Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x00053c9a	0x00053e00	7.78397082378
.data	0x00055000	0x01fee3a4	0x00001c00	2.47588458223
.rsrc	0x02044000	0x0000f5f0	0x0000f600	4.3525490951
.reloc	0x02054000	0x0000ac80	0x0000ae00	1.1539435858

Name	Offset	Size	Language	Sub-language	File type
RT_CURSOR	0x020526d8	0x00000568	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_CURSOR	0x020526d8	0x00000568	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_CURSOR	0x020526d8	0x00000568	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_CURSOR	0x020526d8	0x00000568	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_CURSOR	0x020526d8	0x00000568	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_CURSOR	0x020526d8	0x00000568	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_CURSOR	0x020526d8	0x00000568	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_CURSOR	0x020526d8	0x00000568	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_CURSOR	0x020526d8	0x00000568	LANG_NEUTRAL	SUBLANG_NEUTRAL	GLS_BINARY_LSB_FIRST
RT_ICON	0x0204d0d8	0x00000468	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	GLS_BINARY_LSB_FIRST
RT_ICON	0x0204d0d8	0x00000468	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	GLS_BINARY_LSB_FIRST
RT_ICON	0x0204d0d8	0x00000468	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	GLS_BINARY_LSB_FIRST
RT_ICON	0x0204d0d8	0x00000468	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	GLS_BINARY_LSB_FIRST
RT_ICON	0x0204d0d8	0x00000468	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	GLS_BINARY_LSB_FIRST
RT_ICON	0x0204d0d8	0x00000468	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	GLS_BINARY_LSB_FIRST
RT_ICON	0x0204d0d8	0x00000468	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	GLS_BINARY_LSB_FIRST
RT_ICON	0x0204d0d8	0x00000468	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	GLS_BINARY_LSB_FIRST
RT_ICON	0x0204d0d8	0x00000468	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	GLS_BINARY_LSB_FIRST
RT_ICON	0x0204d0d8	0x00000468	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	GLS_BINARY_LSB_FIRST
RT_STRING	0x02053330	0x000002be	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_STRING	0x02053330	0x000002be	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_CURSOR	0x02052c40	0x00000030	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_CURSOR	0x02052c40	0x00000030	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_CURSOR	0x02052c40	0x00000030	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_GROUP_ICON	0x020476d8	0x00000030	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	data
RT_GROUP_ICON	0x020476d8	0x00000030	LANG_PORTUGUESE	SUBLANG_PORTUGUESE_BRAZILIAN	data
RT_VERSION	0x02052c70	0x00000240	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
None	0x0204d5a8	0x0000000a	LANG_NEUTRAL	SUBLANG_NEUTRAL	data

!This program cannot be run in DOS mode.

Richgw

`.data

@.reloc

bad allocation

string too long

invalid string position

Unknown exception

LC_TIME

LC_NUMERIC

LC_MONETARY

LC_CTYPE

LC_COLLATE

LC_ALL

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

bad exception

!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~

EncodePointer

DecodePointer

FlsFree

FlsSetValue

FlsGetValue

FlsAlloc

CorExitProcess

(null)

`h````

xpxxxx

UTF-16LE

UNICODE

runtime error

TLOSS error

SING error

DOMAIN error

An application has made an attempt to load the C runtime library incorrectly.

Please contact the application's support team for more information.

- Attempt to use MSIL code from this assembly during native code initialization

This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.

- not enough space for locale information

- Attempt to initialize the CRT more than once.

This indicates a bug in your application.

- CRT not initialized

- unable to initialize heap

- not enough space for lowio initialization

- not enough space for stdio initialization

- pure virtual function call

- not enough space for _onexit/atexit table

- unable to open console device

- unexpected heap error

- unexpected multithread lock error

- not enough space for thread data

This application has requested the Runtime to terminate it in an unusual way.

Please contact the application's support team for more information.

- not enough space for environment

- not enough space for arguments

- floating point support not loaded

Microsoft Visual C++ Runtime Library

Runtime Error!

Program:

HH:mm:ss

dddd, MMMM dd, yyyy

MM/dd/yy

December

November

October

September

August

February

January

Saturday

Friday

Thursday

Wednesday

Tuesday

Monday

Sunday

united-states

united-kingdom

trinidad & tobago

south-korea

south-africa

south korea

south africa

slovak

puerto-rico

pr-china

pr china

new-zealand

hong-kong

holland

great britain

england

britain

america

swedish-finland

spanish-venezuela

spanish-uruguay

spanish-puerto rico

spanish-peru

spanish-paraguay

spanish-panama

spanish-nicaragua

spanish-modern

spanish-mexican

spanish-honduras

spanish-guatemala

spanish-el salvador

spanish-ecuador

spanish-dominican republic

spanish-costa rica

spanish-colombia

spanish-chile

spanish-bolivia

spanish-argentina

portuguese-brazilian

norwegian-nynorsk

norwegian-bokmal

norwegian

italian-swiss

irish-english

german-swiss

german-luxembourg

german-lichtenstein

german-austrian

french-swiss

french-luxembourg

french-canadian

french-belgian

english-usa

english-us

english-uk

english-trinidad y tobago

english-south africa

english-nz

english-jamaica

english-ire

english-caribbean

english-can

english-belize

english-aus

english-american

dutch-belgian

chinese-traditional

chinese-singapore

chinese-simplified

chinese-hongkong

chinese

canadian

belgian

australian

american-english

american english

american

Norwegian-Nynorsk

`h`hhh

xppwpp

Complete Object Locator'

Class Hierarchy Descriptor'

Base Class Array'

Base Class Descriptor at (

Type Descriptor'

`local static thread guard'

`managed vector copy constructor iterator'

`vector vbase copy constructor iterator'

`vector copy constructor iterator'

`dynamic atexit destructor for '

`dynamic initializer for '

`eh vector vbase copy constructor iterator'

`eh vector copy constructor iterator'

`managed vector destructor iterator'

`managed vector constructor iterator'

`placement delete[] closure'

`placement delete closure'

`omni callsig'

delete[]

new[]

`local vftable constructor closure'

`local vftable'

`udt returning'

`copy constructor closure'

`eh vector vbase constructor iterator'

`eh vector destructor iterator'

`eh vector constructor iterator'

`virtual displacement map'

`vector vbase constructor iterator'

`vector destructor iterator'

`vector constructor iterator'

`scalar deleting destructor'

`default constructor closure'

`vector deleting destructor'

`vbase destructor'

`string'

`local static guard'

`typeof'

`vcall'

`vbtable'

`vftable'

operator

delete

__unaligned

__restrict

__ptr64

__clrcall

__fastcall

__thiscall

__stdcall

__pascal

__cdecl

__based(

GetProcessWindowStation

GetUserObjectInformationA

GetLastActivePopup

GetActiveWindow

MessageBoxA

USER32.DLL

SunMonTueWedThuFriSat

JanFebMarAprMayJunJulAugSepOctNovDec

CONOUT$

bad allocation

xuputuxefiwuyororasijijiwawoh mawiturupayacusijideso

wawadu

moyatoxesi

zevulijalubalizesejefejezap wuhurowaxe

sajovacuvuxuzibu wijasalayuju dajunipo rov mecozawecipijesofisaxohise

%s %f %c

kernel32.dll

vubewaraxakiramixaporaboz futawojatutiy

dituvehusoyejozaxuyepazota manizipihadojohuropiseduz fejidowesoromituyosuwesun xirey

dogubodoxuzobisajawu liciniribiyizazop rewonikihugi

hinevahofasutegiyitebenugufavusu nikakiyumiriheto wejetoloxamubetateponevuzine mudewibowugowoviwuwavitagec

msimg32.dll

gegexihapexemituwu zibijasejololalejuh hororixigijacibevunelajey vipezacekafivapolayuh coxuwapidijigako

gavupirikayufogofucovayoxejidi torawexurujep ceturowabopinumiyabejo cugosuzuvadeleji

wahekidotujahiberopemunejez zohuvupajomonoxuvewegesuhohis tanofivudobefilonojolukonevivapa buc puwagehavejagakoxoha

ios_base::badbit set

ios_base::failbit set

ios_base::eofbit set

bad cast

C:\xinomowud\cucix\bicevod\s.pdb

^\9nTr

^@9n8r

D$ VSUP

D$T =@

D$,1D$

L$,QRRf

F09^(u

0WWWWW

jXh(6E

QQSVWd

to=0YE

j,hH7E

HtHu4j

s[S;7|G;w

tR99u2

t"SS9]

0SSSSS

uL9=|wE

r=(VE

Y;=`XE

HHtXHHt

>If90t

<at9<rt,<wt

URPQQhl

u&hH#@

>=Yt1j

QQSVWh

j@j ^V

j h89E

v$;5TYE

C PjPV

C$PjQV

C*PjTV

C+PjUV

C,PjVV

C-PjWV

C.PjRV

C/PjSV

0A@@Ju

Fh=xYE

0SSSSS

PPPPPPPP

0SSSSS

Vj@h8*@

PPPPPPPP

t+WWVPV

^SSSSS

j"^SSSSS

tGHt.Ht&

^SSSSS

8VVVVV

;t$,v-

UQPXY]Y[

0WWWWW

AAFFf;

^SSSSS

u,VVWV

t VV9u

^.'K-(,d

$+1H"^

6s=a6A"G

o2c%av

UmwPf'

5[},6B

mxOXX1

bF,&Fx]

CkXz-.

Gs+N2;

%;rXhq^-}

u?"A{&

^l}nCwa

fNe6|

}N?}Oy

@G)x&Qj

ANm%N>-

;A&:&u

>3P_p~

D5gT~O=

G}eJg{

osETS,`

xW.oN~

%LZrjx

N3K6Eb

= #q!*=

3V;)@3

y;e*5K

QIc}_>

qPjY_&K

TjD[]-E

%Mz4@(

rjA:m+&

Ta@8Qt

hRSiX1\

wGTo!y

-_De/T

^eEqid

wmhn~I

yn!BF.

5 amG?^

Yi!)_

I^E".4WB,

Oo0CJq

R$NLgX

!CYwDT

&X~vb[

Nk6mO ?

EwU\88HDV

! -NUw

fF!%ZHDuU

O[*,~=

q7m@+]

9pL`TdFC

5t$k$t

m}x$M,

KxTCS0

+K =|>X

F]#qGj

eGU{w{Q

i<&!1v

uX(2ba

^n2K|.

~N+%94

eBs8$/ Vu

j;]m}=

zMeD80

knu`)0

t7( ]?

W93HoR

"DvYzV

VyXs~P

6fGH:2

pWQi

[<uT1(t

@Z*ty@t.A

+Ju/_

$DyIC6

GeaS!C

UE8'ru

[lwZ. ^R

,|TBH

sFIm!v

pPjYW*

Kx.~Zf

6657j}

+"X|O(l3^$E

Es(jks

e`Y#4-

.>)[Mp

nJExOjl

@f]$6j

lHnKPTeA

T7D#.:zy

c\<3D~

s,i2q4

vH8>3d

coC)gQ

Hx69~#

W\e_@<

'E8DQ`

TM"nKV

QqS2p'o

D5BkT=

3}0Be,

Z[,d]m

<nV)tE

R@$&W.

!@qG t

.Ukmv}

E3f]^$

U^}5,w?

{XPH# ?

D9E~Ak

FNl]KJC

zobYe1

4?>m(.

VlN119

)`TR7}'

a)rzzp

!*wq*g*YH

K5RK\jB

VPiCU:

:#/v@A_(

`(4YS:

GB8cf,

/M6*$g

ECQ0eV

&ghA,8YO

p,}LeZ

ylC6qs

F>,-"DU

=2"+:p

zoR-1r

JF9,:JP

=f1hd6

)T.Gp:79L

LOW}hC

LM=n3~

y~+D;#hEv

<">\`Y

E[&uS|A

k">~*t

/=txUZ

OcvyKN

?0)"z>z

Or:apH-

EL1-Qr

8TAArG7

>3$VI

"Ie'!rV

8(5kKd

O.(_'

06w>,U

"QVw+I

P|KaQ!

