Static | ZeroBOX

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x0000b000	0x0000ac00	6.53852351814
.data	0x0000c000	0x00003000	0x00000600	6.59774762776
.rsrc	0x0000f000	0x000a5828	0x000a5a00	7.93579518272
.reloc	0x000b5000	0x00000d98	0x00000e00	4.8066016426

Name	Offset	Size	Language	Sub-language	File type
AVI	0x0000fa58	0x00002e1a	LANG_ENGLISH	SUBLANG_ENGLISH_US	RIFF (little-endian) data, AVI, 272 x 60, 10.00 fps, video: RLE 8bpp
RT_ICON	0x00015cdc	0x00001128	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_ICON	0x00015cdc	0x00001128	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_ICON	0x00015cdc	0x00001128	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_DIALOG	0x000183dc	0x000000ee	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_STRING	0x00019940	0x000003ce	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_STRING	0x00019940	0x000003ce	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_STRING	0x00019940	0x000003ce	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_STRING	0x00019940	0x000003ce	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_STRING	0x00019940	0x000003ce	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_STRING	0x00019940	0x000003ce	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_RCDATA	0x000b3e84	0x00000007	LANG_ENGLISH	SUBLANG_ENGLISH_US	ASCII text, with no line terminators
RT_GROUP_ICON	0x000b3e8c	0x00000030	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_VERSION	0x000b3ebc	0x00000480	LANG_NEUTRAL	SUBLANG_NEUTRAL	data
RT_MANIFEST	0x000b433c	0x000004ec	LANG_ENGLISH	SUBLANG_ENGLISH_US	XML 1.0 document, ASCII text, with CRLF line terminators

!This program cannot be run in DOS mode.

JRich"

`.data

@.reloc

ADVAPI32.dll

KERNEL32.dll

GDI32.dll

USER32.dll

msvcrt.dll

COMCTL32.dll

VERSION.dll

CheckTokenMembership

advapi32.dll

SeShutdownPrivilege

wininit.ini

DelNodeRunDLL32

advpack.dll

Software\Microsoft\Windows\CurrentVersion\App Paths

setupapi.dll

setupx.dll

Version

AdvancedINF

Reboot

UPDFILE%lu

HeapSetInformation

CABINET

LoadString() Error. Could not load string resource.

<None>

UPROMPT

IXP%03d.TMP

TMP4351$.TMP

RegServer

LICENSE

FINISHMSG

PACKINSTSPACE

FILESIZES

VERCHECK

INSTANCECHECK

EXTRACTOPT

POSTRUNPROGRAM

RUNPROGRAM

USRQCMD

ADMQCMD

SHOWWINDOW

REBOOT

msdownld.tmp

DecryptFileA

```hhh

xppwpp

Control Panel\Desktop\ResourceLocale

PSSSSSSh

u'VVVV

PVVVVVV

t98t5h

t6SWWW

|8dWj@

Et"HHt

t9WWh[6

PQVVj VVVSV

4SVWh<

j SVh$

j WVhJ

URPQQh

UQPXY]Y[

:9^(t2

B9N(tU

tBHt$Ht

Ht[Ht&

F WWWWWW

HteHt6H

tBHt$Ht

HtfHt0Ht

9{DuBP

9{Hu4P

G"f;Fjr

8LDICt

>LDICt

FreeSid

AllocateAndInitializeSid

EqualSid

GetTokenInformation

OpenProcessToken

AdjustTokenPrivileges

LookupPrivilegeValueA

RegCloseKey

RegDeleteValueA

RegOpenKeyExA

RegQueryValueExA

RegQueryInfoKeyA

RegSetValueExA

RegCreateKeyExA

ADVAPI32.dll

FreeLibrary

GetProcAddress

LoadLibraryA

CloseHandle

LocalFree

LocalAlloc

GetLastError

GetCurrentProcess

lstrlenA

_lclose

_llseek

_lopen

WritePrivateProfileStringA

GetWindowsDirectoryA

CreateDirectoryA

GetFileAttributesA

GetModuleFileNameA

GetSystemDirectoryA

RemoveDirectoryA

FindClose

FindNextFileA

DeleteFileA

SetFileAttributesA

lstrcmpA

FindFirstFileA

ExpandEnvironmentStringsA

GlobalFree

GlobalUnlock

GlobalLock

GlobalAlloc

IsDBCSLeadByte

GetShortPathNameA

GetPrivateProfileStringA

GetPrivateProfileIntA

CompareStringA

GetVersion

GetModuleHandleW

FreeResource

LockResource

LoadResource

SizeofResource

FindResourceA

ReadFile

WriteFile

SetFilePointer

SetFileTime

LocalFileTimeToFileTime

DosDateTimeToFileTime

CreateFileA

SetCurrentDirectoryA

GetTempFileNameA

GetVolumeInformationA

FormatMessageA

GetCurrentDirectoryA

ExitProcess

LoadLibraryExA

GetVersionExA

GetExitCodeProcess

WaitForSingleObject

CreateProcessA

GetTempPathA

GetSystemInfo

CreateMutexA

SetEvent

CreateEventA

CreateThread

ResetEvent

TerminateThread

GetDriveTypeA

KERNEL32.dll

GetDeviceCaps

GDI32.dll

MessageBeep

SetDlgItemTextA

LoadStringA

GetDesktopWindow

EndDialog

ExitWindowsEx

CharNextA

CharUpperA

CharPrevA

SetWindowLongA

GetWindowLongA

CallWindowProcA

DispatchMessageA

MsgWaitForMultipleObjects

PeekMessageA

SendMessageA

SetWindowPos

ReleaseDC

GetWindowRect

SendDlgItemMessageA

GetDlgItem

SetForegroundWindow

SetWindowTextA

MessageBoxA

DialogBoxIndirectParamA

ShowWindow

EnableWindow

GetDlgItemTextA

USER32.dll

_vsnprintf

memset

memcpy

__getmainargs

_cexit

_XcptFilter

_ismbblead

_acmdln

_initterm

_amsg_exit

__setusermatherr

__p__commode

__p__fmode

__set_app_type

msvcrt.dll

?terminate@@YAXXZ

_controlfp

COMCTL32.dll

VerQueryValueA

GetFileVersionInfoA

GetFileVersionInfoSizeA

VERSION.dll

InterlockedExchange

InterlockedCompareExchange

GetStartupInfoA

RtlUnwind

SetUnhandledExceptionFilter

GetModuleHandleA

QueryPerformanceCounter

GetTickCount

GetCurrentThreadId

GetCurrentProcessId

GetSystemTimeAsFileTime

TerminateProcess

UnhandledExceptionFilter

EnumResourceLanguagesA

MulDiv

GetDiskFreeSpaceA

GetSystemMetrics

WEXTRACT

*MEMCAB

rundll32.exe %s,InstallHinfSection %s 128 %s

SHELL32.DLL

SHGetSpecialFolderLocation

SHBrowseForFolder

SHGetPathFromIDList

DefaultInstall

DoInfInstall

Software\Microsoft\Windows\CurrentVersion\RunOnce

System\CurrentControlSet\Control\Session Manager

PendingFileRenameOperations

System\CurrentControlSet\Control\Session Manager\FileRenameOperations

wextract_cleanup%d

%s /D:%s

rundll32.exe %sadvpack.dll,DelNodeRunDLL32 "%s"

Command.com /c %s

WEXTRACT

*MEMCAB

rundll32.exe %s,InstallHinfSection %s 128 %s

SHELL32.DLL

SHGetSpecialFolderLocation

SHBrowseForFolder

SHGetPathFromIDList

DefaultInstall

DoInfInstall

AVI LIST

hdrlavih8

strlstrh8

vidsRLE

LISTv$

movi00dc(

IDATx^

o9<#Ggg

w5.A6@

o_|@GN

].R=N45^S

ee|UM3

6wy6.:|

<None>

Scales

Firefox

Campus

Jerusalem

Refund

Boring

0pY"D=Gl

zW/}V*U

w"DhJiv

3dG~3cGq2

4Z>VO3

S1sV,se{

Qs}FQ.[

Lsoy{t

}J[l3;

t@WN_i

c2<_$z

HI"siH

M,}d*q

H3yyru

o?X5]#E

wcrqjg

_'(MK

z.?,`_

njIafW)

o&;Ylz

O/!c=7

-%TrBE\

td2$DB

,"]sJ~a

U1|=q0

1JNF@g-

s!,:J^

9wzDUA

M*{mJKp],F

$3 6(qf

N@!BPV

vWA>7Q

wE);[G

HiV%xu{

1j.KO(c

Y#e@3y

a)cYR{

s#M'Jx

yLR~R3

AH085?R

*IS\uwjw.*

qBDbEUfXuu

,8TgH%

A"K)k.

Vszw[>D;

;Ns.92n

g3/J7Ry

R`0%"_

3@-C,4

BQD)e!g

3%I5L#

"IF>c!

_oDhGh

wk^,g<

H/=Wyi

/0Yleq

$"&/NC

bm_~@y

@qnZmC

{{3+_Z

pp6P7)w

(K%rYr)hu

9&EZE6

#inde<D

UVXC/Q

;0vR*Ol

vjj-<)0

'"1PyV

D#6gmj

T3d\,7R

YIR1*x

*B>dq5

Lx>y&: w

WG1D@6

$RI}\G

9<l6hNX

]3spZxM

&J&A'`

4+K=!r

#@&mop

Pd>Wsi

w=*G]{f

tEn;Nel

1KXRnm

9odR5Cw

:Y%TY\

RmDdTH

IUVzX=

''--8|[

A&no *

8>%>fR

r=gAQ6

OXL>neP

BBgP/hO2!8Cr

Zt)%Id

fffFff'

G,HBn7

s,loU{.

E1@O=%)

5;67w.D

!jtukS

7@u$c

zi|GBU>

EY4Xsi

o|/o$8

x VyQv

_XkMb5

XVZXb_

AD^^`V

s*:Q95

`0%ca81

$$t8y

:>Gz/X

0`7ihC

Lr0xI]

3iAvTb!F7

]aX 9(C

/].646k6

S?VYQ0<

QQUH^?j

n9r*rK

:Ba!veiYN

g<J+;7

?f<W^jF

nczLCE

A)!it'1!

L_{] 9

yB"ddJ

#z"NFa

;;KVaO

`*0STU

TTW=;L

A[`OJd

cA {iG

`eb`cj

"80b`@

'o'i^w

)q|O8M

pk"fJO

;4*#h>

/Rg!'w

(XShXm

VtSp?@

9)+xT#

A?}jr{Nn

ucDf;n

]<'@:;

IZF&[-a)cxVa

FWf7Te

7,2Xy2

F#l],N

~:D/#G\'

W&lVrJQ

%5M1|DT

k:r!Gb;

f=5?|[r

W]E(1%

V@-Kq1(

3E9[Bc

_,c^Fn

cY=LHa]

+H@-KoQ

T<`]8!

UUS]*JZ

/(~`|>

UoDkilW

|.-,F&

{;)d!=^qP

l[L,$

D+EOTt

jDM@/~

5$gZ\<

vc?\WU

Nskl3V6d

5A9oeYN

9k6<;m

o2P=7PE

KeKSe|

# 2"Z$

uR?'Kr

'GTY&{(&g

t%es?B[

4_BEr@s

=QRwC|

V9>XYI

DrQR0.v

[`=++g

2tR%2e?

udvIdl8

>^&x:F*l

0uz8qk

CqRik]::

hb$|(t

HbQ/PO

h$AJVg

zxP[Hy{

+[yF`Q

+e.kT

g+m'%3

%2eGXK

X2ZSb,m

V:JV:p

"5iYNA

_%|v\/u

eH92nO

=sphuBs

)QnVw+

wd^c#!Y

E-b| "

t)1KP)W),

tp6hN0

Z8Y5v(

.^ti_

i-Di'Tx

>T+)0-

nl?1Yj6

P%S)j<:

+kvGu\/

gI/#eh

W""o#zf

&~QPww

Q!Aw$bE

|wx{W8

6s CD%

';r/tO

x> n!~

c,iVe5

0xl)Z)[

@J?BO~s

eb15a;0

rI|TDB

wwcu{1e[L9

ju2%c_K

e*^xZA

Q_n5kt

0 0~Yt*$

Gh{D;5q5^

3A"oQ1

d+{1 =]z

S12[|V

S6]+&'t&

M1fb|p

bYT$Gy

\9YLXj

Gh+ZLO5

<P0eVd

BnuD$/

}5chj!

W,JOH]

gC'k,g

===Vwl

1w=I^L2IQR|

Z)j-8<

0lJ3@Z

9|M~QK6

h@J9gy

B*cl5<nu

C2}1edC

>LT@>

PGx"9k

#ai'2Z

Y5]Wy`QUaX

(fx>\]

)D>\Eq"

&%} Th

syR!(e

p}kz4W

}8@s=M`j}f

|k2Ub8

Fh3.`tS

5/(BtY

C|IqOSyOE

n!q+g-

_NVZ~]

BjNhE|

Kw1^C/

xWmb~h

oi>oN{

U?R/ie1

\(8c V

F<V1pC

SC)(dR

"k-[&#

oIORtdRz

qj>ZOA

@Y%XL>

_~zkC1

0(e#e!:

5k;J.Fj

|SZ<Bx

&,HOdaW

`[|!z6

Lag5@?

Ky-c7i7{

uxS4*r

'Fi/8H

b\Tc'5b

Ti7w^j

<dy<<x

Vv!w%.

0Lw#}}=h

?Us1]n

\+Js{?

/*-Nbe

.,E+sz

AL*{r`

HS^t?@+o

.W@)/l2

~~r*;i

UV1P+X

PY~'.2

M\CIFW5N

&2R4"5

[exs0+

'?r+U$

I!qL|XGt

f/LSi(

;(}V=y

}46 ,

iTuGj]

7Aw<QZ

_!Vmw

+V*1>%

5"]Qfh5

*`R2\W

1|E_nt

U@QXq[

kC@J

%]*&~]2

srk?N:

mb$41"

%TfD1"X

?*P)6g

8wi.Ep

"d{igpYm

?A;JbxB

_s\^[^

5ekD#Z

Oa_`C8

ueT|_e3

lkR9;k

S'k}f

qglS;>

[:FlYt

c"KHO'

hKpk<>2_

f~ZTN.

0Yx<hH

$_B,|(

'Cv!$`

whS4n+TRd

4,K:lM*S|

"/,98a

"+ZLNk

#az*/h

}IJgkI

5^h?~J

d9z..!

qtH(]uZ

\-:^E;

3a?@.N

Rqr%@Jm\

vA"}X=

zeQEx)

zO;.6~

qEqk|x

|]2I)d(

:&k"A~

4v{7[T

5t0Ou/EE

C6w$~J

FSTHpyl

Ho&CD"

29B4,^ei

G; /d's

q@[gsK

YGK__Z

r8[d^b

1;61Q^

KWl`!Vq=3

A_(NJh

JoXK\l`N9

X"Ll)'

Va'~:fI

Jazb"2

J3Qr..

&9"'J3

2lx@ k

*(d?9B0O

Hx/lnf1#

}w]T{G'

S2Si=

!$!&!(!, -

T!U!4"R

OE]Rep

K6LVCE

5'6xhx

Zx\yGo

V2Y,td

~}gffs

<vXM0-5

R4q>.^

co h<0;s

2;1hlT

q@~dL

(!O@IbHpS

S~bcN3

!][>2

EZs2*

*\Pa[Pne

VRAdS/

M8{`Tx

US,sKr

)k,A3unQ

lB|K<@c

;5n%QA

;n{=Zy

3C|>rb

7Yi:&u

>5{(Gho

H5m>:8

^\h%u:i?

(D@Q\R

+)<V)U

=6r~Jl

cp'Qqs

K>0F/#oM

?Wbf.V

lqtt#

>_p`X

fOyw<)

WNHGsJ<

MeTQ|'

xW(,f99Vdf

0NXOv6

.QRm2ak\

Rt%o|s

5TnG-

N9ZQ[q

2J,7`P

JoWKS|

7$pu5h

WIKp"P

n$ip3|

PKR&JA

k]oYuS

B+UZK[

N,8Go5

c1?!c#No

@KN%"

X30i'~

`|LI?|

GLqHUHk

--$U}-

d:;qwL

R+C`$@

CgOSl9c

J8]z,Y0

,U|n0_

@k_(OI

Jj2"RS%i

TGGuuTm

TGGuuT

)L>mVh

Dn&l]?tz

C0V^x

joU2V9

"<[=?A

JO2zGx*:

\K?/+eQ4

$v`\K^

20pcT[4

_V<L=Y

9z{)|

1Hc~ 8

8tvph5(

G% u/(

'*1dL'

[Z@3}N~

&\fz'a

Lp$d~b

&p|Z+;jGc1niWz8

h@jG~t

o>az'd%

i;0SYG

OhPh12+{

k)i+O["

d/!H|*g

(F@u&4

.r'$UL

`@2"yo

_!@F 8:

-Gth(k

_+(4wf/

xWh~^

Y<l`~T

s)1 '|

%_xupf9

0d0q|[{

[HA|~k

(#y,GNR

(C|#4O"

LKj\B>

@omS@}

H[UyQ&

gLv1ED

QxE#wS

sG;[efL

Di4OYqk#

;)+L/{{

DItv+M

;.\ \(

{^5`Q$

}Aa4a!

'f;}a65

=h-o">

:lz|75

[Cw!E!

OLwlIg

BI%LXT

}D_iXtJ

U2&%^)

@o=oZ}

x&GtaNA

lF%r?

3MV_Rf

+Bo_vk

GD/XBE

0}Db%y^

_edQyC

Xo'++5+

"$:<XL

)a;B04

)OCT]6

`OtQD,

b^Gb\w

cZtOr`!

4I*T9E7

VVVVnV++++7+

&q[\Vp"

Eu|Ed\

0(E(VmdO

}<p3,?_k

g&vnz8

WJjaEE

D-StC]

v5};B?

kULV3Zi

EU)t>W)Z

Na177N2

+xKoZi

`;(Mc"

>OQ^~<

*7gOGJ

ABt[lQ

l15O#:CR

9)!.EB

9q_y&b

'P4._d

.sdt2g

l\|uSh

ABBEYP

8.K/='N

"v31,l>9

:O+o3y

3>1@VQ

D_/oQ.

X'.:t|

7*r-sx

Av?FtvgwW[

2]iT<`~

A,Ot{C

6&"^Y%]

!1h}(&w$1N"

F/&{kG

_ALnL

=~HYAl76%=

qc_k2.

oP=oR=

AprOfX

=-=<a#

*s+^{eJ

g.W!Tp6

T0&ttaM

-h]vOiKb

VV^d-r+<gv

[W=j"M

?K`st.

%}t&j:d?)

OugNS.N

,HprNc

RoV$I'

G,se\T

;um1H2

s&Z;:[

r9Cn}"

`6N0[n

DdzekQ

L<Vm'9

@Wehsf

-pTlkY

1o'+3G

|5:p6|

yh5wj/j$

#A /-]WKC[

E=1Pd1

*[#Faud

V:;Yn

N%9!9]

k)2i&O

:|Sj)Y

8iF_NU

Zf"oJ"

D$k7wXk:

rw6UO^

0Uj,B6

Z_sAoA0$

!#/\X

r'pwe3

/a>y%gd&

OP0;z7p

Fxufwx

;M|%iT

Aq4[\-

tq%_,<.

Eax:{_z

Rm_P>Iy

"q8jO7

55';j8

rr)oC7%

Uwzi+[

(f84B.k<V"'

;g<s+]^x

C~rvN4{S

1<W-i Cg*

!vv}-5

znTxyY

^co.#v

hHUB,_

6^)KByDx

oE"bfsY

cH[Sj|

lI*>GH

}.b!MB(T

c7<`tD=

~mkb\U

I7PDB#

}95k"[)

ND*cnL

ln{o}1E

#`;+G7o

d1m&YM

+|%o@S

jQo|9M

p"8:]-!]!

hP_!(S)x

#:y1uC

T%M!T`

o@d&=

2j5j_%

h5M`%3f

1Y]<3R

/(U]1S

c_cT;-

ZNqjyp

Ki6;U/

0H`HVI

h,oI9S

NrlfWJ

RfL%^ O

vn!f!q

Rw+'oi'

666*JT

@ YJ6Z/

&/#1Xi

<O"*;#

R2iIt:

/5lTjd^,

<j[MvpDZ

#|2g&uZ

l{PAF`

_[Q:JE

dUZeez6

/80EY5

$vX11?

e<WrZ#

\]PiPM

3{r]vF

gj)#v

F77e`o

d[-AL_;"

qKHN(yU

V3gVfe

t7C%B

PD7:C{

. oNvv

I3,p]^

.V!Sei

&X!Qpf+s

[$V%wIr

Oiq8q2+?a)%:

zMrKIN

dVLTw5

~Xx$Bv

&:QchK0

[AO$Tl

NVBoD^

CQZ;*T

krprD

4]Bfew

b%!hB"

`H;!R>

`y$(B8

%l5jI9

wU(6wP

J<jZp+

9bw\sxI

DGm_Z9]

L[RT+wd

`c'Op_

i&[N_9

Dqe -3V

;agUA}

vnSsR5

>kSi7

_JYOr;

=/oz^\~

n'9!}p

/xUJd/

zHO`u"b*

4!`cem

^c{^~2,k0

Gy,kBl

12KW6!

Y._lIy

:*-#X"

MN#HM>

cE1L*U|

@#wc`x

]T5)+?'

}GD#}W

3w^p#w

]3_-[

[GU7]%

3"eV7V

1%|rMp

ANm{#uR

YTve86

kEcax$>nk

$:L8Ts>

}+d^Awh%

I-uir4

~d_-1eO[O9

BH(G3R

mD-#rZZ

Zcpvi[$V

Ky].S_?

C*Y-S5

!MFl3e

J[O@a`

EaDB-

[]BqwI

c/>b2>

25^DH}XW}

3dL#M>

]rD)#s

:]&hjozM

-G@T;S

L(tub^>'

T7_."[

Ev<ly@

*/zR1>

.GCNULCa

{4<,0B

yrr~1W

vOuX)t

tpo.%J

!M'3gZ

`o1W8

\{hzNlz

!Q<w D

?4JgAvK

$)~Eb0

ksJ:yv

w9/Z&

1}c11

N;@,Yg

Co;+0.

))x,*i

_CI2lP

H87y3N

h.n%NLL

MQO26i

Sef5}q/

.vsc^aEo

P7?%!&U

`)j,#.J

~c?5c

g.e[J^

6(*CxAJq

/T%Do%

:;wrM1i

5gt+Sx

7($gLZ

99{MQOH

=)zaTxV

8iZ,@5:

+![ur@

4&,o2Z

6"o\fQ

)P\a9x

f]uW"J

NNw!}8

rBu@=E

Cl,B*N

S'fN>

>/0vJg

p\5ndl

jB*NQvUD^

:_H,%.v

!nvrDD_v

SMzrTV

\=`Qk(

~XSh{D!

Hs3&&!=

[vrI4p

b*fVkD

J*K4fF

S(D7W_

Vn/gh[4

O1Ny.E/<

Kg3=kZ

"+(Qc"

7X|VocPs

Atf/;L

A~lOR

P2L]VE

iCwU@9

vmiEl*

*1br2

WZ)-:.

-zu)fM

yG5\z{H@

J*:MM,

UU$RpG

Xluid)

{-e~`m

T~*6eC

iS%!J+

xvFLl4

m)m]ou

SzszFn

t1tAtUt&wE

U^a^u_j

VDKrk$&:

^9^M[q

9lIlSl

2Xlhs1n

zs|&p(

\9sZToV

6#vGzG

[#[,[5[?IH

_%_._7_

U%UIUGS

&-/W8WCWIW

Wi+U5[WaWjW

'k(+1i

*:JzBnR

$;XnF((

9L$QI"

2W6W<W@WEWMWVW

YGYNYRYW

{X\:/$J

i5mq:,:

LtS:'.w

Ca[;>Y

1]:]KaN]Wa

'_A,QP

~u>uM@!

x[o%S%Te.U]4

ivgHM4

15a3mk

+nmA^u

xp]mN(

DHM/<)

,Y<N{s]7

%iQX2,

,%EjI,

"wsMN[]

k"@C.;UD(a

L++BmM

urZdmH

(G;*T*

1$AtR2

Mqsw]v

V_Xn8[B*

vA/y

Zl}T{G~|

_d{rjf

#XeEDE

Khe6"$

R\^fn4H

!YF4,gEW

k0yg9g

oSoU9.ZB

Y"S+KVU

+3G+rd

<[BXHH

7C]khq

/k'8`{s[e

uC$t8(2

k'z9dGaq_

Nm1(-3

!Zy|6w

pO<'M=y

=.why$

N)$qZWG

$?;q$$

pCHHG,

x!0fb

,7K(0,u

ZU>2`)+

4>Ev!o

XJ'LYHI

WaNuP}

`X9%I1

/.Q-e<<Z

"j?$LEY

%#2JZK8~Q

JAy<B9

sF`s?Z

aLvX+G3

K8:Pue

8=M4ZQ

\L@uD

*iC]Hu

e 7Uz4

){kgbch

dCb_y>&9q

fSNeR

56bR%MO}

*!am@z

Wzj{L*

\zEh'i)!

Zf3^3E

_Ep3[z

SUP5jet

\+0VE=

3TAj+C?

~5CWZO

skD[#6

lrft}@

!&f2Z-?g

,A_4H%A

c`<D1(dcV

C|fLa

IV;C0B

f[0;aqm

>R\y+I/

RvIX!a

3$O2@83

|f*W385

;&A2P;

)Xrem=

E~Oyq226

`fB|dm<)

MG0rWO

6K-4D&(

r *wm2

)wVK;u

cQyL!L

`vI]i}'

J&(IV[8

*G3e\&

-UV*rq

"|2NxB

'5fygc

dW1eit

)xl/k]

`Y5\3I

(LW..G

Tn^E_i

iv+y>&2

NHYw{hN

c9RKay

~N{8O|x

{9Xwt6

w-k&/k

*s';RH

WC(OpNx

>A;<?T

-rg|#"f

U+0FcWc

D/n&b|

Tm19L0

wH|[vZ

rnl-l3:

CzK3-p

n8bzK66

oAW?vR

((oFZh

6jM!9llz\9

Q1xY6w

Ylr\r\K

IazkjIa

;~EdD5!

BYcxmb

F\+#Or

p\RUu07

zSZu<t-S

Jj/\GW

y`mUk\m

lA]ui

qunIU

/[]>P6T

C0_{N v

VnO_S"

a@^a8D

rd)==[z3P

OQ_VR[

Q]Gb#Hmle

!-;x8

H1M0p17I

,XuHa

oisW`

Z?nn_U

js"[Zd

usw$$"d

t{X8|A

L6bpbF

.\lt[w

10R`Bz

$[:g]O

V94 3p

`wrQj,mw

v[=Bg=

f6zPM=

:}Sg7#

(d@vySQ

UCJqL

XLX2Ve

Tt: v_l

k>ovCYw

?N#gu;

G`Rb*'1

Vy)$k<

B"|6\(D

{C,m8_#

/!QF;m

;W(*fMb}Z

m?!hRT

Yh)KM3>IF:}

X!yQWf

j"'Q-

Z)g~J-

ay_\mJ

hm}GvID

lX=x3(

ju`{tM

UO{.w6

vDbyJ@2

ybT.3ZsU

/VLNd5

Fq7JFq

/;Y5\7

\oLP<QC

Li/_Z%K

"aMgj#p

H|:T~g/

AF;_q6

]\$k_#'wJ

Z0*.t5h

r9*{mJ

c@W8;D

_NR&+C%FC

re,Z_

g.1OyC0

:YP{8[

`5+]uqZ

*3tYj!Qa

=2F7XT

S-Zpp}

Yl1Jx6

Nfr"@=3

]vSpTv

LjvUG

!gb5d%

#D]Scv

.l$j?E

CEA+qm

<{VGGV

eUpi,Wh

Cq8c(%c

,+l%}BvDlh

v).>m`

X^u`)W

@A5L_3

{]>wK@

G2o;^{

zV3-T@

<None>

cmd /k move Ko Ko.bat & Ko.bat & exit

TapiUnattend.exe

Aug Viewing Stays

<None>

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

Authors:

GaryY

Module name:

wextract.manifest

Abstract:

Manifest to support IExpress WExtract.exe.

<assemblyIdentity

version="1.0.0.0"

processorArchitecture="x86"

name="wextract"

type="win32"

<description>IExpress extraction tool</description>

<assemblyIdentity

type="win32"

name="Microsoft.Windows.Common-Controls"

version="6.0.0.0"

processorArchitecture="x86"

publicKeyToken="6595b64144ccf1df"

language="*"

</dependentAssembly>

</dependency>

<requestedExecutionLevel

level="asInvoker"

uiAccess="false"/>

</requestedPrivileges>

</security>

</trustInfo>

</assembly>

2X5\5,707

8G8[8d8

9N9d9z9

:/:5:H:P:

;-;4;S;_;x;

;/<K<T<q<

<+=F=V=

1+101J1Y1`1z1

2$2*212X2d2p2w2

363?3U3a3

444V4b4

4!5H5`5

5 6L6R6

7@7L7X7

9F9L9^9e9

;];o;t;

<<$<*<4<i<q<

?'?]?y?

1$171[1b1|1

2!2E2S2Z2j2

3!3,3@3`3j3p3v3|3

4?4V4h4x4~4

7a7k7u7

768S8c8

9<9O9r9

9%:C:V:v:

<#<;<G<d<r<

>3>@>M>S>\>l>t>

0%0G0_0|0

1^1q1~1

3w3R4_4l4s4y4

4!5'5C5U5

7#777d7

8(808g8~8

89&9A9[9i9

9-:::_:q:

;9;G;f;o;

;$<+<1<<<Q<W<d<n<t<y<

?A?G?M?X?^?d?o?{?

0*0=0I0P0l0~0

1+1a1j1

333?3`3k3

5 5%5*5/54595L5R5X5]5|5

6'64696P6U6_6

7(7<7W7a7u7

8$8*8R8X8^8e8j8

9"979U9\9m9t9

;);8;U;

</<9<H<O<^<

= =&=,=@=F=U=d=x=

>&>.>5>@>P>f>s>

10P0f0

1.1F1R1f1m1

1!272D2

3/3@3T3v3

3"4.494F4|4

6)616J6|6

7"7-757;7C7Y7a7

8#8(8-82878=8E8R8i8

9 9&9.9D9I9

:;:F:L:

D0I0h0w0

0"1E1R1^1f1n1z1

2"2.272<2B2L2U2`2n2s2y2

3*404a4

6K6T6m6

7)757C7~7

395@;~<

Texas1

Houston1

SSL Corp1705

.SSL.com EV Code Signing Intermediate CA RSA R30

221206161101Z

241204163454Z0

Newport Pagnell1'0%

SYSDEV LABORATORIES UK LIMITED1

143809981'0%

SYSDEV LABORATORIES UK LIMITED1

Private Organization1

X:Q"}W

?http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer0_

https://www.ssl.com/repository0

?http://crls.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.crl0

&t7X(u

1Zn7IY

Texas1

Houston1

SSL Corporation1705

.SSL.com EV Root Certification Authority RSA R20

190326174423Z

340322174423Z0{1

Texas1

Houston1

SSL Corp1705

.SSL.com EV Code Signing Intermediate CA RSA R30

2i!gFmW_

>http://www.ssl.com/repository/SSLcom-RootCA-EV-RSA-4096-R2.crt0

http://ocsps.ssl.com0

4http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl0

6<U)C]6I

Texas1

Houston1

SSL Corp1705

.SSL.com EV Code Signing Intermediate CA RSA R3

http://www.sysdevlabs.com/0

Gk@NX6

20240111084557Z0

Texas1

Houston1

SSL Corp1/0-

&SSL.com Timestamping Issuing RSA CA R10

221209183051Z

321206183050Z0k1

Texas1

Houston1

SSL Corp1'0%

SSL.com Timestamping Unit 20220Y0

5http://cert.ssl.com/SSL.com-timeStamping-I-RSA-R1.cer0Q

https://www.ssl.com/repository0

5http://crls.ssl.com/SSL.com-timeStamping-I-RSA-R1.crl0

&>X""U

Texas1

Houston1

SSL Corporation110/

(SSL.com Root Certification Authority RSA0

191113185005Z

341112185005Z0s1

Texas1

Houston1

SSL Corp1/0-

&SSL.com Timestamping Issuing RSA CA R10

AM/pn*f

jWZX:<

Ehttp://www.ssl.com/repository/SSLcomRootCertificationAuthorityRSA.crt0

http://ocsps.ssl.com0?

https://www.ssl.com/repository0

*http://crls.ssl.com/ssl.com-rsa-RootCA.crl0

Texas1

Houston1

SSL Corp1/0-

&SSL.com Timestamping Issuing RSA CA R1

240111084557Z0(

Texas1

Houston1

SSL Corp1/0-

&SSL.com Timestamping Issuing RSA CA R1

Kernel32.dll

ADMQCMD

CABINET

EXTRACTOPT

FILESIZES

FINISHMSG

LICENSE

PACKINSTSPACE

POSTRUNPROGRAM

REBOOT

RUNPROGRAM

SHOWWINDOW

UPROMPT

USRQCMD

MS Shell Dlg

msctls_progress32

SysListView32

MS Shell Dlg