1.4
低危
DACN
0.14
FACILE
1.00
IMCLNet
0.88
MFGraph
0.00
反病毒引擎
| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| Alibaba | Malware:Win32/km_2e2f4.None | 20190527 | 0.3.0.5 |
| Avast | Win32:WormX-gen [Wrm] | 20240214 | 23.9.8494.0 |
| Baidu | None | 20190318 | 1.0.0.2 |
| CrowdStrike | win/malicious_confidence_100% (W) | 20231026 | 1.0 |
| Kingsoft | malware.kb.a.1000 | 20230906 | None |
| McAfee | W32/Sytro.worm.gen!p2p | 20240214 | 6.0.6.653 |
| Tencent | Worm.Win32.Generic.za | 20240214 | 1.0.0.1 |
静态指标
可执行文件包含未知的 PE 段名称,可能指示打包器(可能是误报)
(6 个事件)
| section | CODE\x00\x00U |
| section | DATA\x00\x00U |
| section | BSS\x00\\x00U |
| section | .rdata\x00b |
| section | .blwq |
| section | .lhdqsec |
动态指标
在文件系统上创建可执行文件
(50 个事件)
| file | C:\Windows\Temp\Xbox.info.exe |
| file | C:\Windows\Temp\Windows XP serial generator.exe |
| file | C:\Windows\Temp\Macromedia key generator (all products).exe |
| file | C:\Windows\Temp\ZoneAlarm Firewall Full Downloader.exe |
| file | C:\Windows\Temp\Winrar + crack.exe |
| file | C:\Windows\Temp\ScaryMovie 2 Full Downloader.exe |
| file | C:\Windows\Temp\SIMS FullDownloader.exe |
| file | C:\Windows\Temp\Quake 4 BETA.exe |
| file | C:\Windows\Temp\Windows XP Full Downloader.exe |
| file | C:\Windows\Temp\DivX.exe |
| file | C:\Windows\Temp\MSN Password Hacker and Stealer.exe |
| file | C:\Windows\Temp\LordOfTheRings-FullDownloader.exe |
| file | C:\Windows\Temp\[DiVX] Harry Potter And The Sorcerors Stone Full Downloader.exe |
| file | C:\Windows\Temp\Star Wars Episode 2 - Attack Of The Clones Full Downloader.exe |
| file | C:\Windows\Temp\Key generator for all windows XP versions.exe |
| file | C:\Windows\Temp\Jenna Jameson - Built For Speed Downloader.exe |
| file | C:\Windows\Temp\StarWars2 - CloneAttack - FullDownloader.exe |
| file | C:\Windows\Temp\Britney spears nude.exe |
| file | C:\Windows\Temp\KaZaA media desktop v2.0 UNOFFICIAL.exe |
| file | C:\Windows\Temp\DSL Modem Uncapper.exe |
| file | C:\Windows\Temp\Battle.net key generator (WORKS!!).exe |
| file | C:\Windows\Temp\Half-life ONLINE key generator.exe |
| file | C:\Windows\Temp\Cat Attacks Child Full Downloader.exe |
| file | C:\Windows\Temp\Macromedia Flash 5.0 Full Downloader.exe |
| file | C:\Windows\Temp\Borland Delphi 6 Key Generator.exe |
| file | C:\Windows\Temp\AIM Account Stealer Downloader.exe |
| file | C:\Windows\Temp\Star wars episode 2 downloader.exe |
| file | C:\Windows\Temp\Shakira FullDownloader.exe |
| file | C:\Windows\Temp\Winzip 8.0 + serial.exe |
| file | C:\Windows\Temp\Spiderman FullDownloader.exe |
| file | C:\Windows\Temp\Grand theft auto 3 CD1 crack.exe |
| file | C:\Windows\Temp\Windows XP key generator.exe |
| file | C:\Windows\Temp\Sony Play station boot disc - Downloader.exe |
| file | C:\Windows\Temp\Hacking Tool Collection.exe |
| file | C:\Windows\Temp\PS1 Boot Disc Full Dwonloader.exe |
| file | C:\Windows\Temp\Microsoft key generator, works for ALL microsoft products!!.exe |
| file | C:\Windows\Temp\AikaQuest3Hentai FullDownloader.exe |
| file | C:\Windows\Temp\MoviezChannelsInstaler.exe |
| file | C:\Windows\Temp\[DiVX] Lord of The Rings Full Downloader.exe |
| file | C:\Windows\Temp\Half-life WON key generator.exe |
| file | C:\Windows\Temp\Gladiator FullDownloader.exe |
| file | C:\Windows\Temp\How To Hack Websites.exe |
| file | C:\Windows\Temp\Internet and Computer Speed Booster.exe |
| file | C:\Windows\Temp\Warcraft 3 ONLINE key generator.exe |
| file | C:\Windows\Temp\Microsoft Windows XP crack pack.exe |
| file | C:\Windows\Temp\Hack into any computer!!.exe |
| file | C:\Windows\Temp\Zidane-ScreenInstaler.exe |
| file | C:\Windows\Temp\Warcraft 3 battle.net serial generator.exe |
| file | C:\Windows\Temp\GTA3 crack.exe |
| file | C:\Windows\Temp\CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe |
该二进制文件可能包含加密或压缩数据,表明使用了打包工具
(2 个事件)
| section | {'name': 'CODE\\x00\\x00U', 'virtual_address': '0x00001000', 'virtual_size': '0x0001a014', 'size_of_data': '0x0001a200', 'entropy': 7.892082134864014} | entropy | 7.892082134864014 | description | 发现高熵的节 | |||||||||
| entropy | 0.8393574297188755 | description | 此PE文件的整体熵值较高 | |||||||||||
网络通信
与未执行 DNS 查询的主机进行通信
(1 个事件)
| host | 114.114.114.114 | |||
文件已被 VirusTotal 上 57 个反病毒引擎识别为恶意
(50 out of 57 个事件)
| ALYac | Dropped:Trojan.Delf.FareIt.Gen.iOX@nCG7LQm |
| APEX | Malicious |
| AVG | Win32:WormX-gen [Wrm] |
| Acronis | suspicious |
| AhnLab-V3 | Worm/Win32.Sytro.R27096 |
| Alibaba | Malware:Win32/km_2e2f4.None |
| Antiy-AVL | Worm/Win32.Soltern |
| Arcabit | Trojan.Delf.FareIt.Gen.ED16E5A |
| Avast | Win32:WormX-gen [Wrm] |
| Avira | WORM/Soltern.oald |
| BitDefender | Dropped:Trojan.Delf.FareIt.Gen.iOX@nCG7LQm |
| BitDefenderTheta | AI:Packer.7282A3C01E |
| Bkav | W32.AIDetectMalware |
| CAT-QuickHeal | Worm.Soltern.A.mue |
| ClamAV | Win.Worm.Sytro-35 |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Cylance | unsafe |
| Cynet | Malicious (score: 100) |
| DeepInstinct | MALICIOUS |
| DrWeb | Win32.HLLW.Sytro |
| ESET-NOD32 | a variant of Win32/Soltern.NAA |
| Elastic | malicious (high confidence) |
| Emsisoft | Dropped:Trojan.Delf.FareIt.Gen.iOX@nCG7LQm (B) |
| F-Secure | Worm.WORM/Soltern.oald |
| FireEye | Generic.mg.398ca925ffafa7c1 |
| Fortinet | W32/Parite.C |
| GData | Win32.Trojan.PSE.10NOXYU |
| Detected | |
| Gridinsoft | Trojan.Win32.Agent.bot!s1 |
| Ikarus | Worm.Soltern |
| K7AntiVirus | Trojan ( 005568151 ) |
| K7GW | Trojan ( 005568151 ) |
| Kaspersky | HEUR:Trojan.Win32.Generic |
| Kingsoft | malware.kb.a.1000 |
| Lionic | Worm.Win32.Sytro.lzAP |
| MAX | malware (ai score=83) |
| Malwarebytes | Generic.Malware.AI.DDS |
| MaxSecure | Trojan.Malware.121218.susgen |
| McAfee | W32/Sytro.worm.gen!p2p |
| MicroWorld-eScan | Dropped:Trojan.Delf.FareIt.Gen.iOX@nCG7LQm |
| Microsoft | Worm:Win32/Soltern!pz |
