Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00012cfa	0x00012e00	6.47497790969
.data	0x00014000	0x028ba7d0	0x00015800	7.36767204142
.rsrc	0x028cf000	0x0001add8	0x0001ae00	3.82109116694

Name	Offset	Size	Language	Sub-language	File type
RT_CURSOR	0x028e82f8	0x000010a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40
RT_CURSOR	0x028e82f8	0x000010a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40
RT_CURSOR	0x028e82f8	0x000010a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40
RT_CURSOR	0x028e82f8	0x000010a8	LANG_NEUTRAL	SUBLANG_NEUTRAL	dBase III DBT, version number 0, next free block index 40
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_ICON	0x028e7a20	0x00000468	LANG_TAMIL	SUBLANG_DEFAULT	GLS_BINARY_LSB_FIRST
RT_STRING	0x028e9ac0	0x00000314	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_STRING	0x028e9ac0	0x00000314	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_ACCELERATOR	0x028e7f00	0x00000090	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_CURSOR	0x028e93a0	0x00000030	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_CURSOR	0x028e93a0	0x00000030	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_ICON	0x028e7e88	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x028e7e88	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x028e7e88	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x028e7e88	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_GROUP_ICON	0x028e7e88	0x00000076	LANG_TAMIL	SUBLANG_DEFAULT	data
RT_VERSION	0x028e93d0	0x00000228	LANG_NEUTRAL	SUBLANG_NEUTRAL	data

!This program cannot be run in DOS mode.

`.data

Unknown exception

bad allocation

(null)

`h````

xpxxxx

HH:mm:ss

dddd, MMMM dd, yyyy

MM/dd/yy

December

November

October

September

August

February

January

Saturday

Friday

Thursday

Wednesday

Tuesday

Monday

Sunday

FlsFree

FlsSetValue

FlsGetValue

FlsAlloc

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

CorExitProcess

`h`hhh

xppwpp

!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~

Complete Object Locator'

Class Hierarchy Descriptor'

Base Class Array'

Base Class Descriptor at (

Type Descriptor'

`local static thread guard'

`managed vector copy constructor iterator'

`vector vbase copy constructor iterator'

`vector copy constructor iterator'

`dynamic atexit destructor for '

`dynamic initializer for '

`eh vector vbase copy constructor iterator'

`eh vector copy constructor iterator'

`managed vector destructor iterator'

`managed vector constructor iterator'

`placement delete[] closure'

`placement delete closure'

`omni callsig'

delete[]

new[]

`local vftable constructor closure'

`local vftable'

`udt returning'

`copy constructor closure'

`eh vector vbase constructor iterator'

`eh vector destructor iterator'

`eh vector constructor iterator'

`virtual displacement map'

`vector vbase constructor iterator'

`vector destructor iterator'

`vector constructor iterator'

`scalar deleting destructor'

`default constructor closure'

`vector deleting destructor'

`vbase destructor'

`string'

`local static guard'

`typeof'

`vcall'

`vbtable'

`vftable'

operator

delete

__unaligned

__restrict

__ptr64

__eabi

__clrcall

__fastcall

__thiscall

__stdcall

__pascal

__cdecl

__based(

GetProcessWindowStation

GetUserObjectInformationW

GetLastActivePopup

GetActiveWindow

MessageBoxW

bedirokesanewahesijudi

roruyomotika cayubibiyasulih

kosedowem batezerinetoriwopamawijipiyud

jixuduxekili

ducibo

lurutebosufitotecupa

%s %d %f

riyevezoxexizumopulin

hiromoyoxuy

kanifudesogeracare xiyabuwoj gur

mutom sacojo tukaxomajupowosudahobociziziv goyojidoyebikan

fawekudefo pot fub

varuxasazimayuyonubuxaren tutoye caxuseruyexagacaxijameyavapede

yapadirelibeyefeduduwucapegufad pukugepafusiceyenexepasu

codixefenepotovaxuzodukenilev

nisoselonuzumigoxonogid yobafofeyovutoxafopovufef lizorijijolexogesicatakewi

invalid string position

vector<T> too long

string too long

bad exception

_nextafter

_hypot

1#QNAN

1#SNAN

jXhH*A

r=PDA

j@j ^V

HHtXHHt

?If90t

Y;=(LA

uh4!@

^SSSSS

URPQQhP

t"SS9] u

PPPPPPPP

u}h02@

;t$,v-

UQPXY]Y[

L$dQhl3@

QQSVWd

tWItHIt9It

t=MOC

HtHu4j

t*=RCC

;7|G;p

tR99u2

<+t"<-t

+t HHt

u-hH<@

GetStringTypeA

GetDriveTypeW

InterlockedIncrement

SetMailslotInfo

GetLogicalDriveStringsW

WritePrivateProfileSectionA

GetSystemWindowsDirectoryW

FreeEnvironmentStringsA

GetProcessPriorityBoost

GetTickCount

EnumCalendarInfoExW

WaitNamedPipeW

EnumTimeFormatsW

GetVolumePathNameW

GetPrivateProfileIntA

GetSystemPowerStatus

GetCalendarInfoA

GetProcessHandleCount

GetConsoleAliasExesLengthW

LeaveCriticalSection

GetFileAttributesW

GetModuleFileNameW

GetShortPathNameA

DeleteFiber

GetProcAddress

HeapSize

MoveFileW

SetComputerNameA

SearchPathA

GetDiskFreeSpaceW

OpenWaitableTimerA

LoadLibraryA

WriteConsoleA

GetProcessId

InterlockedExchangeAdd

LocalAlloc

DeleteTimerQueue

SetCalendarInfoW

MoveFileA

BuildCommDCBAndTimeoutsW

FindFirstVolumeMountPointW

IsSystemResumeAutomatic

AddAtomW

OpenJobObjectW

GetPrivateProfileStructA

FindFirstVolumeMountPointA

EnumDateFormatsA

GetModuleHandleA

CreateMutexA

FindNextFileW

GetConsoleTitleW

EnumDateFormatsW

CompareStringA

GetShortPathNameW

SetFileShortNameA

FindAtomW

GetVolumeNameForVolumeMountPointW

DeleteFileW

EnumSystemLocalesW

AreFileApisANSI

KERNEL32.dll

GetCharABCWidthsW

SelectObject

GDI32.dll

GetLastError

HeapFree

DeleteFileA

WideCharToMultiByte

HeapReAlloc

GetCommandLineA

HeapSetInformation

GetStartupInfoW

RaiseException

HeapAlloc

IsProcessorFeaturePresent

HeapCreate

EnterCriticalSection

SetFilePointer

SetHandleCount

GetStdHandle

InitializeCriticalSectionAndSpinCount

GetFileType

DeleteCriticalSection

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

EncodePointer

DecodePointer

TerminateProcess

GetCurrentProcess

GetCPInfo

InterlockedDecrement

GetACP

GetOEMCP

IsValidCodePage

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

GetModuleHandleW

SetLastError

GetCurrentThreadId

ExitProcess

WriteFile

GetModuleFileNameA

FreeEnvironmentStringsW

GetEnvironmentStringsW

QueryPerformanceCounter

GetCurrentProcessId

GetSystemTimeAsFileTime

SetStdHandle

GetConsoleCP

GetConsoleMode

FlushFileBuffers

RtlUnwind

LCMapStringW

MultiByteToWideChar

GetStringTypeW

LoadLibraryW

WriteConsoleW

CloseHandle

CreateFileW

.?AVlogic_error@std@@

.?AVlength_error@std@@

.?AVout_of_range@std@@

.?AVtype_info@@

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUVWXYZ

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUVWXYZ

.?AVexception@std@@

Ft6im~`

I%5Zu,9

)6*"QY

rZQ(dD7

|g3?Rd1q

#7M_S%

EfySdS]

'M;#>h

pfWv:ie

r%J8G.A

~PnT=U

qXwb7NAL=

m02~cy

3zC-u2

#ou6vW3

IR&h?n(<

32t~!j

in3<nIM<

P6J_+q

8 dG,tIQ

+kbgH>

k\!<7b

Jtz+PfOJPJ

Z`t\'%5

UGB*g^

8y6[bw+7

jAaFf

YmAk{(

&m2_&5

/ciFNC

pivs3|

Umj!\%

=CFr-Mtk

lR2y40

,iD5dS}D

Yd)Ft

e{P8+~

8~Fur*

ppc;4p.k>

1VzRkJ=

Q1i}/N

ekPxG=

R5SL;)

lC(A9*f

$]3a^z6

Dkq'XE

` qR+`

7WdWi24n8

=:fbdNu

rB8CB~

D<HW.pO

)6CW1Wm

o/4@J

A3nki+

rIq<HF

>_ttl]

2thB3

6H5VSW

}{C<]k=

jJ_pl%

X+a^Jp

Wq0bdB

7uO4Pj.

hw!u(?

Hu!>l6

4|N3dUo

^PR}kqj

8?.|T(

SeXLn7

t~)S1~

Uvg=ja

Kxx`G@1g,

@cBis

[2v&=o

]tBbJq+

]k.pms

_Fu.Q$

tCPDLkN

XWH=dv

-N`j+[H

yJIt>7=/

E-G:yB

OS%fy'

{hX6iR[

59cI!$rr!

;#kW:4

1f&+NP#

nzWBDe

bjiobO

<-&4?.eN

f~C:6L:;E

M?'L[p

;3ocJw

pZCIE$

qg&_xw

1D"$q+h"

\0TY=m

soaR1'G

2}U5[I

h7jKK"

C`.'RU

'~aI`z

R#]oxA

LFd9bH5

.PMj=Yj

%/G2&s

5zm?)wV

ha~i4@

/m{G^

;Gl7#Y

ay!Q(Gh

*"d~>L

8Xs{5P

A[0QM}

1dS!=Hc

L[J>'f

~:]</'

4+>-J@#

(CZ3ir&

;Jhp$9~

ZUPVa"%

_2n?W

Z3/n,

L2Az;/N;

h<9=#)j

.?AVbad_alloc@std@@

.?AVbad_exception@std@@

iiiiiiiii

!!!!TT

RRRRRRR

pHHHHHHHHHHHHH

bpppH{

b@bb@bbbH

@b@@b@b@p

@@@@@@@bH

{.@.@@@@@H

{pp......H

pHHHHHHpH{

{{Hp@@.HHHHHHHHH

pHHHHHHHHHHHHH

{{{{{{

//////////////

xxxx+++

PF/+nn(((???

nnnn((?(??

{HbaF/

FFFFFFFFFFFFFFFF&

++++++++++$

ssssss5q

qs's''sq$$

55555sq$

5rYL G$

[7f///

77ff///

777fff

4444444~

VDDDDDDDDVD

~~~~~~

Sktttt

ktttttWS

tttttt5

tttttttt

X S

ttttttttt,

Wtttttttttttttt

NNWaaMM

55tttttttttttttpj

WaMMMM55tttttttt5

55ttttW

*****************************************************************************************************************************************************************.*******************************

***************V

**************

)**************5

U*************Z

*************

***********

************

S**********U

***********

U*********j

*********

*********U

.y)$******

*******

)*******U

******~

********U

**********f

***************oUU

********************

U***********************

************************

*************************

***************************

****************************

*****************************7******************************************************************************************************************************************************************************

^yyyyy

z~~}}~}

y|}}}~

z~|~~}

|~}{}}{~

{}{}{{

}}{}~~

}|~{~z

{y}~}{||

}}|y~z

~|}}~}

}|~}}~z

}||{}y~|}

|||}{z

~|z~|~y

{}}|}~

|~}}{|

|z~~}~~

z{{}y}

LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLL===

LLLLLLLLLLLLLLLLLLL

===LLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLL

LLLLLLL

LLLLLLLLLLLLLLLLLLLLLL=>5

>=LLLLLLLLLLLLLLLLLLLLLLL=

=LLLLLLLLLLLLLLLLLLLLLLL=

555555

=LLLLLLLLLLLLLLLLLLLLLLL

A5555555555

5555555555A

LLLLLLLLLLLLLLLLLLLLLLL

=5?????????5??

LLLLLLLLLLLLLLLLLLLLLLLL=x

x=LLLLLLLLLLLLLLLLLLLLLLLLL=

NNNNNNNNNNNNNNNNN

=LLLLLLLLLLLLLLLLLLLLLLLLL=J

NJ=LLLLLLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLLLLLL=

=LLLLLLLLLLLLLLLLLLLLLLL

------j--------j-

LLLLLLLLLLLLLLLLLLLL

jjjjjjjjjjjjj<jjjjj

LLLLLLLLLLLLLLLLLL

-<<<<<<<<<<<<<<<<<<<<<-

LLLLLLLLLLLLLLLL

-<]]<]]<]]<]]]]]]]]

LLLLLLLLLLLLLL

LLLLLLLLLLLL

LLLLLLLLLL

LLLLLLLL

W<aaaaaaaaaaaaaaaaaapaaaaaaaaaapa]W

LLLLLL

pppppppppppppppppppppppppppa<-

-]ap^p^^^^^p^^^^a]j

LLLLLLLLL

]^^^^^^^^^]

LLLLLLLLLLLLLLLLLLLL

==\"""""""""\==

LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL=

=LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL=

*=LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL=X

=LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL=X

aX=LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL=XrX=LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL=

=LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL

LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL=LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL

&!T--!3

////////////

/s999999s

,EBLxT

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%1NNNNNNNNNNNNNNNNNNNNNNNNNN

%%%%%%%%%%%%%%%

g11111gN

%%%%%%%%%%%%%

PPPPPPgN%%%%%%%%%%%%

1N%%%%%%%%%%%

PP1N%%%%%%%%%%

N%%%%%%%%%

N%%%%%%%%

N%%%%%%%

N%%%%%%%NMttt

PPPPPPP

N%%%%%%%N

ttPPPPPPPPPPt

N%%%%%%%N

BtttttttttttPt

N%%%%%%%

N%%%%%%%N

gMgM=t

N%%%%%%%N

xNNxNNxNNxNNxNNxNNxNNNMgggg=t

N%%%%%%%N

111111111

N%%%%%%%N

111111111

N%%%%%%%N

111111

N%%%%%%%N

00000000000000000000000

N%%%%%%%NB

N%%%%%%%N

LLLLLLLL

N%%%%%%%N

%%%%%%%N

N%%%%%%%N

AAXX****

N%%%%%%%N

LAAAAAAXX***

%%%%%%%N

AAAAAAX****

N%%%%%%%N

AAAAAAXX***

N%%%%%%%N

AAAAAAXX*

%%%%%%%N

N%%%%%%%N

LLLLLLLL

%%%%%%%N

LLLLLLLLL

N%%%%%%%N

LLLLLLLLL

N%%%%%%%N

LLLLLLLL

N%%%%%%%

%%%%%%%%

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT

TTTTTTTTT

jnnnnnnnnnnnnn

TTTTTTTT;

TTTTTTT

TTTTTT

nRTTTTT;nj

jnnnnnnjn

nRTTTTT

nnnnnnnnn;

nRTTTTT

;jnnnnnnnnnnnnn;

TTTTT;n

~nRTTTTT

JJJJJJJJJJJJJJ<

nRTTTTT

JVfff||||

5JV@@fff|f||

nRTTTTT

@@@@fff|f|f0J5

nRTTTTT

zzz@@@fff|@0J5

jRTTTTT

zz@z@@

nRTTTTT

j;TTTTT

n"15J0VV

5555555555555555

TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT

bbbbbbbbbb

bbb?b?????

{j/gyyy

{ji//ggyyy

{j9iii///gggU

iii///U

NJJJJJJJJJJN

|||||||

|||||||||=

(null)

HH:mm:ss

dddd, MMMM dd, yyyy

MM/dd/yy

December

November

October

September

August

February

January

Saturday

Friday

Thursday

Wednesday

Tuesday

Monday

Sunday

nKERNEL32.DLL

mscoree.dll

runtime error

TLOSS error

SING error

DOMAIN error

- Attempt to use MSIL code from this assembly during native code initialization

This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.

- not enough space for locale information

- Attempt to initialize the CRT more than once.

This indicates a bug in your application.

- CRT not initialized

- unable to initialize heap

- not enough space for lowio initialization

- not enough space for stdio initialization

- pure virtual function call

- not enough space for _onexit/atexit table

- unable to open console device

- unexpected heap error

- unexpected multithread lock error

- not enough space for thread data

- abort() has been called

- not enough space for environment

- not enough space for arguments

- floating point support not loaded

@Microsoft Visual C++ Runtime Library

Runtime Error!

Program:

((((( H

h(((( H

WUSER32.DLL

CONOUT$

dnixezikedisazamixe

cerujuwijijo

eciwugobopomisa lawanepulavoziyikutuxorebekep pawuwojucavig wisutimulolosiwukezacaje

poxakutamucegifajejudat focumehixucahabirivosaxicidu

cuvosifacumagukoveze

xejuloboduku raposulenobahosekivukif dajiguwamocetijemeyewenur jucidebisaf

leximowawogogupisa wakijahifuzuzavubacocevosirugom guxojocekamahevizuxevujukub corajus soxoxukuhobulemaginayuzavu

juriyu zugoyabuzakukajolipanakih xazujivizuhenuropo jicotazayowe xamedicotopahinojavicoroxaler

mekujisemimunifehacidexu kiyejuvejirurapug kokenevosutogutotivuxoyecu zoludupipe peyamuvo

baseyarebumikovilo sibifodidabajehife yomuhizojidu mitukahepu

behadodevugipotihunene yabutepezabafaritu tegado

karapobezulihovuwokekuxazahevic

VS_VERSION_INFO

StringFileInfo

029285B1

FileDescriptions

NiceIncorporated

LegalCopyrights

Challenger fazan inc.

LegalTrademarks2

objfngizdf

ProductName

Roadways

ProductVersion

84.2.3.5

VarFileInfo

Translation

7Kicusuka payecaboro piraxinohel desesuziru hurolahemijaMXuzetacu toyadufi dunipe supidumila javupucodepixi delakefudasu loforecibular;Wojo buyejapuleluve buhen nocewepiguxu mepezicajo takumopes

Delugaconetug nilanuzDGaxacop wupohasiyov tiyebag zuxi musu kehotor buhonu juyanu fol piwu8Midezuhu hucopuhezufoyu lugejimojazayu cena lit mevu ven0Cidupip salibupawag kaverenibaka fuduzavaf gekesCZuwibu gacuxuto jagorajotopiy zunojavuhucuc joxelac sonanusuyawehob&Kamezirovufayev todonu cimapoda casahihForaco nepijo dutexonodamitu pejececidatu vubo muxaxoyezim loyosekexocuxe mikegovudetaxow kibi buyumuyuw

aVeyo lohuzozarivovo nojala pihovolajirufib yidasohuneres zuwodoyitut yesesoxadote juvuzin gekiwip;Wipajuluriloxux zosifelesewuy gic subizibawegefo lumidudoza

CokDPakisefogeharuv mezofopigurun zeyoxosej xujacoxud juwa cohitibapazad

Gik wepabimerir\Puzu morahagamode golipaw dolonayupo mategosawofa gixohiwuyufek ruxefavigu hativix pasicohop(Tomeyimaborox yosuvezijeb bedi telokuwow

Antivirus	Signature
Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.67419343
ClamAV	Win.Packed.Zusy-10003906-0
CMC	Clean
CAT-QuickHeal	Clean
McAfee	Artemis!9A499FE6B96F
Malwarebytes	Trojan.MalPack.GS
Zillya	Clean
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 005a6b601 )
BitDefender	Trojan.GenericKD.67419343
K7GW	Trojan ( 005a6b601 )
Cybereason	malicious.f368da
BitDefenderTheta	Clean
VirIT	Clean
Cyren	W32/Kryptik.JZI.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of Win32/Kryptik.HTTG
APEX	Malicious
Paloalto	Clean
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.Win32.Zenpak.gen
Alibaba	Trojan:Win32/Zenpak.345ff236
NANO-Antivirus	Trojan.Win32.Zenpak.jwlzfo
ViRobot	Clean
Rising	Trojan.Yakes!8.430 (TFE:5:Cpp5jTVLyHO)
TACHYON	Clean
Sophos	Troj/Krypt-XU
Baidu	Clean
F-Secure	Trojan.TR/AD.LokiBot.whlid
DrWeb	Clean
VIPRE	Trojan.GenericKD.67419343
TrendMicro	TROJ_GEN.R053C0DF923
McAfee-GW-Edition	BehavesLike.Win32.Lockbit.dh
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.9a499fe6b96fa695
Emsisoft	Trojan.GenericKD.67419343 (B)
Ikarus	Trojan-Spy.Agent
GData	Trojan.GenericKD.67419343
Jiangmin	Clean
Webroot	Clean
Avira	TR/AD.LokiBot.whlid
Antiy-AVL	Trojan[Spy]/Win32.Windigo
Gridinsoft	Ransom.Win32.LokiBot.bot
Xcitium	Clean
Arcabit	Trojan.Generic.D404BCCF
SUPERAntiSpyware	Clean
ZoneAlarm	HEUR:Trojan.Win32.Zenpak.gen
Microsoft	Trojan:Win32/Smokeloader.GJN!MTB
Google	Detected
AhnLab-V3	Ransomware/Win.StopCrypt.R585441
Acronis	Clean
VBA32	Malware-Cryptor.2LA.gen
ALYac	Trojan.GenericKD.67419343
MAX	malware (ai score=89)
DeepInstinct	MALICIOUS
Cylance	unsafe
Panda	Trj/Chgt.AD
Zoner	Clean
TrendMicro-HouseCall	TROJ_GEN.R053C0DF923
Tencent	Trojan.Win32.Obfuscated.gen
Yandex	Trojan.Kryptik!d2se4WYrg3g
SentinelOne	Static AI - Suspicious PE
MaxSecure	Trojan.Malware.73832973.susgen
Fortinet	PossibleThreat.PALLAS.H
AVG	Win32:TrojanX-gen [Trj]
Avast	Win32:TrojanX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports