popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2024-08-03 22:48:50

PE Imphash

46d8e48c13de471d4398c0067c490431

PEiD Signatures

Armadillo v1.71

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0012faf6 0x00130000 6.47135868633
.rdata 0x00131000 0x009565c8 0x00957000 7.02844723843
.data 0x00a88000 0x0005b5ea 0x0001c000 5.54192468018
.rsrc 0x00ae4000 0x0000a674 0x0000b000 4.34799876842

Resources

Name Offset Size Language Sub-language File type
TEXTINCLUDE 0x00ae4dac 0x00000151 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED C source, ASCII text, with CRLF line terminators
TEXTINCLUDE 0x00ae4dac 0x00000151 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED C source, ASCII text, with CRLF line terminators
TEXTINCLUDE 0x00ae4dac 0x00000151 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED C source, ASCII text, with CRLF line terminators
RT_CURSOR 0x00ae55b8 0x00000134 LANG_ITALIAN SUBLANG_ITALIAN data
RT_CURSOR 0x00ae55b8 0x00000134 LANG_ITALIAN SUBLANG_ITALIAN data
RT_CURSOR 0x00ae55b8 0x00000134 LANG_ITALIAN SUBLANG_ITALIAN data
RT_CURSOR 0x00ae55b8 0x00000134 LANG_ITALIAN SUBLANG_ITALIAN data
RT_CURSOR 0x00ae55b8 0x00000134 LANG_ITALIAN SUBLANG_ITALIAN data
RT_CURSOR 0x00ae55b8 0x00000134 LANG_ITALIAN SUBLANG_ITALIAN data
RT_CURSOR 0x00ae55b8 0x00000134 LANG_ITALIAN SUBLANG_ITALIAN data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_BITMAP 0x00ae7d44 0x00000144 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_ICON 0x00ae8298 0x00004228 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT of \200.DBF, blocks size 0, block length 16384, next free block index 40, next free block 4278190080, next used block 4278190080
RT_ICON 0x00ae8298 0x00004228 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT of \200.DBF, blocks size 0, block length 16384, next free block index 40, next free block 4278190080, next used block 4278190080
RT_ICON 0x00ae8298 0x00004228 LANG_NEUTRAL SUBLANG_NEUTRAL dBase IV DBT of \200.DBF, blocks size 0, block length 16384, next free block index 40, next free block 4278190080, next used block 4278190080
RT_MENU 0x00aec4cc 0x00000284 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_MENU 0x00aec4cc 0x00000284 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_DIALOG 0x00aed714 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_DIALOG 0x00aed714 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_DIALOG 0x00aed714 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_DIALOG 0x00aed714 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_DIALOG 0x00aed714 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_DIALOG 0x00aed714 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_DIALOG 0x00aed714 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_DIALOG 0x00aed714 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_DIALOG 0x00aed714 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_DIALOG 0x00aed714 0x0000018c LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_STRING 0x00aee15c 0x00000024 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_GROUP_CURSOR 0x00aee1e4 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED Lotus unknown worksheet or configuration, revision 0x2
RT_GROUP_CURSOR 0x00aee1e4 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED Lotus unknown worksheet or configuration, revision 0x2
RT_GROUP_CURSOR 0x00aee1e4 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED Lotus unknown worksheet or configuration, revision 0x2
RT_GROUP_CURSOR 0x00aee1e4 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED Lotus unknown worksheet or configuration, revision 0x2
RT_GROUP_CURSOR 0x00aee1e4 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED Lotus unknown worksheet or configuration, revision 0x2
RT_GROUP_CURSOR 0x00aee1e4 0x00000022 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED Lotus unknown worksheet or configuration, revision 0x2
RT_GROUP_ICON 0x00aee230 0x00000014 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_GROUP_ICON 0x00aee230 0x00000014 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_GROUP_ICON 0x00aee230 0x00000014 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_VERSION 0x00aee244 0x00000260 LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED data
RT_MANIFEST 0x00aee4a4 0x000001cd LANG_NEUTRAL SUBLANG_NEUTRAL XML 1.0 document, ASCII text, with very long lines, with no line terminators

Imports

Library WINMM.dll:
0x5316e0 midiStreamOut
0x5316e8 midiStreamProperty
0x5316ec midiStreamOpen
0x5316f4 waveOutOpen
0x5316f8 waveOutGetNumDevs
0x5316fc waveOutClose
0x531708 waveOutWrite
0x53170c waveOutPause
0x531710 waveOutReset
0x531714 midiStreamStop
0x531718 midiOutReset
0x53171c midiStreamClose
0x531720 midiStreamRestart
Library WS2_32.dll:
0x531738 WSAAsyncSelect
0x53173c send
0x531740 select
0x531744 WSACleanup
0x531748 WSAStartup
0x53174c inet_ntoa
0x531750 recvfrom
0x531754 ioctlsocket
0x531758 recv
0x53175c getpeername
0x531760 accept
0x531764 closesocket
Library RASAPI32.dll:
0x531408 RasHangUpA
Library KERNEL32.dll:
0x5311bc GetSystemDirectoryA
0x5311c0 SetLastError
0x5311c8 GetVersion
0x5311cc TerminateThread
0x5311d0 GetOEMCP
0x5311d4 GetCPInfo
0x5311d8 GetProcessVersion
0x5311dc SetErrorMode
0x5311e0 GlobalFlags
0x5311e4 GetCurrentThread
0x5311e8 GetFileTime
0x5311ec TlsGetValue
0x5311f0 LocalReAlloc
0x5311f4 TlsSetValue
0x5311f8 TlsFree
0x5311fc GlobalHandle
0x531200 TlsAlloc
0x531204 LocalAlloc
0x531208 lstrcmpA
0x53120c GlobalGetAtomNameA
0x531210 GlobalAddAtomA
0x531214 GlobalFindAtomA
0x531218 GlobalDeleteAtom
0x53121c lstrcmpiA
0x531220 SetEndOfFile
0x531224 UnlockFile
0x531228 LockFile
0x53122c FlushFileBuffers
0x531230 DuplicateHandle
0x531234 lstrcpynA
0x53123c LocalFree
0x531248 IsBadReadPtr
0x53124c IsBadCodePtr
0x531250 InterlockedExchange
0x531254 TerminateProcess
0x531258 GetCurrentProcess
0x53125c GetFileSize
0x531260 SetFilePointer
0x531264 CreateSemaphoreA
0x531268 ResumeThread
0x53126c ReleaseSemaphore
0x531278 GetProfileStringA
0x53127c WriteFile
0x531284 CreateFileA
0x531288 SetEvent
0x53128c FindResourceA
0x531290 LoadResource
0x531294 LockResource
0x531298 ReadFile
0x53129c RemoveDirectoryA
0x5312a0 GetModuleFileNameA
0x5312a4 GetCurrentThreadId
0x5312a8 ExitProcess
0x5312ac GlobalSize
0x5312b0 GlobalFree
0x5312bc lstrcatA
0x5312c0 lstrlenA
0x5312c4 WinExec
0x5312c8 lstrcpyA
0x5312cc FindNextFileA
0x5312d0 GlobalReAlloc
0x5312d4 HeapFree
0x5312d8 HeapReAlloc
0x5312dc GetProcessHeap
0x5312e0 HeapAlloc
0x5312e4 MultiByteToWideChar
0x5312e8 WideCharToMultiByte
0x5312ec GetFullPathNameA
0x5312f0 FreeLibrary
0x5312f4 LoadLibraryA
0x5312f8 GetLastError
0x5312fc GetVersionExA
0x531304 CreateThread
0x531308 CreateEventA
0x53130c Sleep
0x531314 GlobalAlloc
0x531318 GlobalLock
0x53131c GlobalUnlock
0x531320 GetTempPathA
0x531324 FindFirstFileA
0x531328 FindClose
0x53132c SetFileAttributesA
0x531330 GetFileAttributesA
0x531334 DeleteFileA
0x531338 CreateDirectoryA
0x531344 GetModuleHandleA
0x531348 CompareStringW
0x53134c GetProcAddress
0x531350 MulDiv
0x531354 GetCommandLineA
0x531358 GetTickCount
0x53135c CreateProcessA
0x531360 WaitForSingleObject
0x531364 CloseHandle
0x531368 GetStartupInfoA
0x53136c RtlUnwind
0x531370 GetSystemTime
0x531374 GetLocalTime
0x531378 RaiseException
0x53137c ReadConsoleInputA
0x531380 SetConsoleMode
0x531384 GetConsoleMode
0x531388 HeapSize
0x53138c GetACP
0x531390 SetStdHandle
0x531394 GetFileType
0x5313ac SetHandleCount
0x5313b0 GetStdHandle
0x5313b8 HeapDestroy
0x5313bc HeapCreate
0x5313c0 VirtualFree
0x5313c8 LCMapStringA
0x5313cc LCMapStringW
0x5313d0 VirtualAlloc
0x5313d4 IsBadWritePtr
0x5313dc GetStringTypeA
0x5313e0 GetStringTypeW
0x5313e4 CompareStringA
Library USER32.dll:
0x531424 PostQuitMessage
0x531428 IsZoomed
0x53142c GetClassInfoA
0x531430 DefWindowProcA
0x531434 GetSystemMenu
0x531438 DeleteMenu
0x53143c GetMenu
0x531440 SetMenu
0x531444 PeekMessageA
0x531448 IsIconic
0x53144c SetFocus
0x531450 GetActiveWindow
0x531454 GetWindow
0x53145c SetWindowRgn
0x531460 GetMessagePos
0x531468 GetKeyState
0x531470 IsWindowEnabled
0x531474 ShowWindow
0x53147c LoadImageA
0x531484 ClientToScreen
0x531488 EnableMenuItem
0x53148c GetSubMenu
0x531490 LoadStringA
0x531498 SetRectEmpty
0x53149c DispatchMessageA
0x5314a0 GetMessageA
0x5314a4 WindowFromPoint
0x5314a8 DrawFocusRect
0x5314ac DrawEdge
0x5314b0 DrawFrameControl
0x5314b4 TranslateMessage
0x5314b8 LoadIconA
0x5314bc GetDesktopWindow
0x5314c0 GetClassNameA
0x5314c4 UnregisterClassA
0x5314c8 GetDlgItem
0x5314cc GetWindowTextA
0x5314d0 ScreenToClient
0x5314d8 CopyRect
0x5314dc LoadBitmapA
0x5314e0 WinHelpA
0x5314e4 SetTimer
0x5314e8 ReleaseCapture
0x5314ec GetCapture
0x5314f0 SetCapture
0x5314f4 GetScrollRange
0x5314f8 SetScrollRange
0x5314fc SetScrollPos
0x531500 SetRect
0x531504 InflateRect
0x531508 IntersectRect
0x53150c DestroyIcon
0x531510 PtInRect
0x531514 OffsetRect
0x53151c SetMenuItemBitmaps
0x531520 CheckMenuItem
0x531524 IsDialogMessageA
0x531528 ScrollWindowEx
0x53152c GetDlgCtrlID
0x531530 SendDlgItemMessageA
0x531534 MapWindowPoints
0x531538 AdjustWindowRectEx
0x53153c GetScrollPos
0x531540 RegisterClassA
0x531544 CreateWindowExA
0x531548 GetClassLongA
0x53154c RemovePropA
0x531550 GetMessageTime
0x531554 GetLastActivePopup
0x53155c GetWindowPlacement
0x531560 GetNextDlgTabItem
0x531564 EndDialog
0x53156c DestroyWindow
0x531570 EndPaint
0x531574 BeginPaint
0x531578 CharUpperA
0x531580 IsWindowVisible
0x531584 EnableWindow
0x531588 RedrawWindow
0x53158c GetWindowLongA
0x531590 SetWindowLongA
0x531594 GetSysColor
0x531598 SetActiveWindow
0x53159c SetCursorPos
0x5315a0 LoadCursorA
0x5315a4 SetCursor
0x5315a8 GetDC
0x5315ac FillRect
0x5315b0 IsRectEmpty
0x5315b4 ReleaseDC
0x5315b8 IsChild
0x5315bc TrackPopupMenu
0x5315c0 DestroyMenu
0x5315c4 SetForegroundWindow
0x5315c8 GetWindowRect
0x5315cc EqualRect
0x5315d0 UpdateWindow
0x5315d4 ValidateRect
0x5315d8 InvalidateRect
0x5315dc GetClientRect
0x5315e0 GetFocus
0x5315e4 GetParent
0x5315e8 GetTopWindow
0x5315ec PostMessageA
0x5315f0 IsWindow
0x5315f4 SetParent
0x5315f8 DestroyCursor
0x5315fc SendMessageA
0x531600 SetWindowPos
0x531604 MessageBoxA
0x531608 GetCursorPos
0x53160c GetSystemMetrics
0x531610 EmptyClipboard
0x531614 SetClipboardData
0x531618 OpenClipboard
0x53161c GetClipboardData
0x531620 CloseClipboard
0x531624 wsprintfA
0x531628 WaitForInputIdle
0x531630 CreateMenu
0x531634 GetSysColorBrush
0x531638 ModifyMenuA
0x53163c AppendMenuA
0x531640 SetWindowTextA
0x531644 GetCursor
0x531648 DrawTextA
0x53164c SetPropA
0x531650 CallWindowProcA
0x531654 MoveWindow
0x531658 GetPropA
0x53165c FrameRect
0x531660 SetWindowsHookExA
0x531664 CallNextHookEx
0x531668 UnhookWindowsHookEx
0x53166c GetWindowDC
0x531670 WindowFromDC
0x531674 TabbedTextOutA
0x531678 GrayStringA
0x53167c DrawStateA
0x531684 GetMenuState
0x531688 GetMenuStringA
0x53168c GetMenuItemID
0x531690 GetMenuItemCount
0x531694 GetForegroundWindow
0x531698 CreatePopupMenu
0x53169c DrawIconEx
0x5316a8 KillTimer
0x5316ac EnumChildWindows
Library GDI32.dll:
0x531058 LineTo
0x53105c MoveToEx
0x531060 ExcludeClipRect
0x531064 GetClipBox
0x531068 ScaleWindowExtEx
0x53106c SetWindowExtEx
0x531074 GetDeviceCaps
0x531078 GetStretchBltMode
0x53107c GetROP2
0x531080 GetBkColor
0x531084 GetBkMode
0x531088 GetTextColor
0x53108c CreateRoundRectRgn
0x531090 CreateEllipticRgn
0x531094 PathToRegion
0x531098 EndPath
0x53109c BeginPath
0x5310a0 GetWindowOrgEx
0x5310a4 GetViewportOrgEx
0x5310a8 GetWindowExtEx
0x5310ac GetDIBits
0x5310b0 RealizePalette
0x5310b4 StretchBlt
0x5310b8 CreatePalette
0x5310c0 CreateDIBitmap
0x5310c4 DeleteObject
0x5310c8 SelectClipRgn
0x5310cc CreatePolygonRgn
0x5310d0 GetClipRgn
0x5310d4 SetStretchBltMode
0x5310d8 SetPixel
0x5310e0 SetBkColor
0x5310e4 SetBkMode
0x5310e8 SetTextColor
0x5310ec SetWindowOrgEx
0x5310f0 SaveDC
0x5310f4 RestoreDC
0x5310f8 CreatePenIndirect
0x5310fc PtVisible
0x531100 RectVisible
0x531104 TextOutA
0x531108 ExtTextOutA
0x53110c Escape
0x531110 ScaleViewportExtEx
0x531114 SetViewportExtEx
0x531118 OffsetViewportOrgEx
0x53111c SetViewportOrgEx
0x531120 SetMapMode
0x531124 SetROP2
0x531128 SetPolyFillMode
0x53112c ExtSelectClipRgn
0x531130 GetViewportExtEx
0x531134 GetTextMetricsA
0x531138 RoundRect
0x53113c GetCurrentObject
0x531140 DPtoLP
0x531144 LPtoDP
0x531148 Rectangle
0x53114c Ellipse
0x531150 SetPixelV
0x531154 CreateCompatibleDC
0x531158 GetPixel
0x53115c BitBlt
0x531160 StartPage
0x531164 StartDocA
0x531168 DeleteDC
0x53116c EndDoc
0x531170 EndPage
0x531174 CreateFontIndirectA
0x531178 GetStockObject
0x53117c CreateSolidBrush
0x531180 FillRgn
0x531184 CreateRectRgn
0x531188 CombineRgn
0x53118c PatBlt
0x531190 CreatePen
0x531194 GetObjectA
0x531198 SelectObject
0x53119c CreateBitmap
0x5311a0 CreateBrushIndirect
0x5311a4 CreateDCA
0x5311ac SelectPalette
0x5311b0 GetPolyFillMode
Library MSIMG32.dll:
0x5313f0 GradientFill
Library WINSPOOL.DRV:
0x531728 DocumentPropertiesA
0x53172c OpenPrinterA
0x531730 ClosePrinter
Library ADVAPI32.dll:
0x531000 RegQueryValueExA
0x531004 RegOpenKeyExA
0x531008 RegSetValueExA
0x53100c RegCreateKeyA
0x531010 RegDeleteValueA
0x531014 RegDeleteKeyA
0x531018 RegQueryValueA
0x53101c RegCreateKeyExA
0x531020 RegCloseKey
Library SHELL32.dll:
0x531418 ShellExecuteA
0x53141c Shell_NotifyIconA
Library ole32.dll:
0x531780 CLSIDFromString
0x531784 OleUninitialize
0x531788 OleInitialize
Library OLEAUT32.dll:
0x5313f8 LoadTypeLib
0x5313fc RegisterTypeLib
0x531400 UnRegisterTypeLib
Library COMCTL32.dll:
0x531028 ImageList_Draw
0x531030 _TrackMouseEvent
0x531038 ImageList_AddMasked
0x53103c ImageList_GetIcon
0x531044 None
0x531048 ImageList_Destroy
0x53104c ImageList_Create
Library WININET.dll:
0x5316b8 InternetCrackUrlA
0x5316bc HttpOpenRequestA
0x5316c0 HttpSendRequestA
0x5316c4 HttpQueryInfoA
0x5316c8 InternetConnectA
0x5316cc InternetSetOptionA
0x5316d0 InternetOpenA
0x5316d4 InternetCloseHandle
0x5316d8 InternetReadFile
Library comdlg32.dll:
0x53176c ChooseColorA
0x531770 GetOpenFileNameA
0x531774 GetFileTitleA
0x531778 GetSaveFileNameA
!This program cannot be run in DOS mode.
V9RichQ
`.rdata
@.data
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
uRFGHt
VMProtect begin
VWQPh
VWQPh
VWQPh
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VWQPh$
VMProtect end
VMProtect begin
VWQPh$
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VWQPh$
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VMProtect begin
VMProtect end
VWQPh$
VWQPh$
t(ENEN;
L$$_^]
T$$_^]
D$$_^]
D$0UVW
L$$_^]d
D$4SUV
L$89l$8}
D$(t,;
L$(CH;
QVWWRP
L$d_^][d
T$0RPQ
D$$~9+
F\_^][
L$D_^][d
L$ QRh
T$ QRh
L$$_^d
L$@^[d
D$PQRP
L$pPQR
D$hRQP
9L$x~k
L$T_^][d
L$lRVQ
D$hQRP
D$hQRP
T$pPQR
\$8UVW
L$DPQj
\$8UVW
L$DPQj
L$ _^d
W9^du-
L$ PQh
L$L_^][d
L$D_^][d
L$@RUQ
L$|_^][d
L$|_^][d
L$|_^][d
T$0VRPSQ
L$4_^[d
V#D$,WPQ
D$@UPQ
T$XUSR
T$HQRP
L$x_^d
D$(SUV
T$8RWj
L$ _^][d
l$<VWj
L$(VQVj
L$(UUh
t$LUPh
o0SSSSU
D$dSUVW
D$@WPS
L$`_^][d
D$,RVh0
L$TQVShx
|$XSSW
T$TQRPhT
D$`QRP
D$hSUV3
D$,Pj<j
L$h_^][d
L$X_^d
t$ 90t
T$LRUj
D$89Vdu
FpHt&Ht
D$LUSWP
L$$_^][d
L$,_[3
L$,_[3
L$(WQR
QQUWSS
L$P_]^[d
T$hQRWW
t]9|$<tW
L$x_^]
L$<SQR
T$<RVW
9|$8tt
T$<WRh
T$lPRh
T$ SRh
9l$xtU9
u29l$xu,
T$$Rhp
L$XSQh
D$,SPh
T$,SRh
T$,SRh
T$,SRh
t$(SSh
t$$RVP
|$,RPQ
L$H][d
L$HSUVWP
D$XPQU
D$8VPQ
T$ SWRP
L$L_^]3
t%RSQP
XY[Z[]
~'PSQR
\$<VW3
L$4_^3
D$XQRWP
D$dQUWRP
|$D.tm
L$0^[d
D$0WPQ
T$$+D$4
L$L^[d
9^xu5j
L$X_^]3
h9n`u;
D$8RPj
T$DQRU
D$PRPQ
L$TSWQ
l$HQRVU
D$H_^][
\$lUV3
L$h_^]3
T$\jdSR
L$Hj&Q
;t$Xu";\$\u
L$DSVQ
L$,_^]3
L$$_^][d
L$0PQS
L$ ]_^
L$ QSR
D$TVPW
D$TRPW
WWVQRWWS
D$$QRP
T$,PQR
D$$RSSP
D$8WVRPQ
L$XRQP
l$@VW3
L$8_^][d
u"8D$yu
D$(_^][
8MThdu
~P9~Pun
t&9^$t
F(9V8tQ
F<_^][
F<_^][
|$@ Wu
|$D UV
L$8^]_3
@;l$\~Z
L$X;L$
uh9^8uX
F89^8u&j
L$T_^][d
L$L_^][d
D$,;\$|
L$0PQR
PQj WUS
T$dPQR
L$l_^][d
L$8WPQR
T$DQSR
D$49D$$}
T$\;D$Xu
L$(PQR
T$,RQP
T$(PQR
L$x_^][d
L$l_^][d
L$TPQR
L$dPQRV
u+\$l
L$4SUV
L$4WPQR
D$ |2;
L$@_^][d
u._^][
L$ WPQ
T$,RQP
L$\_^][d
L$@RQj
D$@RPQj
L$T_^]d
FD uy9D$$}s
FD@ul9L$(}f
L$P_^d
L$\_^][d
;D$xt&
9D$$t+
L$D_]d
L$ ^][d
D$$QUP
L$|_^][d
L$t][d
D$$SUV
D$DURP
RVPUSQ
L$$_^][d
j VUPWQ
T$(QVURWP
L$,_^][d
D$$_^[
D$$_^[
L$4VQUP
L$$_^][d
L$4UQWP
L$$_^][d
T$0SUV
L$(_^][d
T$8QRP
L$(_^][d
L$8_^][d
|$LtE;
t$PPVS
L$8_^][d
T$\WVR
jBWVSSQ
D$(_^]
\$ PQV
L$$_^][d
L$H_^][d
SWVVVRPV
L$$^]d
L$D_^[d
T$DWRh
D$,QRPS
L$$RPQS
L$<_^][d
L$(RPQ
NTRPQj
L$(RPQ
T$(PQR
D$(QRP
T$DPQRW
L$<RPQW
L$T_^]
Nh;NX|
Vh;VX|
Fxt_;FTu@
Nh;NX|
P$RWPhP5L
L$$hh"
D$0QVRP
L$$PVh
D$4RPQ
D$ PQR
=pscat
=YARGtD= BGRt
h BGRUPV
hYARGUQV
=lcmnw_tQ=tsbat-=knilt
=rtnmto
hknilUPV
htsbaUQV
=rtrpt =rncst
=capst
= baLt = ZYXt
^tt!h|(
TADIut
tkPUSV
ETLPuF
L$XhD/
D$8QVRPU
QRVWPU
D$$SPh
3;L$4s
T$8QRU
L$Xh`[
T$Xhh-
L$Xh@-
T$,SRW
T$0;t$
PPPQSG
D$ EJ;
D$4SUVW
L$$QWV
D$,Hx;@
D$(CM;
D$Hvm3
L$Lvj3
D$(FO;
L$t_^d
D$ RPUhD
L$l_^][d
L$$^[d
L$(WSR
T$0PQR
WjdjdPQh
|z;^<}uWS
L$D_^][d
L$\_^][d
It#Iu%
^l_^][
tI;Ftr
tL9~HvG;
~(9~$u
D/ VPS
L$<RWUQV
tLhH6
L$$j QV
L$(VQU
hPCCiU
L$(RPVQWU
l$,WuAS
|$ VurU
D$@QRPU
T$ PQW
Ht&HtcI
D$(SUW
=TADIt
TADIu"
hTADIV
Ht]Ht2Ht
HtfHt;Ht
t$,u%:D$<u
:L$<t;
\$$u9f;
\$@QUR
;=3333v
HtHHuz
V,_^[Y
D$ _^][
EHPWVS
u]9B uX
uR9BxuM
'9A`u"9
tq9~Dt
nd9~dt
tS9~@uN
T$LPQR
|$HPWS
L$(RPQ
T$DPVS
T$LRWS
Fdf+Fh
D$(8D*
tRHt}H
NH_^][
T$LWUQVR
L$4WQUVS
;l$ }:
|$$}$WP
\$\}-j
O(_^][
T$H} VP
D$$=`Q
T$$PRV
D$(QPW
L$,SUV
L$0SUV@W
NX9NXu
QPSWVR
T$PQRP
D$$SUV
D$(;l$
\$(UVW
D$,_^]
D$(CUSWP
9o4u'V
9t$0v8
T$,RWV
T$,RWV
T$,RWV
L$,QWV
T$,RWV
L$ RUPj
9t$Tu
T+3x%A
;D$<s!
T$,PQh
|$ WUSV
L$(SUV
N4_^]3
D$ PSV
t$4PWV
D$$_^]
t+;-,2
D$ ;\$
D$(WPf
D$,PVQ
T$,RVQP
L$4PQVR
L$4PQVR
D$8PVQ
D$$PWU
D$$PWU
SUVWPQR
Fdf+Fh
|$ WUSV
D$$SUV
BRPj+S
@PVj,S
\$4t|Ht@H
T$ QRP
L$lQPR
L$8RPQ
L$8PQR
T$$RPQV
T$ URQPV
T$$RPQV
\$0UVW
D$PRPV
L$@j%Q
L$@j%Q
L$(_^]d
L$<_^]
T$<_^]
D$<_^]
L$<_^]
T$lPQR
T$$j%R
L$lRPQ
T$,IJQR
D$(IPQ
T$Pj%R
D$`PQR
L$$QPR
L$8_^]d
L$ QWPR
l$PVWU
L$0_^]d
\$(UVW
L$PQRP
T$`RPQ
T$8RPQ
L$PPPQ
T$PRPQ
D$`PQR
D$8PQR
L$0QSR
L$<_^[d
D$8QVRP
D$8QVRP
D$4WSP
D$4WSj
D$DWSUj
D$0QRP
L$,RPQ
T$,PQR
T$,PQR
JUHRPQ
BU@RPQ
\$dUVW
D$4PSQ
T$PRQP
L$(SPVW
L$ QUR
D$$Phd
t$ WPV
L$ _^[d
L$8RPQ
t$LPQR
L$4_^][d
D$HQRPW
L$4_^]d
\$,UVW
L$d^_]
L$,RPQ
L$H_^][d
S#D$$SPQR
T$TSSR
L$P_^][d
D$$VPQ
t`Ht7Hu}
D$DSUV
?h3333S
T$`h33
?h3333R
L$@_^][d
D$hVPQ
L$@QWR
L$ PVWj
L$`_^][d
L$0UQW
D$Du)+
T$ SU3
L$ PSW
D$,FI;
L$D_^]
L$(^][
T$8PWR
L$,PRVQ
^lSj<P
D$Hu)+
L$T_^][d
L$XPPQ
|$LWQP
L$0_^]d
F$@;F(v
F$@@;F(v
QQSVWj
QQSVWd
t.;t$$t(
B 02CV
C =02CVu
VC20XC00U
PPPPPPPP
uRFGHt
YHYtLHt9
tn<%t2
HHtiHtGH
HtHHt(
HtOHt)H
HtHt&Ht
8t9UW
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
t/WWUPj
QQSVW3
sO;>|C;~
"WWShh
HHtpHHtl
tFGQPS
HSVHWtgHHtF
<]t_G<-uA
QQSVWj
>:uNFV
>:u#FV
Qf9=x
,f9=$
PPPPPPPP
PPPPPPPP
t+Ht$Ht
HtHHt
+ttHHtd
nt2Ht#Ht
F\jLSP
u$SShe
Wj(_Wj
hWj@_;
PQQQQQ
PPPPhd
tvWWWWU
F,_^][
(wqt\HHtS
t>Ht Ht
QSUVWj
n0SSSSU
_SSSSU
Ph_^][Y
tD9_Pt?
Ht#HHt
@t4Ht1Ht_Ht
^$_^[]
F(_+F$^[;E
9~4u@j
9~4u:j
F0_^][
<A|2<Z
<A|@<Z
+tJHt:Ht*
P<PuWSV
VWtp9E
HtTHtFHt8Ht*Ht
PWVWWW
9^0u/j
F09^4u*j
F49^8u&j
^,_^][
kernel32.dll
kernel32.dll
kernel32.dll
Kernel32
kernel32.dll
Kernel32.dll
kernel32.dll
SECPROTECT.dll
kernel32.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
Kernel32.dll
kernel32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
user32.dll
ntdll.dll
kernel32
kernel32
kernel32
kernel32.dll
user32
kernel32
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32
kernel32
kernel32
kernel32
kernel32
kernel32
kernel32
kernel32.dll
ntdll.dll
kernel32.dll
kernel32.dll
kernel32.dll
NTDLL.DLL
NTDLL.DLL
KERNEL32.DLL
KERNEL32.DLL
KERNEL32.DLL
user32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32
kernel32.dll
Winhttp.dll
Kernel32
kernel32
Winhttp.dll
kernel32
Wininet.dll
Winhttp.dll
Wininet.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
kernel32
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Winhttp.dll
Kernel32
Winhttp.dll
Winhttp.dll
kernel32
Winhttp.dll
Winhttp.dll
Winhttp.dll
shlwapi.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
kernel32.dll
CreateToolhelp32Snapshot
Process32Next
GetCurrentProcessId
CloseHandle
IsDebuggerPresent
CreateEventA
GetModuleHandleA
AddNoChange_File
GetModuleHandleA
NtQueryVirtualMemory
NtCreateSection
NtMapViewOfSection
NtClose
RtlMoveMemory
NtUnmapViewOfSection
MultiByteToWideChar
WideCharToMultiByte
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptEncrypt
CryptSetKeyParam
CryptDestroyKey
CryptGetKeyParam
CryptDecrypt
CreateDirectoryA
MoveFileA
IsDebuggerPresent
OpenEventA
IsDebuggerPresent
OpenProcess
TerminateProcess
PostMessageA
NtQuerySystemInformation
LocalAlloc
RtlMoveMemory
LocalFree
RtlZeroMemory
EnumThreadWindows
RtlMoveMemory
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
VirtualQueryEx
VirtualProtectEx
IsDebuggerPresent
GetSystemDirectoryA
ReadProcessMemory
lstrcpynA
RtlMoveMemory
RtlMoveMemory
RtlMoveMemory
RtlMoveMemory
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcessId
ZwSetInformationThread
ZwQuerySystemInformation
GlobalAlloc
RtlMoveMemory
GlobalFree
ZwSuspendProcess
ZwResumeProcess
CreateToolhelp32Snapshot
Thread32First
Thread32Next
SetWindowPos
CreateDirectoryA
MoveFileA
GetProcessHeap
GetSystemTimeAsFileTime
IsDebuggerPresent
WinHttpOpen
HeapAlloc
MultiByteToWideChar
WinHttpCloseHandle
HeapFree
InternetSetCookieA
WinHttpAddRequestHeaders
InternetGetCookieA
WinHttpSetOption
WinHttpSetOption
WinHttpQueryHeaders
WideCharToMultiByte
WinHttpCrackUrl
WinHttpConnect
WinHttpOpenRequest
WinHttpSendRequest
WinHttpReceiveResponse
HeapReAlloc
WinHttpQueryDataAvailable
WinHttpReadData
MultiByteToWideChar
WinHttpSetTimeouts
WinHttpSetOption
WinHttpSetCredentials
PathFindExtensionA
IsDebuggerPresent
IsDebuggerPresent
WideCharToMultiByte
DeviceIoControl
CloseHandle
OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
StartServiceA
CreateFileA
ControlService
DeleteService
d09f2340818511d396f6aaf844c7e325
A512548E76954B6E92C21055517615B0
0AFF5F28B2CB42ce906AA27D6E485457
{A068799B-7551-46b9-8CA8-EEF8357AFEA4}
F7FC1AE45C5C4758AF03EF19F18A395D
4BB4003860154917BC7D8230BF4FA58A
5F99C1642A2F4e03850721B4F5D7C3F8
5014D8FA6DCA40b68FA626D8183666EB
707ca37322474f6ca841f0e224f4b620
{B6F7542F-B8FE-46a8-9605-98856A687097}
52F260023059454187AF826A3C07AF2A
window
EditBox
PicBox
RapidString
RapidBinary
impart Spoof
APEX-[EAC]
abc13f73
f8364cbe
8ef6211b28f40bb9
310bf50ae19f8b75
] APEX Spoof
*3a%c9e!
BDC8F49C
A318E8ECC5A19218
85c`.56*
DES-ECB
5F2F573CAC27A4DF49212035E4AD2B91
=5c`.53*
!This program cannot be run in DOS mode.
`.rdata
@.data
@.reloc
uRFGHt
L$89l$8}
D$(t,;
D$$~9+
F\_^][
T$HhT\
L$$_^d
L$@^[d
D$PQRP
L$pPQR
D$hRQP
9L$x~k
L$T_^][d
L$lRVQ
D$hQRP
D$hQRP
T$pPQR
\$8UVW
L$DPQj
\$8UVW
L$DPQj
L$ _^d
W9^du-
T$|hh\
D$|hd\
L$ PQh
L$L_^][d
L$D_^][d
L$@RUQ
L$|_^][d
L$|_^][d
L$|_^][d
T$0VRPSQ
L$4_^[d
V#D$,WPQ
D$@UPQ
T$XUSR
T$HQRP
L$x_^d
D$(SUV
T$8RWj
L$ _^][d
l$<VWj
L$(VQVj
L$(UUh
t$LUPh
o0SSSSU
D$dSUVW
D$@WPS
L$`_^][d
D$,RVh\]
L$TQVSh<_
|$XSSW
T$TQRPh
D$`QRP
D$hSUV3
D$,Pj<j
L$h_^][d
L$X_^d
UWPh|_
t$ 90t
QVPh<_
T$LRUj
L$(WQR
QQUWSS
L$P_]^[d
T$hQRWW
t]9|$<tW
L$x_^]
L$<SQR
T$<RVW
9|$8tt
T$<WRh
T$lPRh
T$ SRh
9l$xtU9
u29l$xu,
T$$RhPj
L$XSQh
D$,SPh
T$,SRh
T$,SRh
T$,SRh
t$(SSh
t$$RVP
|$,RPQ
L$H][d
L$HSUVWP
D$XPQU
D$8VPQ
T$ SWRP
L$L_^]3
t%RSQP
XY[Z[]
~'PSQR
D$XQRWP
D$dQUWRP
D$0WPQ
T$$+D$4
L$L^[d
9^xu5j
L$X_^]3
h9n`u;
D$8RPj
T$DQRU
D$PRPQ
L$TSWQ
l$HQRVU
D$H_^][
\$lUV3
L$h_^]3
T$\jdSR
L$Hj&Q
;t$Xu";\$\u
L$DSVQ
L$,_^]3
L$$_^][d
L$0PQS
L$ ]_^
L$ QSR
D$TVPW
D$TRPW
WWVQRWWS
D$$QRP
T$,PQR
D$$RSSP
D$8WVRPQ
L$XRQP
l$@VW3
L$8_^][d
u"8D$yu
D$(_^][
8MThdu
~P9~Pun
t&9^$t
F(9V8tQ
F<_^][
F<_^][
|$@ Wu
|$D UV
L$8^]_3
@;l$\~Z
L$X;L$
uh9^8uX
F89^8u&j
L$T_^][d
L$L_^][d
D$,;\$|
L$0PQR
PQj WUS
T$dPQR
L$l_^][d
L$8WPQR
T$DQSR
D$49D$$}
T$\;D$Xu
L$(PQR
T$,RQP
T$(PQR
L$x_^][d
L$l_^][d
L$TPQR
L$dPQRV
u+\$l
L$4SUV
L$4WPQR
D$ |2;
L$@_^][d
u._^][
L$ WPQ
T$,RQP
L$\_^][d
L$@RQj
D$@RPQj
L$T_^]d
FD uy9D$$}s
FD@ul9L$(}f
L$P_^d
L$\_^][d
;D$xt&
9D$$t+
L$D_]d
L$ ^][d
D$$QUP
L$|_^][d
L$t][d
D$$SUV
D$DURP
RVPUSQ
L$$_^][d
j VUPWQ
T$(QVURWP
L$,_^][d
D$$_^[
D$$_^[
L$4VQUP
L$$_^][d
L$4UQWP
L$$_^][d
T$0SUV
L$(_^][d
T$8QRP
L$(_^][d
L$8_^][d
|$LtE;
t$PPVS
L$8_^][d
T$\WVR
jBWVSSQ
D$(_^]
\$ PQV
L$$_^][d
L$H_^][d
SWVVVRPV
L$$^]d
L$D_^[d
T$(Qh<
T$(Qh<
T$(Qh<
T$DWRh
D$,QRPS
L$$RPQS
L$<_^][d
L$(RPQ
NTRPQj
L$(RPQ
T$(PQR
D$(QRP
T$DPQRW
L$<RPQW
L$T_^]
Nh;NX|
Vh;VX|
Fxt_;FTu@
Nh;NX|
P$RWPh0}
D$0QVRP
L$$PVh
D$4RPQ
D$ PQR
=pscat
=YARGtD= BGRt
h BGRUPV
hYARGUQV
=lcmnw_tQ=tsbat-=knilt
=rtnmto
hknilUPV
htsbaUQV
=rtrpt =rncst
=capst
= baLt = ZYXt
^tt!h,
TADIut
tkPUSV
ETLPuF
D$8QVRPU
QRVWPU
D$$SPh
3;L$4s
T$8QRU
L$Xh`[
T$,SRW
T$0;t$
PPPQSG
D$ EJ;
D$4SUVW
L$$QWV
D$,Hx;@
D$(CM;
D$Hvm3
L$Lvj3
D$(FO;
L$t_^d
D$ RPUhD
L$l_^][d
L$$^[d
L$(WSR
T$0PQR
WjdjdPQh
|z;^<}uWS
L$D_^][d
L$\_^][d
It#Iu%
^l_^][
tI;Ftr
tL9~HvG;
~(9~$u
D/ VPS
L$<RWUQV
L$$j QV
L$(VQU
hPCCiU
L$(RPVQWU
l$,WuAS
|$ VurU
D$@QRPU
T$ PQW
Ht&HtcI
D$(SUW
=TADIt
TADIu"
hTADIV
Ht]Ht2Ht
HtfHt;Ht
t$,u%:D$<u
:L$<t;
\$$u9f;
\$@QUR
;=3333v
HtHHuz
V,_^[Y
D$ _^][
EHPWVS
u]9B uX
uR9BxuM
'9A`u"9
tq9~Dt
nd9~dt
tS9~@uN
T$LPQR
|$HPWS
L$(RPQ
T$DPVS
T$LRWS
Fdf+Fh
D$(8D*
tRHt}H
NH_^][
T$LWUQVR
L$4WQUVS
;l$ }:
|$$}$WP
\$\}-j
O(_^][
T$H} VP
T$$PRV
D$(QPW
L$,SUV
L$0SUV@W
NX9NXu
QPSWVR
T$PQRP
D$$SUV
D$(;l$
\$(UVW
D$,_^]
D$(CUSWP
9o4u'V
9t$0v8
T$,RWV
T$,RWV
T$,RWV
L$,QWV
T$,RWV
L$ RUPj
9t$Tu
T+3x%A
;D$<s!
T$,PQh
D$0Qht_
|$ WUSV
D$$SUV
L$(SUV
N4_^]3
F$@;F(v
F$@@;F(v
QQSVWj
QQSVWd
t.;t$$t(
B 02CV
C =02CVu
uRFGHt
YHYtLHt9
8t9UW
SS@SSPVSS
t#SSUP
t$$VSS
_^][YY
t/WWUPj
QQSVW3
sO;>|C;~
VC20XC00U
HHtpHHtl
tFGQPS
HSVHWtgHHtF
<]t_G<-uA
PPPPPPPP
PPPPPPPP
PPPPPPPP
QQSVWj
>:uNFV
>:u#FV
,f9=DV
t+Ht$Ht
HtHHt
+ttHHtd
nt2Ht#Ht
F\jLSP
u$SShe
ue;=@S
Wj(_Wj
hWj@_;
PQQQQQ
PPPPhd
tvWWWWU
F,_^][
(wqt\HHtS
t>Ht Ht
QQSVW3
QSUVWj
n0SSSSU
_SSSSU
Ph_^][Y
tD9_Pt?
Ht#HHt
@t4Ht1Ht_Ht
^$_^[]
F(_+F$^[;E
<A|2<Z
<A|@<Z
+tJHt:Ht*
P<PuWSV
PWVWWW
^,_^][
Kernel32.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
ntdll.dll
Kernel32.dll
kernel32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
advapi32.dll
CreateEventA
NtQueryVirtualMemory
NtCreateSection
NtMapViewOfSection
NtClose
RtlMoveMemory
NtUnmapViewOfSection
MultiByteToWideChar
WideCharToMultiByte
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptDecrypt
CryptSetKeyParam
CryptDestroyKey
CryptGetKeyParam
d09f2340818511d396f6aaf844c7e325
A512548E76954B6E92C21055517615B0
E9BD42F1FBE2910AEA2F1E641BB6EC86D014
*ba%cde!
AES192
AES256
z>Kernel32.dll
ntdll.dll
kernel32.dll
advapi32.dll
CreateEventA
NtQueryVirtualMemory
NtCreateSection
NtMapViewOfSection
NtClose
RtlMoveMemory
NtUnmapViewOfSection
MultiByteToWideChar
WideCharToMultiByte
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptDecrypt
CryptSetKeyParam
CryptDestroyKey
CryptGetKeyParam
4i5U6B738%9
B#C0D?EQFeG|H
E=FZGrH
QyReSOT5U
qdZRMHD@=;86421/.-+*)(''&%$$#""!! 
|?5^<@
0123456789ABCDEF
123456789
0123456789ABCDEF
Qkkbal
DDDDUUUU
00003333
""""UUUU
0@P`p
!1AQaq
"2BRbr
#3CScs
$4DTdt
%5EUeu
&6FVfv
'7GWgw
(8HXhx
)9IYiy
*:JZjz
+;K[k{
,<L\l|
-=M]m}
.>N^n~
/?O_o
deflate 1.1.3 Copyright 1995-1998 Jean-loup Gailly
BKbhTb~XBK!;
inflate 1.1.3 Copyright 1995-1998 Mark Adler
?u='@^
CNotSupportedException
CMemoryException
CException
CMemFile
CTempGdiObject
CTempDC
CPalette
CBitmap
CBrush
CGdiObject
CPaintDC
CWindowDC
CClientDC
CUserException
CResourceException
CDialog
MS Sans Serif
MS Shell Dlg
CTempWnd
AfxOldWndProc423
AfxWnd42s
AfxControlBar42s
AfxMDIFrame42s
AfxFrameOrView42s
AfxOleControl42s
GetMonitorInfoA
EnumDisplayMonitors
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
GetSystemMetrics
USER32
DISPLAY
commctrl_DragListMsg
Afx:%x:%x:%x:%x:%x
Afx:%x:%x
InitCommonControlsEx
COMCTL32.DLL
CPtrArray
CComboBox
CButton
CStatic
CFileDialog
CStringArray
CWinApp
PreviewPages
Settings
CTempImageList
CImageList
CProgressCtrl
CArchiveException
CCmdTarget
CWinThread
CTempMenu
combobox
CDWordArray
CWordArray
CFileException
CMapPtrToPtr
CToolTipCtrl
tooltips_class32
CColorDialog
CObject
System
commdlg_SetRGBColor
commdlg_help
commdlg_ColorOK
commdlg_FileNameOK
commdlg_ShareViolation
commdlg_LBSelChangedNotify
software
CMapStringToPtr
H:mm:ss
dddd, MMMM dd, yyyy
M/d/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
__GLOBAL_HEAP_SELECTED
__MSVCRT_HEAP_SELECT
runtime error
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program:
<program name unknown>
GAIsProcessorFeaturePresent
KERNEL32
_hypot
`h````
ppxxxx
(null)
Illegal byte sequence
Directory not empty
Function not implemented
No locks available
Filename too long
Resource deadlock avoided
Result too large
Domain error
Broken pipe
Too many links
Read-only file system
Invalid seek
No space left on device
File too large
Inappropriate I/O control operation
Too many open files
Too many open files in system
Invalid argument
Is a directory
Not a directory
No such device
Improper link
File exists
Resource device
Unknown error
Bad address
Permission denied
Not enough space
Resource temporarily unavailable
No child processes
Bad file descriptor
Exec format error
Arg list too long
No such device or address
Input/output error
Interrupted function call
No such process
No such file or directory
Operation not permitted
No error
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
1#QNAN
1#SNAN
CloseHandle
WaitForSingleObject
GetTickCount
GetCommandLineA
MulDiv
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
GetFileAttributesA
FindClose
FindFirstFileA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateEventA
CreateThread
WritePrivateProfileStringA
GetVersionExA
GetLastError
LoadLibraryA
FreeLibrary
GetFullPathNameA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalReAlloc
FindNextFileA
lstrcpyA
WinExec
lstrlenA
lstrcatA
InitializeCriticalSection
DeleteCriticalSection
GlobalFree
GlobalSize
ExitProcess
GetCurrentThreadId
GetModuleFileNameA
ReadFile
LockResource
LoadResource
FindResourceA
SetEvent
CreateFileA
WaitForMultipleObjects
WriteFile
GetProfileStringA
LeaveCriticalSection
EnterCriticalSection
ReleaseSemaphore
ResumeThread
CreateSemaphoreA
KERNEL32.dll
wsprintfA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetCursorPos
MessageBoxA
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
IsChild
ReleaseDC
IsRectEmpty
FillRect
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
InflateRect
SetRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
GetCapture
ReleaseCapture
SetTimer
KillTimer
WinHelpA
LoadBitmapA
CopyRect
ChildWindowFromPointEx
ScreenToClient
GetMessagePos
SetWindowRgn
DestroyAcceleratorTable
GetWindow
GetActiveWindow
SetFocus
IsIconic
PeekMessageA
SetMenu
GetMenu
DefWindowProcA
GetClassInfoA
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
SystemParametersInfoA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
TranslateMessage
LoadIconA
USER32.dll
GetDeviceCaps
GetTextExtentPoint32A
RoundRect
GetCurrentObject
DPtoLP
LPtoDP
Rectangle
Ellipse
CreateCompatibleDC
BitBlt
StartPage
StartDocA
DeleteDC
EndDoc
EndPage
CreateFontIndirectA
GetStockObject
CreateSolidBrush
FillRgn
CreateRectRgn
CombineRgn
PatBlt
CreatePen
GetObjectA
SelectObject
CreateBitmap
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
GDI32.dll
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
WINMM.dll
ClosePrinter
DocumentPropertiesA
OpenPrinterA
WINSPOOL.DRV
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
ADVAPI32.dll
ShellExecuteA
Shell_NotifyIconA
SHELL32.dll
CLSIDFromString
OleUninitialize
OleInitialize
ole32.dll
OLEAUT32.dll
ImageList_Destroy
COMCTL32.dll
WS2_32.dll
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
LocalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
SetLastError
lstrcpynA
DuplicateHandle
GetCurrentProcess
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
lstrcmpiA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
lstrcmpA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetFileSize
GetFileTime
GetCurrentThread
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
TerminateProcess
HeapSize
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetClassNameA
GetDesktopWindow
UnregisterClassA
LoadStringA
GetSysColorBrush
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExcludeClipRect
MoveToEx
LineTo
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
comdlg32.dll
RegCreateKeyExA
SECPROTECT.dll
AddNoChange_File
Shell32.dll
Mpr.dll
Advapi32.dll
User32.dll
Gdi32.dll
Kernel32.dll
.PAVCException@@
\shell\open\command
mailto:
OpenDatabase
CloseDatabase
GetConnectString
GetTabList
): %d, %d
DllUnregisterServer
DllRegisterServer
DEFAULT_ICON
RemovePlayer
WG!2S(
L23fff&ff
Antivirus Signature
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Generic.lwoF
Elastic malicious (high confidence)
ClamAV Win.Malware.Genkryptik-10034801-0
CMC Clean
CAT-QuickHeal Clean
Skyhigh BehavesLike.Win32.Generic.vc
ALYac Clean
Cylance Unsafe
Zillya Clean
CrowdStrike win/malicious_confidence_70% (D)
Alibaba Clean
K7GW Trojan ( 005246d51 )
K7AntiVirus Trojan ( 005246d51 )
huorong Clean
Baidu Clean
VirIT Clean
Paloalto generic.ml
Symantec ML.Attribute.HighConfidence
tehtris Generic.Malware
ESET-NOD32 a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEX Malicious
Avast Win32:Malware-gen
Cynet Malicious (score: 100)
Kaspersky Clean
BitDefender Clean
NANO-Antivirus Clean
ViRobot Clean
MicroWorld-eScan Clean
Tencent Clean
Sophos Mal/Generic-S
F-Secure Clean
DrWeb Trojan.DownLoad4.15026
VIPRE Clean
TrendMicro Clean
McAfeeD Real Protect-LS!801832B0EB4D
Trapmine suspicious.low.ml.score
CTX Clean
Emsisoft Clean
Ikarus Trojan.Win32.Agent
FireEye Generic.mg.801832b0eb4d855a
Jiangmin Clean
Webroot Clean
Avira Clean
Fortinet W32/CoinMiner.PHP!tr
Antiy-AVL RiskWare/Win32.FlyStudio.a
Kingsoft Win32.Troj.Unknown.a
Gridinsoft Trojan.Win32.Packed.sa
Xcitium TrojWare.Win32.Agent.OSCF@5rs7jr
Arcabit Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
Microsoft Trojan:Win32/Emotet!ml
Varist W32/Agent.EW.gen!Eldorado
AhnLab-V3 Malware/Gen.Generic.C1027866
Acronis suspicious
McAfee Artemis!801832B0EB4D
TACHYON Clean
VBA32 Clean
Malwarebytes Generic.Malware.AI.DDS
Panda Clean
Zoner Clean
TrendMicro-HouseCall Clean
Rising Trojan.MalCert!1.E0C6 (CLASSIC)
Yandex Clean
SentinelOne Static AI - Malicious PE
MaxSecure Dropper.Dinwod.frindll
GData Win32.Trojan.PSE.11U3QNE
AVG Win32:Malware-gen
DeepInstinct MALICIOUS
alibabacloud Virus:Win/KillFiles.AZ
No IRMA results available.