!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
cbReserved2
lpReserved2
<Module>
PROTECT_FROM_CLOSE
PROCESS_INFORMATION
STARTUPINFO
SECURITY_ATTRIBUTES
HANDLE_FLAGS
INHERIT
STARTUPINFOEX
value__
SetQuota
mscorlib
get_Id
dwThreadId
parentProcessId
dwProcessId
processId
VirtualMemoryRead
CreateThread
hThread
lpReserved
hSourceHandle
CloseHandle
DuplicateHandle
hSourceProcessHandle
hTargetProcessHandle
lpTargetHandle
bInheritHandle
handle
lpTitle
set_ServiceName
lpApplicationName
GetProcessesByName
lpCommandLine
ValueType
Terminate
VirtualMemoryWrite
UpdateProcThreadAttribute
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
dwFillAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
FlagsAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
lpValue
lpPreviousValue
GetTrustedInstaller.exe
dwXSize
dwYSize
get_Size
cbSize
lpReturnSize
lpSize
Synchronize
SizeOf
System.Runtime.Versioning
ToString
binaryPath
nLength
dwMask
AllocHGlobal
Marshal
kernel32.dll
Program
System
QueryLimitedInformation
SetHandleInformation
lpProcessInformation
SetInformation
QueryInformation
VirtualMemoryOperation
System.Reflection
lpStartupInfo
lpDesktop
GetTrustedInstaller
ServiceController
hStdError
lpSecurityDescriptor
WriteIntPtr
System.Diagnostics
milliseconds
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
bInheritHandles
lpThreadAttributes
lpProcessAttributes
dwCreationFlags
ProcessAccessFlags
dwFlags
dwOptions
dwXCountChars
dwYCountChars
dwDesiredAccess
processAccess
System.ServiceProcess
CreateProcess
hProcess
OpenProcess
get_Status
ServiceControllerStatus
WaitForSingleObject
hObject
op_Explicit
lpEnvironment
dwAttributeCount
InitializeProcThreadAttributeList
lpAttributeList
hStdInput
hStdOutput
wShowWindow
IamYourDaddy
lpCurrentDirectory
WrapNonExceptionThrows
FireEye xagt
!FireEye xagt notification service
Copyright
2019
$629f86e6-44fe-4c9c-b043-1c9b64be6d5a
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
RSDS]A
D:\GetTrustedInstaller\GetTrustedInstaller\obj\Release\GetTrustedInstaller.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="utf-8"?>
<assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}" />
</application>
</compatibility>
</assembly>
TrustedInstaller
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
FireEye xagt notification service
CompanyName
FileDescription
FireEye xagt
FileVersion
1.0.0.0
InternalName
GetTrustedInstaller.exe
LegalCopyright
Copyright
2019
LegalTrademarks
OriginalFilename
GetTrustedInstaller.exe
ProductName
FireEye xagt
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0