww

^GGGGGGG^

wwwwwwwww

^GGGGGGG^

wwwwww

^GGGGGGG^

$$$$$$$$$$$$$$$$$$$$$$$

^GGGGGGG^N

^GGGGGGG^

.dXXXXXXXXjXjXjjXjjjjX.

^GGGGGGG^

kkkPPP

^GGGGGGG^

<<kkkkkPPP

^GGGGGGG^

.j<<<<<kkkkkPPPPP

N?GGGGGGG^

<<<<k<kkkPPPPP

^GGGGGGG^

<<<<kkkkkPP

^GGGGGGG^

<<<<<kkk

?GGGGGGG^

^GGGGGGG^

.>jjjjj

?GGGGGGG^

.dXjXjjjjj

^GGGGGGG^

.dXXjXXjjjjjjj

^GGGGGGG^

."XXXXXXXXjjjjjjjj

?GGGGGGG^

.">>>XXXXXXXXXjjjjjjjX.

^GGGGGGG^

"dd>>>XXXXXXXXXjXjjX.

^GGGGGGG^

"""""dd>>XXXXXXXXjX>.

^GGGGGGG

$eeemmmmmmmmmmMMMMMM

GGGGGGGG

GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG

!!!!!!!

AAAAAA

EEFFFF

OOEEEFFFF

OOOOEEEFFFE

OOOOEEEE

{{{{{{{{{{{{{{{{

Mbb!MMMMMMb

RRRRRRRRvRvvv6

YYY|

333>>>

YY333>

YYY3|

uuuuuuuuuu

(((((((

(((((((((

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

</assembly>

mscoree.dll

((((( H

h(((( H

HH:mm:ss

dddd, MMMM dd, yyyy

MM/dd/yy

December

November

October

September

August

February

January

Saturday

Friday

Thursday

Wednesday

Tuesday

Monday

Sunday

nKERNEL32.DLL

@(null)

runtime error

TLOSS error

SING error

DOMAIN error

- Attempt to use MSIL code from this assembly during native code initialization

This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.

- not enough space for locale information

- Attempt to initialize the CRT more than once.

This indicates a bug in your application.

- CRT not initialized

- unable to initialize heap

- not enough space for lowio initialization

- not enough space for stdio initialization

- pure virtual function call

- not enough space for _onexit/atexit table

- unable to open console device

- unexpected heap error

- unexpected multithread lock error

- not enough space for thread data

- abort() has been called

- not enough space for environment

- not enough space for arguments

- floating point support not loaded

@Microsoft Visual C++ Runtime Library

Runtime Error!

Program:

ADVAPI32.DLL

WUSER32.DLL

CONOUT$

gihinagut pitezuzip

takepujiyunuposujo

fumubaxelawasizawubilegagifo

hotigugasilimupogicideso

dalayafonilumupebici

jifaromoxanehifunayarodepivem

@jjjjjjj

@jjjjjjjjj

jjjjjjj

6Zomeh joxom cigijasutuhuf reboxuzipulup fuwewi niwiroh

FPucahije zeholelu lawovonolo ruceleribejo yocibeve kijirefa zebavivigufXomebiru nocajuwubehejox yewis wuzuwaheboti yipasalu ditutuvej micete fosijayirijew kukivep xovosunako

]Mag remimekuxujix keninaced dudusopi nejopezuhurul rucek kohawez sup firucuviwamexe fonudikuz

mWohi werufodimi kacuwexehafifu yibowohiwute bipehe hajunogehosux hoxizekulalo hemokera gixisamizizedu rizifam\Xivadezotocup rofokup xepehazupubuveh fitofu yujew meyuxexesude jarebiju guhayajiki rak bofu

Noxi xisilaterocYebacujide robucuzuheyohus milixucadisavu vihey wijijojibor jegubija kimahazi jeloranicebawo detibo

Hokujutu koho kabibudaLDosuba cayeyuvof baxako tegosacanezur towefegecixeh tohopekikav silowujudige[Risumegahejop tipibo jugovi yesaya lirilaf dayarumob cafodojo niyanam bovigeji fenodalixire

Mugufuxe vasumayonazo buxuvaeYuxun wutude rayibunelo sivasotojamumuh xalurodirikomup dusurudi pirisiha ligowixiseheg pimolacekalay\Cokuyemoku xeneda xuninuku cogepopololov lagukosewafori lul hisewefol lora ragudike sukacidi

VS_VERSION_INFO

StringFileInfo

042805B6

CompanyName

LaffingDonald

FileDescriptions

IceIncorporated

FileVersion

27.5.52.82

LegalTrademark1

ElonGetsIt

OriginalFilename

BerserkShnitsel.exe

ProductName

SunnyDay

VarFileInfo

Translation

Antivirus	Signature
Bkav	Clean
Lionic	Trojan.Win32.Emotet.L!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Inject4.56232
MicroWorld-eScan	Gen:Variant.Zusy.457078
ClamAV	Clean
FireEye	Generic.mg.9f2d4ac2e67b3fe8
CAT-QuickHeal	Trojan.Multi
McAfee	Artemis!9F2D4AC2E67B
Malwarebytes	Trojan.MalPack.GS
Zillya	Clean
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Gen:Variant.Zusy.457078
K7GW	Trojan ( 005a38a81 )
K7AntiVirus	Trojan ( 005a38a81 )
BitDefenderTheta	Clean
VirIT	Clean
Cyren	W32/Kryptik.JOK.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
tehtris	Clean
ESET-NOD32	a variant of Win32/Kryptik.HTIG
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan-Spy.Win32.Stealer.gen
Alibaba	Clean
NANO-Antivirus	Clean
ViRobot	Trojan.Win.Z.Zusy.359936.A
Rising	Stealer.Agent!8.C2 (TFE:5:q6o1kdVs2XI)
TACHYON	Clean
Emsisoft	Gen:Variant.Zusy.457078 (B)
F-Secure	Trojan.TR/AD.GenSHCode.citco
Baidu	Clean
VIPRE	Gen:Variant.Zusy.457078
TrendMicro	TrojanSpy.Win32.RHADAMANTHYS.YXDDOZ
McAfee-GW-Edition	BehavesLike.Win32.Lockbit.fh
Trapmine	malicious.high.ml.score
CMC	Clean
Sophos	Troj/Krypt-WE
Ikarus	Trojan.Kryptik
GData	Win32.Trojan.PSE.ZD8D0M
Jiangmin	Clean
Webroot	Clean
Avira	TR/AD.GenSHCode.citco
Antiy-AVL	Trojan[Backdoor]/Win32.Convagent
Gridinsoft	Spy.Win32.Raccoon.bot
Xcitium	Clean
Arcabit	Trojan.Zusy.D6F976
SUPERAntiSpyware	Clean
ZoneAlarm	HEUR:Trojan-Spy.Win32.Stealer.gen
Microsoft	Trojan:Win32/Redline.TIY!MTB
Google	Detected
AhnLab-V3	Malware/Win.Generic.C5406802
Acronis	Clean
VBA32	BScope.Trojan.Khalesi
MAX	malware (ai score=85)
DeepInstinct	MALICIOUS
Cylance	unsafe
Panda	Clean
Zoner	Clean
TrendMicro-HouseCall	TrojanSpy.Win32.RHADAMANTHYS.YXDDOZ
Tencent	Win32.Trojan-Spy.Stealer.Udkl
Yandex	Clean
SentinelOne	Static AI - Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Kryptik.HTIG!tr
AVG	Win32:DropperX-gen [Drp]
Avast	Win32:DropperX-gen [Drp]

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports