Static | ZeroBOX

PE Compile Time

2024-02-01 10:52:43

PE Imphash

cc12e3f394a2cfaeb0c35364d40acf00

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0003419e 0x00034200 5.89624518607
.rdata 0x00036000 0x0000a7b4 0x0000a800 5.40390528466
.data 0x00041000 0x00029690 0x00025e00 2.89154857757
.pdata 0x0006b000 0x000019ec 0x00001a00 5.46624911269
.rsrc 0x0006d000 0x000002f0 0x00000400 4.27699897542
.reloc 0x0006e000 0x00000d04 0x00000e00 3.90868353766

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x0006d060 0x00000290 LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, ASCII text, with CRLF line terminators

Imports

Library KERNEL32.dll:
0x140036000 WaitForSingleObject
0x140036008 GetWindowsDirectoryW
0x140036010 GetTempPathW
0x140036018 OpenEventW
0x140036020 LoadLibraryW
0x140036028 TerminateProcess
0x140036030 ExitProcess
0x140036038 lstrcpyW
0x140036040 lstrlenW
0x140036048 GetCurrentProcess
0x140036050 GetSystemDirectoryW
0x140036058 GetModuleFileNameW
0x140036060 LocalFree
0x140036068 CreateProcessW
0x140036070 LocalAlloc
0x140036078 lstrcmpiW
0x140036080 lstrcpyA
0x140036088 CloseHandle
0x140036090 GetLastError
0x140036098 GetProcAddress
0x1400360a0 GetModuleHandleW
0x1400360a8 lstrlenA
0x1400360b0 FileTimeToSystemTime
0x1400360b8 CreateThread
0x1400360c0 lstrcmpA
0x1400360c8 SetEvent
0x1400360d0 WaitForMultipleObjects
0x1400360d8 CreateMutexW
0x1400360e0 OpenMutexW
0x1400360e8 GetModuleHandleA
0x1400360f0 VirtualProtect
0x1400360f8 VirtualAlloc
0x140036100 VirtualFree
0x140036108 LoadLibraryA
0x140036110 ReadFile
0x140036118 GetFileSize
0x140036120 CreateFileW
0x140036128 CreateEventW
0x140036130 GetTickCount64
0x140036138 GetCurrentProcessId
0x140036140 ReleaseMutex
0x140036148 Sleep
0x140036150 HeapReAlloc
0x140036158 WriteConsoleW
0x140036160 SetStdHandle
0x140036168 LCMapStringW
0x140036170 GetStringTypeW
0x140036178 HeapSize
0x140036180 MultiByteToWideChar
0x140036188 LeaveCriticalSection
0x140036190 EnterCriticalSection
0x140036198 GetConsoleMode
0x1400361a0 GetConsoleCP
0x1400361a8 SetFilePointer
0x1400361b0 GetSystemTimeAsFileTime
0x1400361b8 GetTickCount
0x1400361c0 FlushFileBuffers
0x1400361c8 RtlLookupFunctionEntry
0x1400361d0 RtlUnwindEx
0x1400361d8 RaiseException
0x1400361e0 RtlPcToFileHeader
0x1400361e8 GetCommandLineA
0x1400361f0 GetStartupInfoW
0x1400361f8 DecodePointer
0x140036200 UnhandledExceptionFilter
0x140036210 IsDebuggerPresent
0x140036218 RtlVirtualUnwind
0x140036220 RtlCaptureContext
0x140036228 EncodePointer
0x140036230 FlsGetValue
0x140036238 FlsSetValue
0x140036240 FlsFree
0x140036248 SetLastError
0x140036250 GetCurrentThreadId
0x140036258 FlsAlloc
0x140036260 HeapFree
0x140036268 HeapAlloc
0x140036270 GetCPInfo
0x140036278 GetACP
0x140036280 GetOEMCP
0x140036288 IsValidCodePage
0x140036290 WriteFile
0x140036298 GetStdHandle
0x1400362a0 GetModuleFileNameA
0x1400362a8 FreeEnvironmentStringsW
0x1400362b0 WideCharToMultiByte
0x1400362b8 GetEnvironmentStringsW
0x1400362c0 SetHandleCount
0x1400362d0 GetFileType
0x1400362d8 DeleteCriticalSection
0x1400362e0 HeapSetInformation
0x1400362e8 GetVersion
0x1400362f0 HeapCreate
0x1400362f8 QueryPerformanceCounter
Library USER32.dll:
0x140036330 DispatchMessageW
0x140036338 wsprintfW
0x140036340 DefWindowProcW
0x140036348 RegisterClassW
0x140036350 GetMessageW
0x140036358 TranslateMessage
0x140036360 wsprintfA
0x140036368 DestroyWindow
0x140036370 UnregisterClassW
0x140036378 PostMessageW
0x140036380 CreateWindowExW
Library ole32.dll:
0x140036390 CoCreateInstance
Library OLEAUT32.dll:
0x140036308 VariantClear
0x140036310 VariantInit
0x140036318 SysFreeString
0x140036320 SysAllocString

!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.rsrc
@.reloc
D$8H9D$0t
D$8HcD$8H
HcD$XH
HcD$XH
HcD$XL
HcD$X3
s0HcD$lH
HcD$lH
D$l9D$xu1H
D$@HcD$@3
s0HcD$lH
HcD$lH
HcD$ Hi
HcD$ Hi
HcL$$Hk
t-HcD$ Hi
HcL$$Hk
HcD$ Hi
HcL$$Hk
HcD$ Hi
HcL$$Hk
HcD$ Hi
HcL$$Hk
HcD$ Hi
HcL$$Hk
HcD$ Hi
HcL$$Hk
tXHcD$ Hi
HcL$$Hk
HcD$ Hi
HcL$$Hk
HcD$ Hi
t2HcD$ Hi
T$(HcD$ Hi
HcD$ Hi
t!HcD$ Hi
T$0HcD$ Hi
HcD$ Hi
|$`uHH
}fHcD$`Hi
uEHcD$`Hi
D$0Hc@<H
D$(HcD$0H
HcL$HH
H+L$(D
D$hHcD$hH
HcD$0H
HcD$hH
D$XHcD$hH
D$X9D$l}$H
D$\9D$p}'
HcL$DH
HcL$DH
D$,9D$X}$H
D$09D$\}'
D$(HcD$HH
H+D$(D
HcD$h3
D$XHcD$h3
D$X9D$l}$H
D$\9D$p}'
D$4HcL$DH
D$4HcL$DH
D$,9D$X}$H
D$09D$\}'
D$X9D$H}
D$ 9D$$};HcD$$H
HcD$$H
D$8HcD$43
D$,HcD$43
D$,9D$<}$H
D$09D$@}'
D$$9D$ t
D$ 9D$(})HcD$(H
HcL$(H
D$ Hc@<H
9D$`}zH
D$(9D$Lt
D$`9D$Hu
D$H9D$Xu
D$`Hc@<H
HcD$|H
HcD$|H
HcD$|H
HcD$|H
D$(Hc@<H
D$@9D$P}UHcD$PH
u=HcD$PH
D$HHc@<H
D$hHcD$`H
HcD$`H
HcD$pH
uFHcD$pH
D$ HcD$xHcL$hH
HcD$hHcL$ H
H9D$(s
H+D$HH;D$ s
H9D$ w
H;D$Xs
H;D$ s
D$XH9D$ s
H9D$Pw
D$XH9D$Pt2H
D$HH9D$@t
}NHcD$@H
HcL$@H
HcL$@H
|$`@}Q
HcL$`H
D$ HcD$ H;
HcD$ H
HcL$ H
HcD$hL
D$T9D$X}_H
D$(9D$8u
HcD$lH
HcD$lH
D$H9D$Xu
tOHcD$XL
~\HcD$(H
HcD$tH
D$(HcD$(H
D$ Hc@<H
D$ Hc@<H
D$ Hc@<H
9D$`}zH
9D$`}zH
HcD$\H
HcD$\H
HcD$\H
HcD$\H
D$`Hc@<H
HcD$pH
uFHcD$pH
D$0Hc@<H
D$ Hc@<H
D$(Hc@<H
D$89D$H}UHcD$HH
u=HcD$HH
D$(Hc@<H
D$@9D$P}UHcD$PH
u=HcD$PH
D$@Hc@<H
D$hHcD$\H
HcD$\H
D$H9D$Xu
D$,9D$0}
D$(9D$4}9HcD$4H
HcD$4H
D$,9D$0}
D$(9D$4}=HcD$4H
HcD$4H
D$$9D$ t
D$ 9D$(})HcD$(H
HcL$(H
D$X9D$H}
D$ 9D$$};HcD$$H
HcD$$H
HcD$<Hk
HcD$<Hk
HcD$<Hk
t4HcD$<Hk
HcD$<Hk
HcD$<Hk
t4HcD$<Hk
HcD$<Hk
HcD$<Hk
HcL$<Hk
tvHcD$<Hk
HcD$<Hk
HcD$<Hk
HcD$<Hk
HcD$<Hk
HcD$<Hk
HcD$<Hk
HcD$<Hk
t4HcD$<Hk
HcD$<Hk
HcD$<Hk
t4HcD$<Hk
HcD$<Hk
HcD$<Hk
HcL$<Hk
tvHcD$<Hk
HcD$<Hk
HcD$<Hk
HcD$<Hk
HcD$<Hk
HcD$<Hk
HcD$<Hk
HcD$<Hk
D$$HcD$(H
D$$HcD$(H
D$@HcD$DH
D$@HcD$DH
9D$`s*
HcD$$Hk
HcD$$Hk
HcD$$Hk
HcD$$Hk
t HcD$$Hk
HcD$$Hk
HcD$$Hk
HcD$$Hk
HcD$$Hk
HcD$$Hk
HcD$$Hk
H9D$`v
D$(H9D$0uAH
D$@H9D$Xw
D$@H9D$X
H9D$XvLH
D$0H9D$X
H9D$Xwi
D$8H9D$(
D$HH9D$(wR
L$ USVWH
t$ WATAUAVAWH
A_A^A]A\_
p WATAUH
A]A\_
WATAUH
A]A\_
@USVWATAUAVAWH
A_A^A]A\_^[]
fffffff
fffffff
L$ USVWH
|$ UATAUAVAWH
A_A^A]A\]
WATAUH
A]A\_
UVWATAUAVAWH
9D$XufE
A_A^A]A\_^]
SVWATAUAVAWH
0A_A^A]A\_^[
WATAUAVAWH
A_A^A]A\_
@SVWATAUAVAWH
L!l$HL!l$@
D$PL9oXt
D$8HcH
A_A^A]A\_^[
ATAUAVH
0A^A]A\
VWATAUAVH
A^A]A\_^
UVWATAUAVAWH
`A_A^A]A\_^]
UVWATAUAVAWH
E9,$~T3
A_A^A]A\_^]
WATAVH
@A^A\_
WATAUAVAWH
A_A^A]A\_
ATAUAVH
A^A]A\
WATAUH
A]A\_
UVWATAUAVAWH
D$HD9T$\
t$pD+d$HD+
9D$Ttg
A_A^A]A\_^]
UVWATAUAVAWH
A_A^A]A\_^]
UVWATAUH
D$&8\$&t-8X
@A]A\_^]
WATAUAVAWH
@A_A^A]A\_
t$ WATAUH
x ATAUAVH
A^A]A\
Hct$@H
s\HcL$HH
ATAUAVH
fD9t$b
A^A]A\
VWATAUAVH
A^A]A\_^
\$ UVWATAUAVAWH
!|$DHc
|$DD9d$X
f;D$@ug
f;D$@uD
H!\$ H
HcD$HH;
H!\$ H
HcD$HH;
H!|$ L
A_A^A]A\_^]
VWATAUAVH
A^A]A\_^
l$ VWATH
9\$ ~>H
D8"u%H
LcA<E3
L$ UVWH
@UATAUAVAWH
!t$(H!t$ A
A_A^A]A\]
@UATAUAVAWH
A_A^A]A\]
WATAUAVAWH
0A_A^A]A\_
@SUVWATAUAVH
PA^A]A\_^][
ATAUAWH
0A_A]A\
x ATAUAWH
A_A]A\
D8d$Ht
@SUVWH
UATAUAVAWH
gfffffffH
A_A^A]A\]
@8|$8t
@8t$8t
@SUVWH
@SUVWATH
A\_^][
@USVWH
UVWATAUAVAWH
`A_A^A]A\_^]
UVWATAUAVAWH
`A_A^A]A\_^]
UVWATAUAVAWH
A_A^A]A\_^]
UVWATAUAVAWH
A_A^A]A\_^]
x ATAUAWH
A_A]A\
EPH9E t
H(H9J(u
L-z,}Y~S
L-z,}Y~S
L-z,}Y~S
DLLCFG
@echo off
cmd /c start "" "%S%S" %S
NtCreateSection
NtMapViewOfSection
RtlCreateUserThread
NtUnmapViewOfSection
NtClose
LoadLibraryW
GetProcAddress
LoadLibraryA
LocalAlloc
VirtualAlloc
LocalFree
CloseHandle
VirtualFree
MessageBoxW
VirtualProtect
NtCreateSection
NtMapViewOfSection
RtlCreateUserThread
NtUnmapViewOfSection
NtClose
LoadLibraryW
GetProcAddress
LoadLibraryA
LocalAlloc
VirtualAlloc
LocalFree
CloseHandle
VirtualFree
MessageBoxW
VirtualProtect
L-z,}Y~S
L-z,}Y~S
RtlDecompressBuffer
RtlGetCompressionWorkSpaceSize
L-z,}Y~S
L-z,}Y~S
L-z,}Y~S
RtlTimeToSecondsSince1970
L-z,}Y~S
vector<T> too long
expand 32-byte k
L-z,}Y~S
L-z,}Y~S
L-z,}Y~S
RtlGetVersion
L-z,}Y~S
L-z,}Y~S
L-z,}Y~S
L-z,}Y~S
RtlGetVersion
RtlGetVersion
L-z,}Y~S
L-z,}Y~S
NKagj(h
bad allocation
Unknown exception
bad exception
(null)
`h````
xpxxxx
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
CorExitProcess
Complete Object Locator'
Class Hierarchy Descriptor'
Base Class Array'
Base Class Descriptor at (
Type Descriptor'
`local static thread guard'
`managed vector copy constructor iterator'
`vector vbase copy constructor iterator'
`vector copy constructor iterator'
`dynamic atexit destructor for '
`dynamic initializer for '
`eh vector vbase copy constructor iterator'
`eh vector copy constructor iterator'
`managed vector destructor iterator'
`managed vector constructor iterator'
`placement delete[] closure'
`placement delete closure'
`omni callsig'
delete[]
new[]
`local vftable constructor closure'
`local vftable'
`udt returning'
`copy constructor closure'
`eh vector vbase constructor iterator'
`eh vector destructor iterator'
`eh vector constructor iterator'
`virtual displacement map'
`vector vbase constructor iterator'
`vector destructor iterator'
`vector constructor iterator'
`scalar deleting destructor'
`default constructor closure'
`vector deleting destructor'
`vbase destructor'
`string'
`local static guard'
`typeof'
`vcall'
`vbtable'
`vftable'
operator
delete
__unaligned
__restrict
__ptr64
__eabi
__clrcall
__fastcall
__thiscall
__stdcall
__pascal
__cdecl
__based(
 !"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
GetProcessWindowStation
GetUserObjectInformationW
GetLastActivePopup
GetActiveWindow
MessageBoxW
`h`hhh
xppwpp
1#QNAN
1#SNAN
WaitForSingleObject
GetWindowsDirectoryW
GetTempPathW
OpenEventW
LoadLibraryW
TerminateProcess
ExitProcess
lstrcpyW
lstrlenW
GetCurrentProcess
GetSystemDirectoryW
GetModuleFileNameW
LocalFree
CreateProcessW
LocalAlloc
lstrcmpiW
lstrcpyA
CloseHandle
GetLastError
GetProcAddress
GetModuleHandleW
lstrlenA
FileTimeToSystemTime
CreateThread
lstrcmpA
SetEvent
WaitForMultipleObjects
CreateMutexW
OpenMutexW
GetModuleHandleA
VirtualProtect
VirtualAlloc
VirtualFree
LoadLibraryA
ReadFile
GetFileSize
CreateFileW
CreateEventW
GetTickCount64
GetCurrentProcessId
ReleaseMutex
KERNEL32.dll
wsprintfW
CreateWindowExW
PostMessageW
UnregisterClassW
DestroyWindow
DispatchMessageW
TranslateMessage
GetMessageW
RegisterClassW
DefWindowProcW
wsprintfA
USER32.dll
CoCreateInstance
ole32.dll
OLEAUT32.dll
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
GetCommandLineA
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapFree
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapSetInformation
GetVersion
HeapCreate
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
HeapSize
GetStringTypeW
LCMapStringW
SetStdHandle
WriteConsoleW
HeapReAlloc
FlushFileBuffers
!This program cannot be run
in DOS mode.
ec&Rich2
`.rdat
@.reloc
USVWH
u7Ardq
J A]A\2
NA_A^A
\UJU1AHq
1AAUC%
;7sUr7
kAsHI
(HDp0G\
Hct$@H
t4Iq +
D9d &
3q2q5q5
AD$p2hU
D$V!hp H
D$&8\$&t-
WATAUE%0
0A_A^A]A
bWA}M+
D$(BBA
!t$(Haf A
uPT|bj
tAH1h8
u,q5a<
Zq5aVWa<tN
CorExitProcess
da@Bb,!
I/c@/q
DaPcaPm
&cSaPpq@ea
gqPsq@
FaPbq uc
tqPra@ay
Fq ii@Ta
uq si@
TqPZuj
ni@SqP
bas@dv
HH:mm:B7
dddd, MMMM "jyyy
MM/dd/
Decembe"
OctoB$Sept6
ebruar
JanW!0
Thurs'o
WedneY&Tu$RMon#o
`h````
xpxxxx
SQ0 aPrq
Aq@taPm
s q@o!
uq0R&MS0L!
2idaP
c a R`
vhaP q eq0ua
/a0lq )!
fqPna0Fn
iy`nq0tq uc0
"'htDc
R&CQ T!
"Riaa
iPh&wa
pqP$bva
rq@Rfl!
cBcbn2c
aP2rTb
mqPlq@
rhq ea
"bac@Bgta
2'baPVh
i*Rhbn
i*aq rsmaPnq@s
hB'sqP
cq oq0
Q RiBn
"hgq aa
kR&Rikc
RRiHnEq "h
"hvt:!
 !"#$%&'()*+,-./0123456789:;<=
>?@abcdefghijklmnopqrstuvwxyz[\
]^_`pE
AABCDEFGHIJKL
MNOPQRSTUVWXYZ
uWindow
Station
UserObjectInformc/W
stActivePopup
M!EageBoxt
UQ0EQ
xppwpp
CreateuJq
KERNEL32.dl
CurrentThA6dIA
FlsSetValue
ommandLineA
iinter
ledExcep"
IsDebuggerPres1
RtlVirt
ualUnwinA
TLookupFunA/onEntR
ptureCo
Terminh#
gError
rJAddA$
ModuleHs
zCount
InitializeCr
/calS1B
AndSpinT
AEnvironmentStringsW
CharToMultiByte
DeA5oy
QueryPer
E&rJ!E
Sys!:Ti
onsoleCP
A>!%MM
LeavD
yidCodePq
LCMapD7q
WQ Clos
Buff!U
DXGI.DLLA`plyComp
D3D10C
D6eviceh
LayeredD
eclareAdap!%Removq
umpJourna
#6In!%face
figura"
DllMain
PIXB1nCarurYi
UdS!c\i
Q!atT
Upda#HMDEmu
lc/B$u9h a
+ 1+0UU
!+@Q+PA+`q+pa+
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
LoadLibraryW
LocalAlloc
GetModuleHandleW
GetModuleFileNameW
lstrcpyW
lstrcpyA
VirtualFree
LocalFree
VirtualProtect
GetCurrentProcessId
GetCurrentThreadId
CloseHandle
CreateToolhelp32Snapshot
Thread32First
OpenThread
SuspendThread
ResumeThread
Thread32Next
CreateFileW
GetFileSize
ReadFile
lstrcmpA
VirtualAlloc
lstrcmpiW
GetProcAddress
.?AVbad_alloc@std@@
.?AVexception@std@@
94.156.8.44
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVtype_info@@
.?AVbad_exception@std@@
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AV_com_error@@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<dependency>
<dependentAssembly>
<assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*"/>
</dependentAssembly>
</dependency>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel
level="asInvoker"
uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
NTDLL.DLL
KERNEL32.DLL
DBGHELP.DLL
USER32.DLL
WIN32U.DLL
%s\explorer.exe
%s\svchost.exe
%s\cmd.exe
SOFTWARE\%s
HWID_%s
SOFTWARE\%s
SOFTWARE\%s
default
SOFTWARE\%s
SOFTWARE\%s
SOFTWARE\%s
SOFTWARE\%s
SOFTWARE\%s
%s\explorer.exe
%s\svchost.exe
%s\cmd.exe
%s\cmd.exe
%s\%S.DLL
\\?\%s
%s\System32
\\?\%s
%s\System32
\\?\%s
%s\System32
%s\*.*
%s\explorer.exe
%s\svchost.exe
%s\cmd.exe
"%s%s" %s
"%s%s"
"%s%s" %s
Software\%s
Software\%s
"%s" %s
%s.EXE
Software\%s
Software\%s
Software\%s
Software\%s
Software\%s
Software\%s
%s\%s.lnk
%s\%s\%s.bat
%s%s %s
Software\Microsoft\Windows\CurrentVersion\Run
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Software\Microsoft\Windows\CurrentVersion\Run
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
%s\%s\
NTDLL.DLL
eKERNEL32.DLL
KERNEL32.DLL
USER32.DLL
"%s%s" %s
Software\%s
%s\%s.lnk
%s\%s\%s.BAT
NTDLL.DLL
eKERNEL32.DLL
KERNEL32.DLL
USER32.DLL
%s\EXPLORER.EXE
%s\SVCHOST.EXE
%s\CMD.EXE
'%s%s'
'%s%s'
'%s%s'
'%s%s'
'%s%s'
NTDLL.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
%s\%s.DLL
%s.DLL
NTDLL.DLL
KERNEL32.DLL
USER32.DLL
GDI32.DLL
ADVAPI32.DLL
SHLWAPI.DLL
SHELL32.DLL
OLE32.DLL
WINHTTP.DLL
WTSAPI32.DLL
WS2_32.DLL
GDIPLUS.DLL
MSI.DLL
WINMM.DLL
DBGHELP.DLL
SECUR32.DLL
CRYPT32.DLL
application/octet-stream
text/plain
application/octet-stream
text/plain
NTDLL.DLL
KERNEL32.DLL
ADVAPI32.DLL
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:64.0) Gecko/20100101 Firefox/64.0
KERNEL32.DLL
Microsoft Enhanced RSA and AES Cryptographic Provider
S:(ML;;NW;;;LW)
"%s%s"
NTDLL.DLL
NTDLL.DLL
%s [%d]
(null)
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
mscoree.dll
runtime error
TLOSS error
SING error
DOMAIN error
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
- abort() has been called
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program:
((((( H
h(((( H
H
USER32.DLL
CONOUT$
ree.dl
SeDebugPrivilege
SwiftCryptV2
Winhlpr
Winhlpr
UNLOAD.TXT
{B80CD3C5-CDF8-48B2-9A45-B9F8D6C2640F}
{CFE36BE9-C94B-4FD5-9556-12D4063D9BB1}
{7C0B9E9B-697A-411F-AAD5-4161D6CC0088}
{CAF9B6D9-C86E-4918-B086-2C9632C0EA4D}
{1EC6D868-33A6-4FF8-8AA0-E98EADC62947}
{B9B76EA2-8ADC-44B1-91C3-DA01FBF1F862}
{1CA62CA1-E295-43F2-AA88-45AC62160089}
{9791F053-4C7E-4DF9-A06D-83B01D03DC8C}
{9BE64BAD-1891-4B20-8971-56F217AE3D2C}
{3521B663-DC93-4777-B703-75F25B5CBCD6}
{80654290-66E5-43FD-9DF4-61D389DA7A6A}
{2CF8ECB2-20D8-47F4-88C3-1E4D1B2F6C87}
{04730BC8-666A-42AA-B6F9-B3A2F09381FB}
{682EDA49-C0EB-40AD-A447-EF4473EAB0F8}
{D061CDFB-C214-4E3D-B80C-420FFA81BE6F}
{D16DEFC5-3CC3-4233-9EE6-2FF1A6003987}
{2B9AD583-A3A2-4056-861E-760BBFD17B17}
{91BB2696-36F7-4091-9439-AC491C3B48B2}
{366A6C34-15CC-4E31-8485-1D682FA05E2E}
{2EE86104-B106-45F3-B793-AA19784F65DF}
{98E344E8-9044-4303-B1F6-557072821242}
{9183894A-61EC-43CE-A1F3-032652A10E83}
{964CE8E7-798B-456F-98DF-E7027F93E143}
{718F6FD9-DBA7-422C-963A-46BF241F79AD}
{6A5F6C06-AA1B-4B03-B775-3FBA237C64F6}
{919B473F-01BF-4676-89E9-D609AA8E2167}
{AD4CD794-B455-46B0-85DA-84FEE04A43B3}
{DF3F90E5-863A-4EE5-BF1B-AAC944BE7A5E}
{8634399D-4F77-4467-9964-700BFE46E570}
{090ABF0E-2249-4D2C-B134-D707138193C8}
{BCBBAD5A-D502-40AC-AE08-3247E1405A57}
{6F4DB3E2-16DB-4F6B-A922-BA7523F0C5D9}
{A73EDB23-2790-4A4B-910B-7356349DB056}
{170A0D30-222C-4222-94DE-5DA10C254260}
{A356C5F8-AA89-46BA-B46E-8AE371E795F7}
{B0E87B1F-489F-4273-A905-5FDF6D9FCAC9}
{EFB2E7E6-9A8F-45E4-B22B-02A7B68B29ED}
{838EC890-8755-480E-8EDD-02E4F6B09115}
{38A49E17-5355-4143-B045-E964931BE0D9}
{1F1FCB09-6045-4200-85F5-7AB9848D0721}
{F3E25DAE-7667-468E-B476-7CF1138BF220}
{BA79AA96-D788-4D3C-A0F8-7F650EA8F32A}
{CC682B5D-FE11-4217-9920-898A7848157F}
{334542D6-83BA-46ED-B885-5E55E75816E2}
{E2FFFF12-0760-4667-B787-79F39FE9E0F3}
{3AEF83B3-C226-4872-B6B0-B2576CC9EC0D}
{CF772247-0B16-4475-9F8E-6B7CFDD5E4EA}
{50148C79-4764-45BF-B031-3D8BB167D7CA}
{26A6E340-4A99-4341-BF8F-F2F9C34B3F6A}
{25247CC7-1EEF-4861-8715-E3028CB8BAA5}
{36C923E2-FCC9-463F-8876-62401449909F}
{67959FBF-D749-424D-9F54-67BF8040384A}
{16FA3F6F-5DBC-414E-A7DA-397E0D254D68}
{157423F1-7C60-4532-A0C0-B097CF0C25B6}
{3E8A3791-0E2A-4982-9001-6DAAEE473F3C}
{4FE4DB01-988D-473B-BF54-3924FD53FEA0}
{A30823DA-5C40-4F7A-9734-636FDEAA338F}
{EAD1AD8C-4E7A-418D-8903-0C5D28D6D749}
{6CE46125-4D64-4653-9C3D-F52EFBEA8C8A}
{F29AFE3B-5B30-4B81-8581-6F52256C2F24}
{A41428DB-42B0-48EF-AF6F-C76D656DF32D}
{A230AA79-2A2C-43F8-B9DE-7A91BD3CFD64}
{E89907A0-FA0B-4939-A884-CE8DB638A697}
{432DAD5E-AF23-4659-B1F9-EC63E72D2902}
{5CFFDC0E-E3EC-4E41-8148-7F924F6B38B8}
{86DB1D66-443B-44C4-81F6-D234A8CDF42D}
{B3805A21-3C01-4CEE-8A38-6AA8DFF1E6A9}
{A1F2B23C-7FDB-4A45-88F0-AFDF0ED4695F}
{D1814E6B-C134-455A-92CC-F3A93D4D4B88}
{EB500F9F-0B5B-4D8F-A108-B655DB859E49}
{167BFC6E-DDC4-4B62-8C4B-50A9D59F9B6C}
{AD75B5CD-6F11-4415-AFF8-E16AD2C403CE}
{536176E8-6966-4987-B697-2B5638E1E1B3}
{F0BABA1C-0A42-4DE7-AEC0-6F13AD7E45D9}
{C057FC1C-4961-4C2C-A8F1-9D0DCEDDA1A2}
{A76C56EA-994D-4DE9-A618-610ADA52354D}
{B305B42A-56EC-4943-BCC7-F6C10A045CF3}
{AD20F939-EAF0-488F-AC05-C088103005F0}
{27FE4AB3-46A3-42DB-8D60-B989D6002935}
{EA174392-8D85-496B-9ADD-D8A02554BB35}
{87D8BAB7-AE77-4A2F-BD1B-2E6D98F8AAB7}
{B724A0EA-4C17-46C9-A262-E916DB93BC86}
{77DEABA3-D0CE-482B-94D1-1C929261D00C}
{ED28857C-2CE1-44A2-ACD5-5CB9725BAE8F}
{2360CE7D-774A-4921-8845-0B1D8DC7F1BC}
{BBC14E44-B3AB-4BEE-928B-997E2C2B502A}
{B8726A40-693D-4360-8EE5-A3B152D81086}
{245CBE4A-E710-4BC0-9A19-E636BFBCEB54}
{08DC3EC7-5A10-45AB-A0E5-9178073AE765}
{0384D6C5-A438-4951-B790-46CF394739EF}
{3D1AEA52-A64A-45B6-8C00-0DC74AB434F5}
{EA7B3D39-CA4F-465A-B78B-78C4A34F4D20}
{2ADFAAF8-BDBA-4135-8891-8018287B48F5}
{827E0BBD-9260-4552-8D36-BDF45105B7A0}
{2B3B2252-0FCE-4FBC-8BE8-8ED8C8FE97E0}
{F5DA5199-2563-4E58-A012-3B9466075535}
{2855CCEF-4C70-491F-AE39-19D717835C2A}
{7547937D-2443-4DF5-BAB0-0B287CA8484C}
{F133D018-1C07-4F93-9658-C1F2294B9248}
{8D418E5D-D359-4271-B733-C526B12F5608}
{7B23029D-A7AE-4E93-916E-BAC829473D43}
{6CDB6427-0007-4EFB-9701-E1A81466A41A}
{F4ECA2F0-5DB9-41B6-80F0-F486B6CF9027}
{BDA0E43E-3529-401E-9BC3-8F499936E8DD}
{35E5F3A8-548F-4963-A18A-B8D39BB1510C}
{F2DE2F0A-4FE2-44FF-A6E4-3CD0E9BB0B87}
{6E9DBCA1-86DB-4617-BB43-1B25CED1796A}
{BD761F8C-077F-4918-8FEE-727BE1513FAA}
{2676C967-3843-47D2-84AC-A94CEB927606}
{7659B747-171B-4540-81B7-BEC0BC8AAF7F}
{8DAA06C7-9A10-45BD-B02F-F78361291D2B}
{413B78F6-B6FF-4751-AEAF-DD9A3D8B05FC}
{8C038F93-DED5-4287-B262-DB36BEF93B28}
{03E95B5B-EAC5-4B49-8C2B-DFC67C1251C2}
{AE4BF319-8DEE-427B-98AC-B2E8B2235CE3}
{5B5D2EFA-D0D6-45D3-88CE-C93EE232255C}
{DCF80461-2276-43DF-A969-053EA4FE2920}
{9A577344-1722-4385-86B1-50F308EA9BA8}
{C08B6F97-EF95-4C25-8BF8-052E97771149}
{EBBA55C6-B8E3-4628-92F8-C76F2D4607BC}
{BEC386A1-BE54-424E-B5DD-4D403F3D2100}
{60BD620C-6872-492A-8288-89A614336A18}
{D0ED7162-8CF6-4A5E-8198-77DAE9896435}
{5FE125D7-00A2-4077-99D5-4B4D0B98D8FA}
{C0D7289E-8624-4A69-B815-E665B31DBBF3}
{902F41EF-74DC-4B4D-AFB0-10DCDC9C58B8}
{5094B0E6-0AD2-49DE-A96C-CBACC7CC6AA0}
{BBF7EBB4-5D42-48CD-8A36-2DEB24A10716}
{7F797E27-E956-4A51-8EAD-8F5E6C39226C}
{E73AE39D-8288-4FAB-AD69-BFC9135F9271}
{02C1D497-3425-44FD-9836-7BA6426C5BE2}
{D96E2301-67E9-405A-AFEC-93BAF4C8B0B2}
{331B53C3-FC30-4961-BE82-4E14593DF0BE}
{F1A328CC-88C8-474A-811F-B1DA96B88193}
{9292930B-628C-46A7-8795-0E80D8D4A164}
{0198D29F-83D1-4689-80DC-4D1E42F1699E}
{703BE1A1-06CF-4156-BAE7-F6B1E0AA629A}
{807393D7-B61F-4B62-BC0B-CF4D9F75BB06}
{3E5F1CFD-1CE7-4AE6-9343-1FA71DAC0DBC}
No antivirus signatures available.
No IRMA results available.