Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00012c96	0x00012e00	6.47922733805
.data	0x00014000	0x028b8818	0x00013800	7.78975722195
.rsrc	0x028cd000	0x0001e6a0	0x0001e800	3.76979354004

Name	Offset	Size	Language	Sub-language	File type
RT_CURSOR	0x028ea1f0	0x000008a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"
RT_CURSOR	0x028ea1f0	0x000008a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"
RT_CURSOR	0x028ea1f0	0x000008a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"
RT_CURSOR	0x028ea1f0	0x000008a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"
RT_CURSOR	0x028ea1f0	0x000008a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"
RT_CURSOR	0x028ea1f0	0x000008a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"
RT_CURSOR	0x028ea1f0	0x000008a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"
RT_CURSOR	0x028ea1f0	0x000008a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40, 1st item "\251\317"
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7548	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_STRING	0x028eb188	0x00000516	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_STRING	0x028eb188	0x00000516	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_ACCELERATOR	0x028e7a28	0x00000090	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_CURSOR	0x028ea1c0	0x00000030	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_CURSOR	0x028ea1c0	0x00000030	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_CURSOR	0x028ea1c0	0x00000030	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_CURSOR	0x028ea1c0	0x00000030	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_ICON	0x028e79b0	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x028e79b0	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x028e79b0	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x028e79b0	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x028e79b0	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x028e79b0	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_VERSION	0x028eaab0	0x00000298	LANG_NEUTRAL	SUBLANG_NEUTRAL	data

!This program cannot be run in DOS mode.

`.data

Unknown exception

bad allocation

(null)

`h````

xpxxxx

HH:mm:ss

dddd, MMMM dd, yyyy

MM/dd/yy

December

November

October

September

August

February

January

Saturday

Friday

Thursday

Wednesday

Tuesday

Monday

Sunday

FlsFree

FlsSetValue

FlsGetValue

FlsAlloc

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

CorExitProcess

_nextafter

_hypot

`h`hhh

xppwpp

!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~

Complete Object Locator'

Class Hierarchy Descriptor'

Base Class Array'

Base Class Descriptor at (

Type Descriptor'

`local static thread guard'

`managed vector copy constructor iterator'

`vector vbase copy constructor iterator'

`vector copy constructor iterator'

`dynamic atexit destructor for '

`dynamic initializer for '

`eh vector vbase copy constructor iterator'

`eh vector copy constructor iterator'

`managed vector destructor iterator'

`managed vector constructor iterator'

`placement delete[] closure'

`placement delete closure'

`omni callsig'

delete[]

new[]

`local vftable constructor closure'

`local vftable'

`udt returning'

`copy constructor closure'

`eh vector vbase constructor iterator'

`eh vector destructor iterator'

`eh vector constructor iterator'

`virtual displacement map'

`vector vbase constructor iterator'

`vector destructor iterator'

`vector constructor iterator'

`scalar deleting destructor'

`default constructor closure'

`vector deleting destructor'

`vbase destructor'

`string'

`local static guard'

`typeof'

`vcall'

`vbtable'

`vftable'

operator

delete

__unaligned

__restrict

__ptr64

__eabi

__clrcall

__fastcall

__thiscall

__stdcall

__pascal

__cdecl

__based(

GetProcessWindowStation

GetUserObjectInformationW

GetLastActivePopup

GetActiveWindow

MessageBoxW

1#QNAN

1#SNAN

zuleker

dumiripaxexuf guxidumawilipaticoxoveyuyahit

jiwidipulisifajewabikerojira zerukutetudegupife

vomubupusupuvokehu

%s %d %f

modecimahajovayutekalezurotu

zenahuvotazusawicesiva pot fub

xuj goxobagawugod sulalayuzegufacahixoxalirip

nomolezesegitusah

bemiderogoxefegule hopokimiwaborugomacuyuribipa havosilaxevomilusecejenale

yijuxenay

cocezirihajibumoxorex wefurudisokuxixivehofucetajelala

invalid string position

vector<T> too long

string too long

bad exception

tWItHIt9It

r=XDA

HHtXHHt

?If90t

j@j ^V

uh<"@

^SSSSS

URPQQh0

t"SS9] u

vL;54OA

PPPPPPPP

j h0,A

;t$,v-

UQPXY]Y[

<+t"<-t

+t HHt

QQSVWd

t=MOC

j,h`0A

HtHu4j

t*=RCC

;7|G;p

tR99u2

CreateMutexW

GetDriveTypeW

ConvertThreadToFiber

GetConsoleAliasExesLengthA

InterlockedIncrement

SetMailslotInfo

GetLogicalDriveStringsW

WritePrivateProfileSectionA

CreateDirectoryW

FreeEnvironmentStringsA

GetModuleHandleW

GetTickCount

EnumCalendarInfoExW

WaitNamedPipeW

EnumTimeFormatsW

SetProcessPriorityBoost

GetSystemDirectoryW

GetPrivateProfileStructW

GetCalendarInfoA

GetProcessHandleCount

LeaveCriticalSection

GetFileAttributesA

GetFileAttributesW

SetSystemPowerState

GetModuleFileNameW

CompareStringW

GetVolumePathNameA

GetShortPathNameA

EnumSystemLocalesA

GetPrivateProfileIntW

GetProcAddress

MoveFileW

SetComputerNameA

SearchPathA

OpenWaitableTimerA

LoadLibraryA

WriteConsoleA

InterlockedExchangeAdd

LocalAlloc

DeleteTimerQueue

MoveFileA

BuildCommDCBAndTimeoutsW

FindFirstVolumeMountPointW

IsSystemResumeAutomatic

AddAtomW

GetDiskFreeSpaceA

OpenJobObjectW

FindFirstVolumeMountPointA

EnumDateFormatsA

GetModuleHandleA

FindNextFileW

GetStringTypeW

GetConsoleTitleW

SetCalendarInfoA

SetThreadAffinityMask

SetFileShortNameA

FindAtomW

GetVolumeNameForVolumeMountPointW

DeleteFileW

AreFileApisANSI

KERNEL32.dll

GetCharABCWidthsW

SelectObject

GDI32.dll

DuplicateIcon

SHELL32.dll

GetLastError

HeapFree

DeleteFileA

WideCharToMultiByte

GetCommandLineA

HeapSetInformation

GetStartupInfoW

RaiseException

HeapAlloc

IsProcessorFeaturePresent

EncodePointer

DecodePointer

HeapCreate

EnterCriticalSection

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

TerminateProcess

GetCurrentProcess

GetCPInfo

InterlockedDecrement

GetACP

GetOEMCP

IsValidCodePage

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

SetLastError

GetCurrentThreadId

SetHandleCount

GetStdHandle

InitializeCriticalSectionAndSpinCount

GetFileType

DeleteCriticalSection

ExitProcess

WriteFile

GetModuleFileNameA

FreeEnvironmentStringsW

GetEnvironmentStringsW

QueryPerformanceCounter

GetCurrentProcessId

GetSystemTimeAsFileTime

RtlUnwind

LCMapStringW

MultiByteToWideChar

SetFilePointer

GetConsoleCP

GetConsoleMode

HeapSize

LoadLibraryW

HeapReAlloc

FlushFileBuffers

SetStdHandle

WriteConsoleW

CloseHandle

CreateFileW

.?AVlogic_error@std@@

.?AVlength_error@std@@

.?AVout_of_range@std@@

.?AVtype_info@@

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUVWXYZ

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUVWXYZ

.?AVexception@std@@

g{bDy;

JZy{Xla

uN<tsyz

?8t2_8L

O/8 EqA

AdaZLo1

WVzN4

3tpFL|

8;R@kZ

9@#_F$

QDo\Bg6

SrvU%XX

jU'6=;L

RsB`Gy

zt-9ts

bnRL %4

q0n:/+!

KPj0d"

c=VaBy

LU/Ddr

(?|>Q/

cb|uzG

wAs^nSL

,m4`B(

h-'#~BPx

br#&TF

RUMV0a

{i0_<z

#Bny>

-}A!jW

M\E?\

m=)k\.

},$Wp'

9#[j33

{dNj)h

zvdG6tM

{1?CEX

Sm`)a8 0

.Lu\`>

Wia}e/

-'6N5 1/

cpQg$~3

WUKPZY

}[MiT!

g.XdFec?\

W0Ws}|

w(nw?]

,w<=dE

IX'B$fy

\E>7twnRVT

&Kb:14

(AFi4BQ

/*|SCtz

C:?=}D

{U/B,(

RbMOA6

-LxW`K

YsP-Sm

w$RgA#

&ctf.9go

&M}TS

0$!T|/

sL!d8%

ebhQxsx;"

[[si0A}

dq_8qg

PUc{#{

\+FSHn

s_;h&h

XhW73I

rtB-}L{M

e3.pL#+

>v<_-p]

?q8#8c

\$^P2(9B?

~|^DP

Ss}X*g

5xH/;d

7_L*KD

xjRobWH

k6T14N

rklf ;N/

"ib$yZ@p

X\w[HY

+5 &PD4

8ax$`m

=V6K+l

kH@Z^a

4\|3$s

j[G Y

pz?okKtX9

>*k{"Pi

4rLuOU

4amMDc

Hp,:kT

)9S6|H

h<!j'!

.X2gv@

pn}K6>BL

}p`RXh8

gOS|=,

iB0(6?

5?%FzQ

f?DjqM

%np;I"

fhtaO`(h3

+OX?$g

2rcm+K

0$QkZi

cJsn!=

wMh@hq

vWK@hyj

zZPY|<o

-mP[6J

R?@~-o7!g

0hq}^<d

W`>$^[`)z

r\DH)z

.H4Q:m;

Q/d,LT;}Y

:S ^

@"&jr6

axHHRncv

R4#*i1

gwX0,y

.?AVbad_alloc@std@@

.?AVbad_exception@std@@

:::::::::::::::::::::::::::::::::::::::::::::::::::::l:::::::::::5:::::::::::l~

:::::::

mh:::::::::::

v=:::::::::::

::::::::::::

(((((((q

:::::::::::::l

:::::::::::

:::::::::lv

:::::::

br[[[[[[[[[[[

:::::l

:::::::D

=~----

:::::::::::::::

::::::::::::::::::

::::::::::::::::::::

::::::::::::::::::::::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPK

PPPPPPPP

o`PPPPPPPP;mmAmmo8PPPPPPPP

/PPPPPPPP

PPPPPPP

NPPPPP

PPPPPP

PPPPPPPPPPP8

eKPPPPPPPPPPPP

PPPPPPPPPPPPPP

PPPPPPPPPPPPPPPPPPPPPPPP

DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD

DDDDDDDDD

8888888888888

DDDDDDDD

DDDDDDD

DDDDDD

:84DDDDD

888888

84DDDDD

888888888

44:84DDDDD

8888888888888

84DDDDD

DDDDD$8:

84DDDDD

jjjjjjjjjjjjjj0

DDDDD$8

h84DDDDD

h8$DDDDD$8

h84DDDDD

h8$DDDDD$8

4DDDDD

h8$DDDDD$8(

DDDDD$8

ii""""OO

DDDDD$8

ii""""OOOO

DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD

aaaaaa

aUaUUa

@(((((

N/hhhM

NN//hhhMM

NNN///

qqqqqqq

0DDDDDDDDDD0

eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee@DDDDD

eeeeeeeeee

!!!aaQQQQ

eeeeeeeeee

aaaaQQQ

eeeeeeeeee'ZZ

!aDeeeeeeeeee'ZZ

Deeeeeeeeee'ZZ

eeeeeeeeee'ZZ

ZZ'eeeeeeeeee'ZZ

ZZ'eeeeeeeeee'ZZV

ZZ'eeeeeeeeee'ZZ

+ZZ'eeeeeeeeee'ZZ

VZZ'eeeeeeeeee'ZZ

ZZ'eeeeeeeeee'ZZ0

ZZ'eeeeeeeeee'ZZZZZZZZZZZZZZZZZZZZ'eeeeeeeeee'ZZZZZZZZZZZZZZZZZZZZ'eeeeeeeeee

''''''''''''''''''''

eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHHHHHHH

9HHHHHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHHHHHHE

HHHHHHHHHHHHHHHHHHHH!

HHHHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHH7O

HHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHH=####=l9HHHHHHHHHHHHHH

HHHHHHHHHHHHHHHH=

HHHHHHHHHHHHHH4

HHHHHHHHHHHHHH=

HHHHHHHHHHHHH

HHHHHHHHHHHHyh

{lHHHHHHHHHHHH9

HHHHHHHHHH

HHHHHHHHHHH

HHHHHH

HHHHHHHHHHH

HHHHHHHHHH

HHHHHHHHH

eeeeeh

HHHHHHHHH

HHHHHHHHHH

HHHHHHHHHHHH

HHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH^

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH^

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH^

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH^

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH^

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH^

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH^

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH^t

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH

HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH

KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK

KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK

KKKKKKKKKKKKKKKZ

KKKKKKKKKKKKKKO

KKKKKKKKKKKKKK

KKKKKKKKKKKKK,

DKKKKKKKKKKKKK>

KKKKKKKKKKK

0KKKKKKKKKKKK>

m<KKKKKKKKKK

KKKKKKKKKKK>

KKKKKKKKK

KKKKKK

|KKKKKKK

KKKKKKK0

KKKKKKK

KKKKKK1

KKKKKKKK

KKKKKKKKKK

KKKKKKKKKKKKKKK

rKKKKKKKKKKKKKKKKKKKKr

KKKKKKKKKKKKKKKKKKKKKKK

KKKKKKKKKKKKKKKKKKKKKKKK

KKKKKKKKKKKKKKKKKKKKKKKKK

OKKKKKKKKKKKKKKKKKKKKKKKKKKK

KKKKKKKKKKKKKKKKKKKKKKKKKKKK

KKKKKKKKKKKKKKKKKKKKKKKKKKKKKoKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK

`````````````````````````````````````````````````````````````````````````````````````````````````

``````````

```````````

``````````

`````````

````````

```````=

``````

=``````

``````

,i****

*****(

```````

``````````

```````````````Z

````````````````

``````````````````

+=```````````````````

````````````````````

``````````````````````````````````````````````````````````````````````````````````````````````````````````

~~~~~~

/////////////////

\\\\\\\\\\\

kkkkkkkkkkkkk

vvvvvvvvvvvvvk

kvv6v6v6v6v6v

f]]]]]]]f

hhhhhhhhhhhh

h888888888aa8aa

;;;;;;;;;;;;;;;;;;;

;;;;;;;;

l;;;;;;;;U

;;;;;;;;

;;;;;;;;]

;;;;;;;yR

;;;;;y

~~~~~~~~

;;;;;;

;;;;;;;;;;;M

;;;;;;;;;;;;

7;;;;;;;;;;;;;;]

;;;;;;;;;;;;;;

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

s//////////////////////////

wsssssw/6

wxxxxxxxxxxxxxxxxxxxxxw

6))))))))))))

))))))))

ww)xxxxxxxxx

xxxxxxxxxxxxxxxxxxxxx

xxxxxxxxxxxxxxxxxxxxxw

WsWs6]

Ws0sWsssssssss66666666666w6w6wwww

0000s0Ws0sssssssss[666666666w6www

00W00WW0s00s0sWssssss[66666w66666

00vNNNNNNNNNNNNNNNNNNNNNNNNNNN_w6

NUxxxxxxxxxxxxxxxxxxxxxxxUN

xUN_ss

NNNNNNNNNNNNNNNNNNNNNNNNNNN

========================================================================================================

=========

========

=======

======

``````

$i$$iiiiii

Baaa]]]]]a

///IIII[[[

///I/II[[[I

///I/I/

llZZZ

xxllllZZZ

xxxllllZZZZB

xxlxlllB

B]]

==================================================================================================

wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww

BBBBBBBBBB

wwwwwww

tttttt

wwwwww

BBB"B"""""C"""

1{{{{{{{{{{{|

DDDSSS

$$$---

DDDSSS

<<<

OO <<<

wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww

EEEEEEEE

+9++8889+

+++++++++

C99999999

w(null)

HH:mm:ss

dddd, MMMM dd, yyyy

MM/dd/yy

December

November

October

September

August

February

January

Saturday

Friday

Thursday

Wednesday

Tuesday

Monday

Sunday

nKERNEL32.DLL

mscoree.dll

runtime error

TLOSS error

SING error

DOMAIN error

- Attempt to use MSIL code from this assembly during native code initialization

This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.

- not enough space for locale information

- Attempt to initialize the CRT more than once.

This indicates a bug in your application.

- CRT not initialized

- unable to initialize heap

- not enough space for lowio initialization

- not enough space for stdio initialization

- pure virtual function call

- not enough space for _onexit/atexit table

- unable to open console device

- unexpected heap error

- unexpected multithread lock error

- not enough space for thread data

- abort() has been called

- not enough space for environment

- not enough space for arguments

- floating point support not loaded

@Microsoft Visual C++ Runtime Library

Runtime Error!

Program:

((((( H

h(((( H

WUSER32.DLL

CONOUT$

evuwilukesiwo

pukevu

bafatinubuwaf

jeyugecehunowibapixubagedufihahe

yazitenazewoxos gur

razujoxufipezoxomaxiwovip

maxinufibaxotagef tuyojagewutabidiwepuhog vufokusenefanubexa notacoyalohulu

juzahemejixohoyapag torirogatefi

baseyarebumikovilo sibifodidabajehife yomuhizojidu mitukahepu

bobanonacovudehixihaviremarotas

@jjjjjj

/ P6pL

,/KPip

/-P?pR

VS_VERSION_INFO

StringFileInfo

029285B1

CompanyName

MagicWind

FileDescriptions

NiceIncorporated

InternalName

Brutus.exe

LegalCopyrights

Challenger fazan inc.

LegalTrademarks2

objfngizdf

ProductName

Broadways

ProductVersion

65.61.98.41

VarFileInfo

Translation

9Macug dedinomeyalodap kicojezu cebede nejiwovote zucukibuWYin cupujifor fesup wodezisim wefibazisege dakibumimodilac domujumive kozura lil cusutuYajolarugodewo fikalidawot pivu*Mutem xanarinitefu mif tib lukepuxokigitedcTimodevakes woximilemazov begenofi gacalih murituca tixecobu rumayefu dolohoyadulegi xoyegareraduyo

Vicobexele

NufihowJHutiwamenif ruvaguluxo foyojoson wefuxomutajibu muv zeharofu wipehagiwepit

CehibuyawoseyikBezodeculec dufojuli gupikusunutemax wosevufijolihoz xuhibixeho mujatadoyo gayuso hejukejatanag giyojuj dab

VHabim tovexa xamugoludukat nezofetaviyaru pupibuxopimo jole duluculiwo lutufisawevimuf

Hecisigidewav hedihukajorosag_Wigiwawunapaje gozecezalor zeji vupegixamoc fituzivox ripigawolaha movodohiyifa vowevehawovuvozbNelolexowovarig kemagu xolovutopufila ton bomanupigogusif tezesija nelijonu hutikogabuya tozabeluzRVajo nelaziyekanip celixekic rorikepuwuk pip loniguyilob ciyalubodiyen wehafenowigCTehiluk kir nadagolalabisat wusicezur relahexeya zij yafoj nuyofumaHBogatujisux suma kimexiv bexoyudiw difujeda wicag xejakarimesafub runulujMabuy gidesuzawecoj sakuko wefavizexurogu vekefolokuno juvivujunuy piciyahesa jazihopegujemo watid wesuzet

Antivirus	Signature
Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Mokes.4!c
tehtris	Generic.Malware
MicroWorld-eScan	Trojan.GenericKD.67437928
CMC	Clean
CAT-QuickHeal	Clean
ALYac	Clean
Malwarebytes	Trojan.MalPack.GS
VIPRE	Trojan.GenericKD.67437928
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Clean
BitDefender	Trojan.GenericKD.67437928
K7GW	Trojan ( 005a6c971 )
Cybereason	malicious.e57692
BitDefenderTheta	Clean
VirIT	Clean
Cyren	W32/Convagent.CS.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Kryptik.HTTS
APEX	Malicious
Paloalto	Clean
ClamAV	Win.Packed.Zusy-10003906-0
Kaspersky	HEUR:Backdoor.Win32.Mokes.gen
Alibaba	Trojan:Win32/GenKryptik.f0668503
NANO-Antivirus	Clean
SUPERAntiSpyware	Clean
Rising	Trojan.Generic@AI.100 (RDML:91cCrPEdcVJpv8wxGEge1g)
TACHYON	Clean
Sophos	Mal/Generic-S
Baidu	Clean
F-Secure	Trojan.TR/AD.SmokeLoader.yrndm
DrWeb	Trojan.Siggen20.61315
Zillya	Clean
TrendMicro	Trojan.Win32.AMADEY.YXDFIZ
McAfee-GW-Edition	BehavesLike.Win32.Lockbit.dh
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.5206b4f1cbecc125
Emsisoft	Trojan.GenericKD.67437928 (B)
SentinelOne	Static AI - Suspicious PE
Jiangmin	Clean
Webroot	Clean
Avira	TR/AD.SmokeLoader.yrndm
Antiy-AVL	Trojan/Win32.Zenpak
Microsoft	Trojan:Win32/Vidar.PBH!MTB
Gridinsoft	Trojan.Win32.SmokeLoader.bot
Xcitium	Malware@#2xd53l3l48pnn
Arcabit	Trojan.Generic.D4050568
ViRobot	Trojan.Win.Z.Kryptik.283136.N
ZoneAlarm	HEUR:Backdoor.Win32.Mokes.gen
GData	Trojan.GenericKD.67437928
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.RansomX-gen.C5439208
Acronis	Clean
McAfee	Artemis!5206B4F1CBEC
MAX	malware (ai score=81)
DeepInstinct	MALICIOUS
VBA32	Clean
Cylance	unsafe
Panda	Trj/GdSda.A
Zoner	Clean
TrendMicro-HouseCall	Trojan.Win32.AMADEY.YXDFIZ
Tencent	Trojan.Win32.Obfuscated.gen
Yandex	Clean
Ikarus	Trojan.Crypter
MaxSecure	Clean
Fortinet	W32/Kryptik.HTNN!tr
AVG	Win32:RansomX-gen [Ransom]
Avast	Win32:RansomX-gen [Ransom]
CrowdStrike	win/malicious_confidence_100% (W)

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports