Static | ZeroBOX

PE Compile Time

2101-04-29 03:40:18

PE Imphash

f34d5f2d4577ed6d9ceec516c1f5a744

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00002000 0x00021144 0x00021200 6.17799927124
.rsrc 0x00024000 0x00009b4e 0x00009c00 3.24862063946
.reloc 0x0002e000 0x0000000c 0x00000200 0.101910425663

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00024130 0x000094a8 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x0002d5d8 0x00000014 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x0002d5ec 0x00000376 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_MANIFEST 0x0002d964 0x000001ea LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

Library mscoree.dll:
0x402000 _CorExeMain

!This program cannot be run in DOS mode.
`.rsrc
@.reloc
/E&hGG
N}YIzw
f'o1>K
-^Z~u!
r?JF6
?{C`D!
I}04M>}
A9b-ZW
2*3MZz
.881jp/\
Wa{Lig>p
b%F"$Fb
vOuOe_
L\n}A'
Y_cX*j
_bj2
_bY*
Z_bX
5zpY+
+ gN?b+
KDBM(
w{3k+
LPo+
oe+T+
n,?r(
Y_c
Y_c
+ *nV~+
+ ;q7m+
v4.0.30319
#Strings
#V$]$s$
&&'/'|'
)'*E*c*t*
+4+?+[+
+2,C,p,
.,.K.}.
'J(l*p*
*D+k+r+
-L-u.6/
__StaticArrayInitTypeSize=10
<>9__0_10
<Id1>b__0_10
get_Id10
set_Id10
__StaticArrayInitTypeSize=20
359A00EF6C789FD4C18644F56C5D3F97453FFF20
__StaticArrayInitTypeSize=30
__StaticArrayInitTypeSize=40
FB10FF1AD09FE8F5CA3A85B06BC96596AF83B350
77A9683FAF2EC9EC3DABC09D33C3BD04E8897D60
F413CEA9BAA458730567FE47F57CC3C94DDF63C0
<>9__0_0
<Id1>b__0_0
<.ctor>b__0_0
<DomainExists>b__0_0
<>c__DisplayClass0_0
<GetWindowsVersion>g__HKLM_GetString|11_0
<>9__1_0
<WriteLine>b__1_0
<GetDefaultIPv4Address>b__1_0
<>9__2_0
<Init>b__2_0
<>9__5_0
<Id3>b__5_0
<>9__8_0
<ListOfPrograms>b__8_0
<>9__9_0
<.ctor>b__9_0
<AvailableLanguages>b__9_0
<.ctor>b__0
<>o__0
<>p__0
718D1294A5C2D3F3D70E09F2F473155C4F567201
2FBDC611D3D91C142C969071EA8A7D3D10FF6301
<Id1>b__11
get_Id11
set_Id11
sf34asd21
<>9__0_1
<DomainExists>b__0_1
<>9__1_1
<GetDefaultIPv4Address>b__1_1
<scannedfiles>5__1
<Id1>b__1
<.ctor>b__1
<>p__1
Func`1
Nullable`1
IEnumerable`1
IOrderedEnumerable`1
CallSite`1
Task`1
ICollection`1
IEnumerator`1
IList`1
ChannelFactory`1
get_Id1
set_Id1
__StaticArrayInitTypeSize=102
__StaticArrayInitTypeSize=12
<>9__0_12
<Id1>b__0_12
get_Id12
set_Id12
__StaticArrayInitTypeSize=22
__StaticArrayInitTypeSize=32
ConvertFromUtf32
Microsoft.Win32
ToUInt32
ToInt32
A937C899247696B6565665BE3BD09607F49A2042
__StaticArrayInitTypeSize=42
__StaticArrayInitTypeSize=152
__StaticArrayInitTypeSize=62
__StaticArrayInitTypeSize=72
__StaticArrayInitTypeSize=282
EB7EF1973CDC295B7B08FE6D82B9ECDAD1106AF2
<>9__0_2
<Id1>b__0_2
<tokens>5__2
<DomainExists>b__2
<GetTokens>d__2
<>p__2
Func`2
KeyValuePair`2
get_Id2
set_Id2
LSIDsd2
aso0shq2
slkahs2
04EC68A0FC7D9B6A255684F330C28A4DCAB91F13
get_Id13
set_Id13
asdoiad0123
asd44123
sdf923
EB14352FBADB40E2FA237D444A6575B918573C43
4E3D7F188A5F5102BEC5B820632BBAEC26839E63
kadsoji83
sdfkas83
8C550EA96A693C687FFAB21F3B1A5F835E23E3B3
06F9FDEBE7AEF3F08523BDDDE7FCB7F4A217E7B3
79E9B68FB6E1987DED749BCD71143BD8EB323CE3
FCEAB39EEBEA9BEA6AC370A00D87E5EE20EC94F3
<Id1>b__3
<>s__3
Func`3
get_Id3
set_Id3
dvsjiohq3
asdk9y3
4EF472E2E74116C7FD95C74AB422CCF80DB1C404
__StaticArrayInitTypeSize=14
get_Id14
set_Id14
__StaticArrayInitTypeSize=24
sdfo8n234
gkdsi8y234
46884713B2F882E5304A1FF1B16370575A53E434
__StaticArrayInitTypeSize=34
sdfk8h34
asdlasd9h34
__StaticArrayInitTypeSize=144
__StaticArrayInitTypeSize=44
__StaticArrayInitTypeSize=154
93D9D319FF04F5E54F3A6431407A7B90388FDC54
FromBase64
ToInt64
99086C63443EF4224B60D2ED08447C082E7A0484
1076B53156E190E9BCBE281016712F2D3F02D3B4
<>9__0_4
<Id1>b__0_4
<file>5__4
get_Id4
set_Id4
fdfg9i3jn4
EB2DB456E0D779E528D1474FA55AC99055A5E815
get_Id15
set_Id15
askd435
A898408AA9A30B686240D921FE0E3E3A01EE91A5
<Id1>b__5
<>s__5
get_Id5
set_Id5
__StaticArrayInitTypeSize=16
get_Id16
set_Id16
410D551BF9DC1F0CF262E4DB1077795D56EEC026
E0CEB3E46E857A70CFB575A05B01A64806A8D426
__StaticArrayInitTypeSize=26
__StaticArrayInitTypeSize=36
__StaticArrayInitTypeSize=76
__StaticArrayInitTypeSize=6
<>9__0_6
<Id1>b__0_6
<match>5__6
get_Id6
set_Id6
18B532EF2959EF2ED8C549D712E3446FF49E4287
007A56C60CB686C542C5A63F4806094A4F9494B7
89C95FB6F8086AFCCD50B1B257669F2B17C047B7
D82572C56BDDD62E320B8BDAF0397A0DF9DD5BF7
<token>5__7
<Id1>b__7
get_Id7
set_Id7
__StaticArrayInitTypeSize=18
__StaticArrayInitTypeSize=28
__StaticArrayInitTypeSize=38
__StaticArrayInitTypeSize=48
1A79939AEFF161E557D02CB37CD9A811ABCAF458
__StaticArrayInitTypeSize=58
__StaticArrayInitTypeSize=78
1938FDF81D9EFE09E9786A7A7DDFFBD755961098
DF08DD4DFFDB6C9048202CAE65882EF91ECE6BA8
9B88C78E81ADB9E7247AB37D1F5F3861810916D8
46F273EF641E07D271D91E0DC24A4392582671F8
get_UTF8
<>9__0_8
<Id1>b__0_8
get_Id8
set_Id8
asdkadu8
BCEF86DAFC99BA02019A51909C079A7A31931909
20CB5B8963ECE3D796594F043D66C0E0BAD86669
2B9522D4F7398AB5DB789596FE5DB90589B031E9
<Id1>b__9
get_Id9
set_Id9
A3EFD00EA085079EE7F97407F8EFF07E3990696A
4C1117B01D5C4E103EE817F889EC547C63B47B7A
A9139732ED4CF84F8CE948DCB134114E4F24598A
BEDDFAEB0360B1694AB8CD2A69986414790A1D9A
4CDA4454A3C36A7EBDCF8FE8B804B379A31D33CA
SystemRuntimeInteropServicesWindowsRuntimePropertyChangedEventHandlerWinRTA
LoadLibraryA
EBD075615CBE4A710F9410FFECEAF6110A01922B
9D9AF3AE11A58D55EB8A6AEC8F03F7AD01E8994B
5BB3788A197C26B8310159EC9A81635814ABB05B
0410277C15CAD5E63A25F491DAEEF493B897678B
81E046FA1D93B661CC948A4DD1E01F20D6192E9B
7FD227EEE2F38A50CFD286D228B794575C0025FB
System.Drawing.Drawing2D
6353B688B99A3543932AA127DAA0E48FBC646BBD
B5B4FA236B87DBCD8055443F05776B10DDEFA5CD
MicrosoftWinNativeMethodsSTARTUPINFOD
SystemNetMailMSAdminBaseD
SystemDataSqlClientResultD
6F66485AF823BAE1F185740DA7F4F595701CD22E
571B1023DF3ABFB94C92465B365B1814FEBFAB3E
95098CDF929872F9B67E58070D088F8238F7CABE
SystemNetHttpWriteModeE
SystemDiagnosticsInitStateE
SystemCodeDomCodeAttributeDeclarationCollectionE
CE18B047107AA23D1AA9B2ED32D316148E02655F
8C49F78A06E711CF0E21134D0B091985336CC37F
3DB6DAD76E13B54DC03AF1C6092C40388E57FBBF
SystemComponentModelTypeDescriptorTypeDescriptionNodeDefaultExtendedTypeDescriptorG
get_ASCII
SystemNetSecurityTlsAlertMessageI
dnlibDotNetResolveExceptionJ
SystemDiagnosticsThreadWaitReasonJ
SystemNetWebSocketsWebSocketStateK
SystemWebAspNetHostingPermissionAttributeK
dnlibDotNetWriterManagedExportsWriterVtableFixupsChunkL
SystemDataNoNullAllowedExceptionL
BCRYPT_INIT_AUTH_MODE_INFO_VERSION
get_JSON
FromJSON
ToJSON
System.IO
MicrosoftWinNativeMethodsUSEROBJECTFLAGSO
SystemNetConfigurationUnicodeDecodingConformanceO
dnlibDotNetCpuArchO
SystemIOCompressionInflaterO
SystemConfigurationApplicationSettingsBaseP
SystemConfigurationNameValueSectionHandlerP
SystemComponentModelDesignStandardCommandsVSStandardCommandsP
SystemIOWatcherChangeTypesQ
dnlibDotNetModuleRefMDcDisplayClassQ
SystemNetSafeDeleteContextSECURITYR
dnlibDotNetAssemblyResolverFindAssembliesGacExactlydR
SystemNetNegotiateClientR
SystemNetTcpStyleUriParserU
dnlibDotNetPdbDssSymbolMethodImplV
SystemNetSyncMemoryStreamV
dnlibDotNetICustomAttributeTypeW
SystemNetCacheResponseCacheControlW
SystemNetUnsafeNclNativeMethodsWinHttpWINHTTPCURRENTUSERIEPROXYCONFIGY
value__
MicrosoftWinNativeMethodsNtModuleInfoa
cbData
DownloadData
ProtectedData
bEncryptedData
cbAuthData
pbAuthData
SystemNetCacheRequestCacheb
mscorlib
SystemNetCacheBaseWrapperStreamb
SystemComponentModelAsyncOperationb
DecryptBlob
dnlibDotNetWriterImportAddressTablec
System.Collections.Generic
get_Id
get_ManagedThreadId
<>l__initialThreadId
updateId
pszAlgId
taskId
get_SessionId
set_MaxBytesPerRead
get_CurrentThread
GetDecoded
Gradated
BytesToStringConverted
<Id10>k__BackingField
<Id11>k__BackingField
<Id1>k__BackingField
<Id12>k__BackingField
<Id2>k__BackingField
<Id13>k__BackingField
<Id3>k__BackingField
<Id14>k__BackingField
<Id4>k__BackingField
<Id15>k__BackingField
<Id5>k__BackingField
<Id16>k__BackingField
<Id6>k__BackingField
<Id7>k__BackingField
<Id8>k__BackingField
<Id9>k__BackingField
<irrpre>k__BackingField
<Main>k__BackingField
<PassedPaths>k__BackingField
<Result>k__BackingField
<os_crypt>k__BackingField
<First>k__BackingField
<encrypted_key>k__BackingField
ReadToEnd
CreateBind
dnlibDotNetPdbPdbSourceLinkCustomDebugInfod
method
sdf934asd
asdk9345asd
adkasd8u3hbasd
kkdhfakdasd
sdfk38jasd
asdk8jasd
sdfm83kjasd
asdaid9h24kasd
sdfk83hkasd
sdf9j3nasd
asdasod9234oasd
SystemNetWebRequestcDisplayClassd
a9duh3zd
NetworkInterface
Replace
IsNullOrWhiteSpace
distance
CreateInstance
cbNonce
pbNonce
source
set_Mode
FileMode
set_SmoothingMode
chainingMode
X509CertificateValidationMode
set_CertificateValidationMode
set_InterpolationMode
set_TransferMode
set_PixelOffsetMode
SecurityMode
SelectSingleNode
XmlNode
xmlNode
get_Unicode
get_BigEndianUnicode
FromImage
MessageBoxImage
set_Message
get_CurrentInputLanguage
AddRange
EndInvoke
BeginInvoke
ReadContextTable
IEnumerable
IDisposable
Visible
ToDouble
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
Rectangle
ReadFile
DownloadFile
profile
hModule
get_Name
procName
fieldName
tableName
set_FileName
fileName
ChromeGetRoamingName
get_EnglishName
ChromeGetLocalName
get_FullName
ItemName
get_UserDomainName
get_UserName
ChromeGetName
GetProcessesByName
get_DisplayName
filename
DateTime
get_CreationTime
AppendLine
WriteLine
get_NewLine
Combine
LocalMachine
DataProtectionScope
dataProtectionScope
OperationContextScope
pszBlobType
ChangeType
ValueType
MessageCredentialType
set_ClientCredentialType
SecurityProtocolType
GetType
GetElementType
get_PropertyType
blvnzcwqe
FileShare
Compare
System.Core
get_irrpre
get_CurrentUICulture
get_Culture
get_InvariantCulture
get_CurrentCulture
GetImageBase
WebResponse
GetResponse
System.IDisposable.Dispose
Reverse
X509Certificate
get_ServiceCertificate
certificate
Create
MulticastDelegate
DebuggerBrowsableState
posState
<>1__state
Delete
CallSite
DynamicAttribute
CompilerGeneratedAttribute
UnverifiableCodeAttribute
DebuggableAttribute
DebuggerBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
ExtensionAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DataMemberAttribute
EnumMemberAttribute
CompilationRelaxationsAttribute
DataContractAttribute
ServiceContractAttribute
OperationContractAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ConfusedByAttribute
ParamArrayAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ReadByte
matchByte
ToByte
prevByte
get_Value
GatherValue
get_HasValue
GetValue
SetValue
ReadContextValue
add_AssemblyResolve
Remove
Gradated.exe
get_Size
cbSize
_pageSize
set_MaxReceivedMessageSize
ChangeSize
_sqlDataTypeSize
MaxAuthTagSize
set_MaxBufferPoolSize
inSize
outSize
newSize
windowSize
GetVirtualDisplaySize
dictionarySize
Serialize
Deserialize
Resize
SizeOf
get_ItemOf
IndexOf
sdfi35sdf
SystemSecurityCryptographyXCertificatesXChainElementCollectionf
SystemNetSecuritySslStreamcDisplayClassf
authTag
get_Png
System.Threading
NetTcpBinding
_dbEncoding
GetEncoding
get_CurrentEncoding
System.Drawing.Imaging
System.Runtime.Versioning
ToString
GetString
GetHexString
Substring
System.Drawing
ConvertToULong
scannerArg
SystemSecurityAuthenticationExtendedProtectionExtendedProtectionPolicyTypeConverterg
SystemSecurityCryptographyCAPIBaseCMSGRCAUXINFOh
Search
SystemNetUnsafeNclNativeMethodsOSSOCKWSAMsgh
GetMd5Hash
ComputeHash
dbPath
profilePath
GetFolderPath
rootPath
get_Width
get_VirtualScreenWidth
get_Length
dwMinLength
set_MaxJsonLength
set_MaxStringContentLength
get_RowLength
dwMaxLength
set_MaxArrayLength
StartsWith
set_MaxDepth
dnlibDotNetAssemblyResolverFindAssembliesGacExactlydi
SystemCodeDomCompilerGeneratedCodeAttributei
dnlibDotNetSigComparerOptionsi
SystemNetDnsPermissionAttributej
SystemConfigurationTypeUtilj
SystemCollectionsSpecializedStringEnumeratorj
AsyncCallback
RemoteCertificateValidationCallback
get_ServerCertificateValidationCallback
set_ServerCertificateValidationCallback
callback
IsLoopback
PreCheck
PresentationFramework
updateTask
AllocHGlobal
FreeHGlobal
get_Local
Marshal
X509CertificateRecipientClientCredential
cbLabel
pbLabel
System.ServiceModel
CreateChannel
IContextChannel
maxLevel
kernel32.dll
System.Xml
get_SecurityProtocol
set_SecurityProtocol
FileStream
GetResponseStream
inStream
outStream
MemoryStream
stream
get_Item
get_Is64BitOperatingSystem
SystemNetMailSmtpPermissionAttributem
phAlgorithm
HashAlgorithm
Random
RootNum
rowNum
op_LessThan
IsLittleEndian
TimeSpan
CopyFromScreen
get_PrimaryScreen
get_Main
set_Main
X509Chain
AppDomain
get_CurrentDomain
get_FileVersion
dwInfoVersion
GetWindowsVersion
get_Authentication
X509ServiceCertificateAuthentication
get_Location
System.Net.NetworkInformation
UnicastIPAddressInformation
GatewayIPAddressInformation
pszImplementation
System.Globalization
System.Runtime.Serialization
System.Web.Script.Serialization
IsValidAction
action
System.Reflection
InputLanguageCollection
MatchCollection
UnicastIPAddressInformationCollection
GatewayIPAddressInformationCollection
PathsCollection
ManagementObjectCollection
RequestConnection
connection
SearchOption
searchOption
CryptographicException
NotSupportedException
InvalidOperationException
System.ServiceModel.Description
StringComparison
MessageBoxButton
Intern
CompareTo
FileInfo
fileInfo
TimeZoneInfo
CultureInfo
pPaddingInfo
FileSystemInfo
RegionInfo
FileVersionInfo
GetVersionInfo
CSharpArgumentInfo
ProcessStartInfo
DirectoryInfo
PropertyInfo
IsLocalIp
Bitmap
MessageSecurityOverTcp
SystemDataCommonDbExceptionp
Microsoft.CSharp
SystemSecurityCryptographyCAPIBaseCERTCHAINPOLICYPARAq
asdak83jq
System.Linq
SystemNetNetworkInformationPrefixOriginq
SystemNetSocketsLingerOptionq
InvokeMember
GetSerialNumber
MessageHeader
CreateHeader
AddressHeader
XmlReader
StreamReader
XmlTextReader
MD5CryptoServiceProvider
OpenAlgorithmProvider
IFormatProvider
provider
StringBuilder
dataFolder
SpecialFolder
sender
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
rangeDecoder
Buffer
ServicePointManager
ManagementObjectSearcher
Invoker
ResolveEventHandler
ToUpper
CurrentUser
GetDelegateForFunctionPointer
adapter
BitConverter
ToLower
JavaScriptSerializer
IEnumerator
ManagementObjectEnumerator
System.Collections.Generic.IEnumerable<Entity5>.GetEnumerator
System.Collections.IEnumerable.GetEnumerator
Activator
.cctor
connector
IntPtr
base64str
MicrosoftWinNativeMethodsLUIDs
sdkf9h234as
set_ReaderQuotas
XmlDictionaryReaderQuotas
Graphics
System.Diagnostics
Fields
get_Bounds
GetGraphicCards
GetAllNetworkInterfaces
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
get_ChildNodes
AvailableLanguages
get_InstalledInputLanguages
languages
Matches
EnumerateDirectories
GetDirectories
_masterTableEntries
_tableEntries
GetIPProperties
IPInterfaceProperties
GetProperties
properties
ExpandEnvironmentVariables
remoteFiles
GetFiles
profiles
GetSubKeyNames
hardwares
softwares
expires
ListOfProcesses
processes
get_UnicastAddresses
get_GatewayAddresses
System.Security.Cryptography.X509Certificates
ReleaseUpdates
numPosStates
StripQuotes
FromMinutes
_fileBytes
WriteAllBytes
ConvertToBytes
GetBytes
GetLogicalDrives
CSharpArgumentInfoFlags
CSharpBinderFlags
dwFlags
configs
settings
ResolveEventArgs
get_PassedPaths
set_PassedPaths
FindPaths
browserPaths
AddMonths
get_Ticks
System.Threading.Tasks
remoteTasks
Locals
get_Credentials
ClientCredentials
Equals
Models
System.ServiceModel.Channels
NumBitLevels
numBitLevels
ListOfPrograms
System.Windows.Forms
GetTokens
domains
Contains
System.Web.Extensions
System.Text.RegularExpressions
System.Collections
StringSplitOptions
searchPatterns
patterns
get_Chars
get_OutgoingMessageHeaders
SystemComponentModelIIntellisenseBuilders
defenders
scanners
RuntimeHelpers
installedBrowsers
GetBrowsers
browsers
SystemParameters
loginPairs
SslPolicyErrors
sslPolicyErrors
GetProcessors
FileAccess
success
GetCurrentProcess
GetDefaultIPv4Address
IPAddress
get_Address
GetProcAddress
EndpointAddress
address
System.Net.Sockets
numTotalBits
numPosBits
numPrevBits
Supports
get_Exists
DomainExists
get_OperationalStatus
System.Windows
AddDays
arrays
Concat
AppendFormat
ImageFormat
SystemIOPortsSerialDatat
Extract
ManagementBaseObject
hObject
ManagementObject
cbKeyObject
pbKeyObject
object
Select
Unprotect
System.Net
SystemNetSocketsSocketStateTaskCompletionSourcet
Target
System.Collections.IEnumerator.Reset
GetOffset
offset
get_Height
get_VirtualScreenHeight
set_RecursionLimit
WaitForExit
cbSalt
GetValueOrDefault
get_Result
pcbResult
IAsyncResult
MessageBoxResult
__result
WebClient
System.Management
XmlElement
get_DocumentElement
dwIncrement
SqlStatement
Environment
XmlDocument
NetworkInterfaceComponent
System.Collections.Generic.IEnumerator<Entity5>.Current
System.Collections.IEnumerator.Current
System.Collections.Generic.IEnumerator<Entity5>.get_Current
System.Collections.IEnumerator.get_Current
<>2__current
Content
get_Count
set_MaxNameTableCharCount
get_os_crypt
set_os_crypt
Decrypt
TrimStart
SystemNetWebSocketsWebSocketBaseKeepAliveTrackert
SystemGenericUriParsert
Convert
WebRequest
XmlNodeList
ToList
get_First
set_First
set_Timeout
set_SendTimeout
set_CloseTimeout
set_ReceiveTimeout
set_OpenTimeout
timeout
cbInput
pbInput
cbOutput
pbOutput
MoveNext
System.Text
cipherText
get_InnerText
chiperText
ReadFileAsText
cbMacContext
pbMacContext
ReadMasterOfContext
OperationContext
SystemNetEmptyWebProxyt
SystemNetSocketsSocketcu
dnlibDotNetWriterManagedExportsWriterStubsChunku
dnlibDotNetMarshalTypev
dnlibDotNetSigComparerv
StartNew
dnlibDotNetPdbPdbAliasAssemblyNamespacew
get_Now
set_CreateNoWindow
kasdihbfpfduqw
endIdx
startIdx
startIndex
rowIndex
MessageBox
SystemCodeDomCompilerGeneratorSupportx
OrderBy
display
oldArray
InitializeArray
ToArray
FromBase64CharArray
ToCharArray
SystemNetWebSocketsWebSocketBaseSendFrameAsyncdy
get_Key
OpenSubKey
chromeKey
stringKey
bMasterKey
hImportKey
RegistryKey
get_encrypted_key
set_encrypted_key
System.Security.Cryptography
GetCallingAssembly
GetExecutingAssembly
get_AddressFamily
SelectMany
BlockCopy
entropy
LoadLibrary
dnlibDotNetWriterDeclSecurityWritery
CollectMemory
get_Factory
TaskFactory
ChannelFactory
get_Directory
baseDirectory
CreateDirectory
set_WorkingDirectory
get_SystemDirectory
profilesDirectory
RegionsCountry
Registry
op_Equality
op_Inequality
System.ServiceModel.Security
System.Security
System.Net.Security
set_Security
NetTcpSecurity
CreateDnsIdentity
EndpointIdentity
IsNullOrEmpty
GetProperty
pszProperty
dnlibDotNetPdbDssISymUnmanagedMethodz
Confuser.Core 1.6.0+447341964f
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
Nirtro CPU
Helps boost CPU
Nitro NO2
'NireoNO1 Corporation Copyright
2021
15.9.1.22
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
Entity8T
Namespace
Entity
Entity9T
Namespace
Entity
Entity10T
Namespace
Entity
Entity11T
Namespace
Entity'
Entity12T
Namespace
Entity'
Entity13T
Namespace
Entity'
Entity14T
Namespace
Entity'
Entity15T
Namespace
Entity
Entity16T
Namespace
Entity'
Entity17T
Namespace
Entity&
Entity2T
Namespace
Entity
Entity1T
Namespace
Entity
Entity3T
Namespace
Entity&
Entity4T
Namespace
Entity
EntityTUwSystem.ServiceModel.SessionMode, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SessionMode
Entity5T
Namespace
Entity&
Entity6T
Namespace
Entity&
Entity7T
Namespace
Entity
LocalState
os_crypt
OsCrypt
encrypted_key
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
autofillProfilesTotal of RAMVPEntity12N
AppData\Local\
[^\u0020-\u007F]UNKNOWN
Local State
ProcessId
%appdata%\
logins
{0}\FileZilla\recentservers.xml
MB or
\Windows\
user.config
{0}\FileZilla\sitemanager.xml
cookies.sqlite
\Program Files (x86)\
displayName
NameSELECT * FROM
\Program Data\
AFileSystemntivFileSystemirusPrFileSystemoduFileSystemct|AntiFileSystemSpyWFileSystemareProFileSystemduct|FireFileSystemwallProdFileSystemuct
DisplayVersion
%localappdata%\
LocalPrefs.json
%DSK_23%cookies
//settinString.Removeg[@name=\PasswString.Removeord\]/valuString.RemoveeROOT\SecurityCenter
ROOT\SecurityCenter2Web DataExtension Cookies
CommandLine
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
Cookies
TotalVisibleMemorySize
Login Data
ID: v11
NumberOfCores
\Program Files\
name, Name: AppData\Roaming\ //settString.Replaceing[@name=\UString.Replacesername\]/vaString.Replaceluemoz_cookies
User Data
windows-1251, CommandLine:
DisplayName
NordVpn.exe*NoGetDirectoriesrd
Y Z$[%\(]5^E_HaKbPcTdced
! $#&%/.2176>=CBDBHGKJjikiliminioipiqirisitiuiviwixiyizi{i|i}i~i
net.tcp://
localhost
9a07a6b5301e4f405ad3260f6f754d4f
Authorization
Hz0nVD84IAEsGmYeOgs6YiciDkMcLRFUPSVUSw==
AyxDJyVjIzAzNiojIgolBTogIBQDWw4XFwU4ESo1ACE5CDETOx0nJgEsIDInYjMyMCUYLCQ3OQYiJ1xO
BgJPNDoUDSY0GCYjIgoQNTsdJyYBLCAy
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
Helps boost CPU
CompanyName
FileDescription
Nirtro CPU
FileVersion
15.9.1.22
InternalName
Gradated.exe
LegalCopyright
NireoNO1 Corporation Copyright
2021
LegalTrademarks
OriginalFilename
Gradated.exe
ProductName
Nitro NO2
ProductVersion
15.9.1.22
Assembly Version
1.9.2.1440
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Stealer.12!c
tehtris Generic.Malware
DrWeb Trojan.PWS.RedLineNET.7
MicroWorld-eScan Generic.Dacic.F96EFD6C.A.77D7E067
ClamAV Win.Packed.Lazy-9958163-0
FireEye Generic.mg.673a1f3904a40a0f
CAT-QuickHeal Clean
ALYac Generic.Dacic.F96EFD6C.A.77D7E067
Malwarebytes Generic.Spyware.Stealer.DDS
VIPRE Generic.Dacic.F96EFD6C.A.77D7E067
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Spyware ( 0059955a1 )
BitDefender Generic.Dacic.F96EFD6C.A.77D7E067
K7GW Spyware ( 0059955a1 )
CrowdStrike win/malicious_confidence_90% (W)
BitDefenderTheta Gen:NN.ZemsilF.36250.km0@a8Fjpbe
VirIT Clean
Cyren W32/MSIL_Troj.CNJ.gen!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/Spy.RedLine.A
APEX Malicious
Paloalto Clean
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan-Spy.MSIL.Stealer.gen
Alibaba TrojanSpy:MSIL/Stealer.457cc559
NANO-Antivirus Clean
ViRobot Clean
Rising Stealer.Agent!1.E5F0 (CLASSIC)
TACHYON Clean
Sophos Mal/Reline-F
F-Secure Heuristic.HEUR/AGEN.1310591
Baidu Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition BehavesLike.Win32.Generic.cm
Trapmine suspicious.low.ml.score
CMC Clean
Emsisoft Generic.Dacic.F96EFD6C.A.77D7E067 (B)
SentinelOne Static AI - Malicious PE
GData MSIL.Trojan-Stealer.Redline.G
Jiangmin Clean
Webroot Clean
Avira HEUR/AGEN.1310591
Antiy-AVL Clean
Gridinsoft Ransom.Win32.STOP.dd!n
Xcitium Clean
Arcabit Generic.Dacic.F96EFD6C.A.77D7E067
SUPERAntiSpyware Clean
ZoneAlarm HEUR:Trojan-Spy.MSIL.Stealer.gen
Microsoft Trojan:MSIL/RedLine.RDCA!MTB
Google Detected
AhnLab-V3 Trojan/Win.REDLINESTEALER.C5437064
Acronis suspicious
McAfee GenericRXVW-SF!673A1F3904A4
MAX malware (ai score=88)
DeepInstinct MALICIOUS
VBA32 Clean
Cylance unsafe
Panda Trj/GdSda.A
Zoner Clean
TrendMicro-HouseCall Clean
Tencent Trojan.MSIL.RedLine.kd
Yandex Clean
Ikarus Trojan-Spy.RedLineStealer
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/RedLine.A!tr
AVG Win32:PWSX-gen [Trj]
Cybereason Clean
Avast Win32:PWSX-gen [Trj]
No IRMA results available.