SkuWHZ|`1UE}@

4X$y.W

%prH-`

ps_` ^

`3kRlD

nsza9~

6V<a@A

7UNe[C

9Sc=1G

m#rX%

i"CY/9V

SO||g|

pz}0d<

0"Zr*x

5wzry{X

.KGRn"

;K0~oO

UnhIsPq/%

KAR27RP

{mo59%

UEt8<_

|N,_bu

LANN!*{

m&67n-S

{ae.2l

,H~;BfX

t-*6[SvE

XViqo;

^#h*&e

}:ERU

BKq9y6

$j'()[&(

C(#3*y

_&jPJW

n~Pa-xq0X

D!#LPS

}tX7iY

`:QPKq

c8fw1$

Py!zH2

m*2=i`sr=

0%zjpm

<0%,9\

F79pT0l

gz1`;"

=//YY]

~ts5+{F!

8s06

.{/<<>

W\P|d/

i~z{17CT6D

fx4Ruem

YY+55^M

nb-]um

ND&HrJ

[o;`R~

>G^W1|"

"4M5cO4

ODLlY9

ii{>RI

*=C]tY

(sH7ib

F@ *#q

R3aeJtN

3H,V[{r

w%t{JN

~0KlCW

BGTS-=ws9

5tW~kN

ek-,jv

xxG dZ

c`@Cd}

iB*MUL

i9[_<6

biQj""

`bpqzM

7bGX}

?x)$35

b;ZmWq<2

9+<s=N0

iW!(ZCT

=u,y\k

z+xzoW

f77Wntuj[

5xsb1G

X37#Wo

U893[=M

m5dQ,sh

.#sw o

3kRh=`1

*k!Nds

));6r-

U9a=Z^)

ZF`J|Zm

,(!Mh5ol6L?l

p.ou[\

|Z-Oxp

'NdzIE:

Rl2kq/3Mw

j2~*1-Ag

[~/|W#]

$fy3XX

_O8=VI|

%l _dw

mBDqC-o2

ZYy\TBt

^(Sp"

"(\sG"z

D0?SFW

|+Y#sm

5=aQ%^0

a6E9)8

?z]KF(

F~n@ab

sZ0NG$

N>q2>b

F$dJRP

B0tWtI

r\1Q/O

!33nt*@

}qa7gu

0 y9K*

9qE0C/

Tq +a

Ak&+[G

Ta.iVu"

-Y4Q:7H

Y&"kF

Bc2"%zX

kqE+.o

9t=IcD:

u+$+SK

DA;D7n

@c!+@X

MXg&{[L

;E^t

cRg+3a

5:~h&bBJt

e~(=Dd

@\=<Oi

*;kEtg

M"oevP

MoA;Xt

JJ{Cv7

v]A^9

VD6a{Z

9k#yZU

|T38A'

uJH7 c

,A-@?]

vvm+X/

JQ\9$

~_7UY6~

$(QDkK

+uF:maT

XUYZT1x

uNQ=*{

W)&zgL

~IGnL\

r9#|kZ

)Ni2TN,

G3VZoc

8#6T,'

hrkdBS

dxX6^p

sV.;$]

Lh)aDr[

AvcM?p

Puw3YY

=ofF9J|

])g3g!

h(52+q

U4Aa^6

rA^3&FB

,__fda$

}obV:^&R^

j}nh.O

exinRr

\z%<aY0

)i}3t6

+l>nb.

s[qwDO

r@<fn4

S++EG[

=uc:Hw

Q"CHQH.

Z'r`.]

$p%~O9Q

yRc{)u

8-6{md

b|8fI;PV

MBG5^OJ

TJ)>31

IV.'.E

wk-Oyh

tJ!rxO;

FDIDC>

<i~n3S

? V`GV

Vs%z0T

W(-ri;

@{&uI{

g;kxng

&y}#f

2j7a`H

@[`hF

9N2NT,%zpL}

Px(E\3

|1BM:e

N]U7PjItNt

m\+\+df

O6+_Qy

`=;}H%}

yPKF?

=9Tuv=e

KVLT|(5:&

6N%\z6W

rUnF[E

`v7ZB2

a4(=n=

tT{{s7{

'j(luJ

L~0[<t

{H>G\B

b)!M7

tP}}\z

r4r?Dz

h0{l_z

9#N=Zf3

AlhA;~-`

nZXEr^k?

0SP}f.

bdp.q-"

5*vrjM

`dqw)f

0`7J~4

dCYVcya

DQXYPL

t9h)H8i

P[)CXh

.z%T/j

wiNIFyg

MUKVz?

f!bx3{

8Ve"j28

\4|u9KW

u<kfdo

j1ql3.

'4*"6Q

Kl8-:p

|._`vT

t[p@}X

i>:\ujR

ZII4*R{

i76^]CN

NO0!{:

38<o2c

Alw}Z

Zn#xO5[

> ' dLc

>Mk*\$

!@iY~:

uv?SYB

m(}3f)

x \!zl

M<(cPL

kjc._Y

-NAlo=

7.')LFS

F>xEXaE

'O}'b{

l*k5Sw

&pn>Cn

}~6=Y'r

Elj?*T

G&c<X.

ug;@BU*

Yq!3vo

H5 O':

mv3g]"

v}[U'i

DKf,Vb+nU

*398]C

\KsvLh

/Q(M]VS

7{N}k)u

mgz}r"

uxv3Tx

2,gyIH

oL*5x=

DL9z@p

&[tc"H

!~mYs2

g<qEiUe

?2^"rm

##?FQ"

Lt@Z:$

KE.#er

+cDTgRL

WDmLB:

3H>W]qN

]@AHL?

sw[\#G

Q/.&,z

iG_\AUs

GetComputerNameA

GetDateFormatW

FillConsoleOutputCharacterA

lstrlenA

WritePrivateProfileStructA

GetConsoleAliasesLengthW

PeekNamedPipe

TlsGetValue

AllocConsole

FindResourceW

HeapAlloc

_lwrite

InterlockedDecrement

InterlockedCompareExchange

FindCloseChangeNotification

ConnectNamedPipe

GetTickCount

GetConsoleAliasesA

GetConsoleAliasesLengthA

FormatMessageA

GetCompressedFileSizeW

GetLocaleInfoW

ReadConsoleInputA

FreeConsole

WriteConsoleOutputA

TransactNamedPipe

GetNamedPipeInfo

CreateActCtxA

GetProfileIntA

GetLastError

lstrcmpiA

GetProcAddress

VirtualAlloc

CreateMemoryResourceNotification

SearchPathA

SetFileApisToOEM

LoadLibraryA

OpenMutexA

EnumResourceTypesW

GetThreadPriority

GetCommTimeouts

HeapSetInformation

UpdateResourceW

CancelTimerQueueTimer

GetStringTypeW

OpenSemaphoreW

Module32NextW

GetWindowsDirectoryW

GetCurrentProcessId

AddConsoleAliasA

ResetWriteWatch

KERNEL32.dll

CharLowerBuffA

LoadMenuW

CharUpperBuffA

CharToOemBuffA

USER32.dll

InitiateSystemShutdownA

ADVAPI32.dll

InterlockedIncrement

InitializeCriticalSection

DeleteCriticalSection

EnterCriticalSection

LeaveCriticalSection

HeapFree

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

GetStartupInfoW

RtlUnwind

RaiseException

LCMapStringA

WideCharToMultiByte

MultiByteToWideChar

LCMapStringW

GetCPInfo

HeapCreate

VirtualFree

HeapReAlloc

GetModuleHandleW

TlsAlloc

TlsSetValue

TlsFree

SetLastError

GetCurrentThreadId

HeapSize

ExitProcess

WriteFile

GetStdHandle

GetModuleFileNameA

GetModuleFileNameW

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetCommandLineW

SetHandleCount

GetFileType

GetStartupInfoA

QueryPerformanceCounter

GetSystemTimeAsFileTime

GetACP

GetOEMCP

IsValidCodePage

GetUserDefaultLCID

GetLocaleInfoA

EnumSystemLocalesA

IsValidLocale

GetStringTypeA

InitializeCriticalSectionAndSpinCount

CloseHandle

CreateFileA

GetConsoleCP

GetConsoleMode

FlushFileBuffers

SetFilePointer

SetStdHandle

SetEndOfFile

GetProcessHeap

ReadFile

WriteConsoleA

GetConsoleOutputCP

WriteConsoleW

.?AV_Locimp@locale@std@@

.?AVout_of_range@std@@

.?AVtype_info@@

.?AVbad_exception@std@@

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUVWXYZ

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUVWXYZ

.?AV?$ctype@D@std@@

.?AUctype_base@std@@

.?AVfacet@locale@std@@

.?AV?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@

.?AV?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@

.?AV?$basic_iostream@DU?$char_traits@D@std@@@std@@

.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@

.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@

.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@

.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@

.?AV?$_Iosb@H@std@@

.?AVios_base@std@@

.?AVruntime_error@std@@

.?AVexception@std@@

.?AVlogic_error@std@@

.?AVfailure@ios_base@std@@

.?AVlength_error@std@@

.?AVbad_cast@std@@

.?AVbad_alloc@std@@

~~~~~~

BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB

ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ

BBBBBBBBBBBZ

|||||||||||||||||||||||||||||||||

BBBBBBBBB|Zs

ZBBBBBBB||

iiijijjjjjjjjjjjjjjjjjo

|ZBBBBB|ZZZZZ

AAMMM$$

|ZBBBBB

AMMMM$$

|ZBBBBBZ|

MMMM$M

|ZBBBBBZ|

TiAAAA

AAMMM$M

|ZBBBBBZ|

C~~~~~

|ZBBBBBZ|

o&|ZBBBBBZ|

U~~~~~

ZBBBBBZ|

~~~~~~

ZBBBBBZ|

ZlTLLL

~~~~~~

ZBBBBBZ|

~~~~~~

ZBBBBBZ|

ZBBBBBZ|<

RZBBBBBZ

ZBBBBBZ

ZZZZZZZZZZZZZZZZZ

ZBBBBBZ

ZBBBBBZR

ZBBBBBZ

BBBBBZR_

|BBBBBBZR_

RZBBBBBBBBBZ

ZBBBBBBBBBZ

BBBBBBBBBZ

NZZZZZZZZZZ

BBBBBBBBBBZ

BBBBBBBBBBBBBBBBBBBBBBZ

$$$$$M$MM$M

DBBBBBBBBBBBBBBBBBBBBBBBZ

BBBBBBBBBBBBBBBBBBBBBBBBB

**********

BBBBBBBBBBBBBBBBBBBBBBBBBBB

ZZZZZZZZZZZyS

]#BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB

CCCCCCCCCCCCCCCCCCCCCCT

cccccccccccccccccccc

.*.**Y

jjjjjm

%%%%==%%%%%

AAAAAAAAAAA

MR/CCCCCC

CCCCCa

CCCCCCCC

LLSh7008_

arrrrrrr

6iiiii.

}{z|{|

}}}}}|~

}~~}z~

~{}{|~~

}{}yz}

}|{y}~

~~}|||

~||||~

|}~z~}

z~}}{~

~}~~~y

~z~z~|

z{zz||

~{{~{}|

~|~~zz

~{|~|}

{}|{}}~

||~{~z

|}{~|~

{{{}{~|~

~~}{{}{

}}{z}|~

~{~||}}

|~z~~~

iiiiiiii

iiiiii

iiiiiiiii

iiiiiiiiii

iiiiiiii

iiiiiii

iiiiiiiii

3h4l4p4t4

48:@:H:P:X:`:h:p:x:

; ;(;0;8;@;H;P;X;`;h;p;x;

< <(<0<8<@<H<P<X<`<h<p<x<

3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3

4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4

4(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<

= =$=d=h=p=t=x=|=

>0>@>D>T>X>\>`>h>

?(?8?<?L?P?T?\?t?

0$0(0,040L0\0`0p0t0|0

101@1D1T1X1\1d1|1

242D2H2X2\2`2d2h2l2p2t2x2|2

3 3034383<3@3H3`3d3|3

4 4$4(4,444L4\4`4p4t4x4

545D5H5P5h5

;2;C;u;

;#<#=?=q=U?

020@0{0

3-323:3F3N3T3Z3x3~3

4,4C4P4U4[4i4

41575L5S5[5r5

6)6=6N6Y6

7 7*7:7@7F7R7_7

8(8X8}8

9999I9S9m9s9y9

:9:X:p:}:

:';,;2;7;B;H;N;T;b;

?6?=?E?i?u?

0%0J0X0f0y0

;S<q<O=f=

R0`0z0

1b2m2~2

2&303I3Q3i3z3

4$4R4\4p4

545I5Q5[5j5w5}5

606:6W6h6r6

:;;S;k;

;J<P<a<

>->V>[>r>

3%3:3_3s3

:#;V;v;;<e<

=>6>G>

8:8q8y8

:#;0;C;

6&8.8C8N8

3 3$3(3,30343~3

4#4(4,404Q4{4

5 5$5(5,5

5)626>6

7C7a7h7l7p7t7x7|7

7F8Q8l8s8x8|8

9 9j9p9t9x9|9

;#;C;z;

<C<Q<W<z<

0-020A0J0W0b0t0

11-14191B1O1U1o1

576|6O8Z8b8u8

>->4>C>O>\>

?'?0?T?

8=8c8K:y<}<

="=-=9=N=U=i=p=

>,>;>B>O>r>

?#???W?}?

0$0\0d0

1"1.13181>1B1H1M1S1X1g1}1

383>3G3N3p3

4&4/4E4P4j4v4~4

55*5/5M5

6D6L6k6{6

828R8W819>9

: :D:M:T:]:

;';?;Q;u;

;(<.<G<M<

0W0p0w0

3@3M3Y3a3i3u3

4,555;5

77+74797?7I7R7]7i7n7~7

>I>]?h?q?

0 020D0V0h0

5!6,666O6Y6l6

90989@9W9p9

<-<J<y<

G9K9O9S9W9[9_9c9g9k9o9s9w9{9

0V011i1|1

5(5\5b5n5

7!7'7h8

:6;W;y;

5U5u5W8y8

? ?U?c?i?y?~?

879W9G:p:

0L0t0

3A3p3 4r4

2K4Y4a4n4

5!5'5.5@506

(0K0n0

1!1<1Y1y1

4"4'444@4`4l4

5 5(505<5\5`5d5l5

6 6<6@6H6L6h6

7(707`7h7l7

8 8@8`8l8

9,909P9l9p9

:,:0:L:P:p:

;8;X;x;

< <(<0<8<L<T<X<\<d<l<t<

=0=8=@=H=P=\=

>4>@>`>l>

?<?H?h?p?x?

0$0,040@0l0

04080X0`0

3P6`6d6h6t6|6

8 8D8P8T8X8\8`8h8l8p8t8x8|8

9(9094989<9@9D9H9L9P9T9`9

1,1L1p1

383T3p3X:x:

((((( H

h(((( H

KERNEL32.DLL

mscoree.dll

(null)

nuhimawaladixibigikaka

zamunekewanitefihafumokalip nidoyenilugazaxameceyaji hekife vovezuf

Tuc rumajap

kernel32.dll

bazemapukerotoyum

yrajizufinoforujuredepizutone

wakoyotewuvizodopaxojigugeramilitewaxeliwumemeriwujicatubibumehuticoxuricowasikiyejuhexujijusox

covusaselowewadesozoxotaladabixapofosiyawebayatelazuhebipukawocaguvuj

livogegicalepugiyuriwivijilex

lvecuvisipiwasuyu

gayikezojoni

jjjjjjj

jjjjjj

/ P6pL

,/KPip

/-P?pR

/ P6pL

,/KPip

/-P?pR

/ P6pL

,/KPip

/-P?pR

/ P6pL

,/KPip

/-P?pR

/ P6pL

,/KPip

/-P?pR

/ P6pL

,/KPip

/-P?pR

/ P6pL

,/KPip

/-P?pR

/ P6pL

,/KPip

/-P?pR

/ P6pL

,/KPip

/-P?pR

VS_VERSION_INFO

StringFileInfo

042831F2

FileDescription

ElecticalStone

LegalCopyright

ProductsVersion

77.87.43.15

ProductName

Octoberfxst

ProductionVersion

89.66.9.2

VarFileInfo

Translation

FoyokuWTuluzatuxijayuz yazakamu buyuyapilaca zopucodazetew kupuzipuyuzumat hajo kakelonobufihe

Mupahoho

Celovehiz duwTTukexip remu xeceseviticu bozupezijo cedugod magoyojutil sovemilazoxun motideweyalad;Sehupohux nifecihukifu fowujes toj hucosoyofanafop rujukodeUCamudezuc xaweb sehekotibo mukifuvayedobi puyofi howojexih wujeduvudeh kifaxudilodege

Vujicer tefaGBupeyomozil cazime jalevuromoyeji coyekubuwig mefiwaho xototuxu guregaw5Kewimawexukidu modato siyed ruzirus fewa kagifixadabiLVosojusat xecori xasigejisol kirakiponapigon hokemizih cikuzogi leyalili hez

TugikoILejowetobev sojola tadoricaluhukeg faxapaw daweroganux mig sucabedupezaxu8Fijegucobih maguv pere gezizuyaz dojohoxila tawo cixopil

1Jalijel podufil balifonusojo nalo yosavafuwiwozon

Wugil labezuvu

-Feh suremuyojupoves fasixacawek juzivunowoxog

Mavoyuwetagi junil8Sibinarij surusajogud jiru rusekir vujocudoki meyotexibi

Tenaf hegamope ditiyixuy

Antivirus	Signature
Bkav	W32.AIDetectMalware
Lionic	Clean
tehtris	Generic.Malware
MicroWorld-eScan	Clean
FireEye	Generic.mg.0293212e847c1177
CAT-QuickHeal	Ransom.Stop.P5
ALYac	Clean
Malwarebytes	Clean
VIPRE	Clean
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Clean
BitDefender	Clean
K7GW	Clean
CrowdStrike	win/malicious_confidence_100% (W)
Baidu	Clean
VirIT	Clean
Cyren	W32/Kryptik.KGV.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	Clean
APEX	Malicious
Paloalto	Clean
ClamAV	Win.Packer.pkr_ce1a-9980177-0
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Clean
NANO-Antivirus	Clean
ViRobot	Clean
TACHYON	Clean
Sophos	Troj/Krypt-VK
F-Secure	Clean
DrWeb	Clean
Zillya	Clean
TrendMicro	Clean
McAfee-GW-Edition	BehavesLike.Win32.Lockbit.gc
Trapmine	Clean
CMC	Clean
Emsisoft	Clean
Ikarus	Trojan-Spy.Agent
GData	Clean
Jiangmin	Clean
Webroot	Clean
Avira	Clean
Antiy-AVL	Clean
Gridinsoft	Ransom.Win32.STOP.dg!n
Xcitium	Clean
Arcabit	Clean
SUPERAntiSpyware	Clean
ZoneAlarm	UDS:DangerousObject.Multi.Generic
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Clean
Acronis	suspicious
McAfee	Trojan-FVMU!0293212E847C
MAX	Clean
DeepInstinct	MALICIOUS
VBA32	Clean
Cylance	unsafe
Panda	Clean
Zoner	Clean
TrendMicro-HouseCall	Clean
Rising	Trojan.Kryptik!1.B663 (CLASSIC)
Yandex	Clean
SentinelOne	Static AI - Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/GenKryptik.ERHN!tr
BitDefenderTheta	Clean
AVG	FileRepMalware [Cryp]
Cybereason	Clean
Avast	FileRepMalware [Cryp]

Static Analysis

PE Compile Time

PDB Path

PE Imphash

Sections

Resources

Imports