| NANO-Antivirus | Trojan.Win32.Sytro.fvkgsw |
| Panda | Trj/Genetic.gen |
| Rising | Worm.Soltern!1.BB24 (CLASSIC) |
| Sangfor | Suspicious.Win32.Save.a |
| SentinelOne | Static AI - Malicious PE |
| Skyhigh | BehavesLike.Win32.Sytro.cc |
| Sophos | W32/Systro-AB |
| Symantec | ML.Attribute.HighConfidence |
| Tencent | Worm.Win32.Generic.za |
二进制图像
288x288
224x224
192x192
160x160
128x128
96x96
64x64
32x32
运行截图
暂无运行截图
该样本运行过程中未生成截图
PE Compile Time
1992-06-20 06:22:17
PE Imphash
8eb90f63ff7fc0bd388dac1d27b3afce
Sections
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| CODE\x00\x00U | 0x00001000 | 0x0001a014 | 0x0001a200 | 7.892082134864014 |
| DATA\x00\x00U | 0x0001c000 | 0x00000778 | 0x00000800 | 3.85836319129189 |
| BSS\x00\\x00U | 0x0001d000 | 0x00000a25 | 0x00000000 | 0.0 |
| .idata | 0x0001e000 | 0x00000bfa | 0x00000c00 | 4.866195168814016 |
| .tls | 0x0001f000 | 0x0000000c | 0x00000000 | 0.0 |
| .rdata\x00b | 0x00020000 | 0x00000018 | 0x00000200 | 0.190488766434666 |
| .reloc | 0x00021000 | 0x00001c74 | 0x00001e00 | 0.0 |
| .rsrc | 0x00023000 | 0x00001400 | 0x00001400 | 3.48566346147267 |
| .blwq | 0x00025000 | 0x00000400 | 0x00000400 | 4.987623512154509 |
| .lhdqsec | 0x00026000 | 0x00000400 | 0x00000400 | 5.331861005428237 |
Resources
| Name | Offset | Size | Language | Sub-language | File type |
|---|---|---|---|---|---|
| RT_STRING | 0x00024018 | 0x000002b4 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_STRING | 0x00024018 | 0x000002b4 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_STRING | 0x00024018 | 0x000002b4 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_STRING | 0x00024018 | 0x000002b4 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_STRING | 0x00024018 | 0x000002b4 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_STRING | 0x00024018 | 0x000002b4 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_STRING | 0x00024018 | 0x000002b4 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_RCDATA | 0x000242dc | 0x000000b4 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_RCDATA | 0x000242dc | 0x000000b4 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
Imports
Library KERNEL32.DLL:
• 0x41e1bc TlsSetValue
• 0x41e1c0 TlsGetValue
• 0x41e1c4 LocalAlloc
• 0x41e1c8 GetModuleHandleA
Library KERNEL32.DLL:
• 0x41e2bc Sleep
Library KERNEL32.DLL:
• 0x41e0dc DeleteCriticalSection
• 0x41e0e0 LeaveCriticalSection
• 0x41e0e4 EnterCriticalSection
• 0x41e0e8 InitializeCriticalSection
• 0x41e0ec VirtualFree
• 0x41e0f0 VirtualAlloc
• 0x41e0f4 LocalFree
• 0x41e0f8 LocalAlloc
• 0x41e0fc GetCurrentThreadId
• 0x41e100 InterlockedDecrement
• 0x41e104 InterlockedIncrement
• 0x41e108 VirtualQuery
• 0x41e10c WideCharToMultiByte
• 0x41e110 MultiByteToWideChar
• 0x41e114 lstrlenA
• 0x41e118 lstrcpynA
• 0x41e11c LoadLibraryExA
• 0x41e120 GetThreadLocale
• 0x41e124 GetStartupInfoA
• 0x41e128 GetProcAddress
• 0x41e12c GetModuleHandleA
• 0x41e130 GetModuleFileNameA
• 0x41e134 GetLocaleInfoA
• 0x41e138 GetLastError
• 0x41e13c GetCommandLineA
• 0x41e140 FreeLibrary
• 0x41e144 FindFirstFileA
• 0x41e148 FindClose
• 0x41e14c ExitProcess
• 0x41e150 WriteFile
• 0x41e154 UnhandledExceptionFilter
• 0x41e158 SetFilePointer
• 0x41e15c SetEndOfFile
• 0x41e160 RtlUnwind
• 0x41e164 ReadFile
• 0x41e168 RaiseException
• 0x41e16c GetStdHandle
• 0x41e170 GetFileSize
• 0x41e174 GetSystemTime
• 0x41e178 GetFileType
• 0x41e17c CreateFileA
• 0x41e180 CloseHandle
Library KERNEL32.DLL:
• 0x41e1ec WriteFile
• 0x41e1f0 WaitForSingleObject
• 0x41e1f4 VirtualQuery
• 0x41e1f8 SetFilePointer
• 0x41e1fc SetEvent
• 0x41e200 SetEndOfFile
• 0x41e204 ResetEvent
• 0x41e208 ReadFile
• 0x41e20c LeaveCriticalSection
• 0x41e210 InitializeCriticalSection
• 0x41e214 GlobalUnlock
• 0x41e218 GlobalReAlloc
• 0x41e21c GlobalHandle
• 0x41e220 GlobalLock
• 0x41e224 GlobalFree
• 0x41e228 GlobalAlloc
• 0x41e22c GetWindowsDirectoryA
• 0x41e230 GetVersionExA
• 0x41e234 GetTickCount
• 0x41e238 GetThreadLocale
• 0x41e23c GetStringTypeExA
• 0x41e240 GetStdHandle
• 0x41e244 GetProcAddress
• 0x41e248 GetModuleHandleA
• 0x41e24c GetModuleFileNameA
• 0x41e250 GetLocaleInfoA
• 0x41e254 GetLastError
• 0x41e258 GetDiskFreeSpaceA
• 0x41e25c GetCurrentThreadId
• 0x41e260 GetCPInfo
• 0x41e264 GetACP
• 0x41e268 FormatMessageA
• 0x41e26c FindFirstFileA
• 0x41e270 FindClose
• 0x41e274 FileTimeToLocalFileTime
• 0x41e278 FileTimeToDosDateTime
• 0x41e27c ExitProcess
• 0x41e280 EnumCalendarInfoA
• 0x41e284 EnterCriticalSection
• 0x41e288 DeleteCriticalSection
• 0x41e28c CreateFileA
• 0x41e290 CreateEventA
• 0x41e294 CreateDirectoryA
• 0x41e298 CopyFileA
• 0x41e29c CompareStringA
• 0x41e2a0 CloseHandle
Library advapi32.dll:
• 0x41e1d0 RegSetValueExA
• 0x41e1d4 RegQueryValueExA
• 0x41e1d8 RegOpenKeyExA
• 0x41e1dc RegFlushKey
• 0x41e1e0 RegCreateKeyExA
• 0x41e1e4 RegCloseKey
Library oleaut32.dll:
• 0x41e2c4 SafeArrayPtrOfIndex
• 0x41e2c8 SafeArrayPutElement
• 0x41e2cc SafeArrayGetElement
• 0x41e2d0 SafeArrayGetUBound
• 0x41e2d4 SafeArrayGetLBound
• 0x41e2d8 SafeArrayRedim
• 0x41e2dc SafeArrayCreate
• 0x41e2e0 VariantChangeTypeEx
• 0x41e2e4 VariantCopyInd
• 0x41e2e8 VariantCopy
• 0x41e2ec VariantClear
• 0x41e2f0 VariantInit
Library oleaut32.dll:
• 0x41e1ac SysFreeString
• 0x41e1b0 SysReAllocStringLen
• 0x41e1b4 SysAllocStringLen
Library user32.dll:
• 0x41e2a8 MessageBoxA
• 0x41e2ac LoadStringA
• 0x41e2b0 GetSystemMetrics
• 0x41e2b4 CharNextA
Library user32.dll:
• 0x41e188 GetKeyboardType
• 0x41e18c LoadStringA
• 0x41e190 MessageBoxA
• 0x41e194 CharNextA
L!This program must be run under Win32
.idata
.rdata
P.reloc
P.rsrc
P.blwq
`.lhdqsec
zr{ID^
D?^/.`X5
sqPd[dl,
B.CcE0
b3:F&pPk
ID3^/.`5
xS[L77)+
{ *aFG
`S[L77)+)j0{SW
S[L77)+j0{SW
8S[L77)+Aj0{SW
{ jaFG
S[L77)+ij0{ SW
{ ^aFG
S[L7u7)+j0{
{ JaFG
S[L7a7)+j0{SW
8Df"i6
8Df"i6
rnfSH<s
SzlM?u:'
xE@[\$)
iU$u/Xm/sgS(D
$7o,v7
?)=+AHD?
P0A2]&9
voQtj(9pBE;
Rp,AhfS
=!U^t@,z
+Rm&i0
}]\$F$V
L%*N2{
R;6^v\
A@<mN0$e#T
(xE.SO>->)+
bb:8$-
5cL}4D
S$V(A)
()+j:\oElMSb
#~v}yfQ
t:bLz+[
+qQ=`vpPe?f0g
-h\m/6`
L/p@b0K{
]&Z3n/0ndvf
yN0mIO6FoB
}]P&@z
LZdRpbD
gLe4OT
Xzl9"*a
n+Zm/6ER>
IMD037z}
X$R!pu`k=cgW
bvjSzl2+Kr:2jc.
|lM~m3PF
)o#3l8{EV
3/i7"u
XEbJXm
%DD\E0Ob
*VjS2zl
wxE"RI8
_LDFz0
ijS/gW
,JRUuOtA
x`3hNjKENG
rnObNqFg.(
e8F`Gcb`
e'yEzl
gQ{Fea
4&<T&vT.f
1Ezl<hG
)cvCVfD}S7{lMHj0|9
A<U^i9]
lLT3vU/L,T0
bpUe?bl@{w
U&Z]+)-H~+9E
_(L^%Z/,vMh
4Wm.V_#R{Flm
DRa#F4U
S1cb[>.v^
:&R+Ob
8N.IqvSH
^[-~Per
Uu.uf*
. _=DD
0a}]&?[[)~T~sDz
Qo8a;N
`v`AU9
Kcp.;=2pv(HD0
]u>)=$w{?gW
<S}UUW
b+SOwlMeg
-q"R]0
GY.(X!rv
[ktT?=zmo
Ob?7E}
>/GDj)F
7'aC4}>PM.,msH9
vq9fsxE^tW-hv
]Qc|#H
Z~>[)pb+o[
yuqg&f~J
}f+ejo
`}DiaSrlMl
:F"Uz<M[5
`QULR\
[ZdR~j4SrlMb30a
!vP&NjE
tJeScCtT
YzLZ$RpmI0
eN0mIK3
XqOe#L
[6q*)
j0xzhM
jP^oHU;nG
`0-.{zzOb\
n_q,U T
`,w+fE
26HQmqYd"
`/jScEZ
,d,Q/K
HDx?ZLb3
?RMd ^
`vvac5
7G4iZ>DM,JZ]7
)uzLZ].
SZ5bGi9.
3X6o9iZ>DDMQU9
#0adv(
yM8}>t
}]ELXm[6h
[2TNac>
oY=h_SNA
#nTer0c^
|Si)nr(b[.>)+
%vzq`SzlM
$B.88TM* =`"
Y*^RkavRVu
b3=9F`
jDnvMNmb:F`
XOm5LR>j
sX5rB53,w 5X
"i)qL]
`kTuNS/
]mgsr6
5rQ/h[5eP^jouP
lI8E0i.
F: gkF
6:FbXP
Vymh0nu
`L10n9
TS[=1%`eo`25Yb,`J$^][
QL+Of3J.
7^P0Eozvc;E*9
rEX3JbGsGM&L,gjg!)\
hke-N3Y!
Wxro*~c({=!`wqzq,e
Cim"[0.
iU}Wms7b
H?{79F
O'LJ`z1*#c5
752kRy9f^D_(
;Y[).v
e=fiax;
"Y:XTo
|Rq.JY
go%Ezb
X&Q[Dtm
gr<::5D
zw~9Iea
2mFbGF`
%DD}l2a
D/KP9`
=ZZM/Xi
_WlSZlM9{e
a\2.`vJ
b|81yak1
MXO.ETCDx<vK9V
Z1eXJQT
{:F`dyc=
*mK1x+O`{
TQVZ^Tn9
\FIHJ#&
LR-|0`p"R
={F$2LPd"
\;2j!l
tU4JO6.B
f@A0C4&)x$~2@V
tU4JL="G
{H0KU2
+-9Hj#
"3m9F`
,))1 NbMe
/5WRLx_3:F
b3}8@a
j;OOc&V
%`v?.jS
u0"3X,
~G5^o]zlU:/`
K4+vF`+W
^H|OK{
fLyGOpU7$~VXD
~U24|mysJ}
k,iY0:3@
4cx{Z%>+[
}`nY(PA1&1s
XL7Y7)+
X-{~m/sgS
mupHZ2OBF
nV0X&ANzNL,
p*0*yZn
gGoRb9jQ-k
uR7x<AO0vx)
GRpa]s
sfv>)+
iU}]E[[=a{.0{W
9F`Cde
[`vypQ
O5[#0cW+;
G]*X~i 5
&+ZL,#
Tu{:BoLd
[^p`#vNh
&BY`22}
9n[Y[q`vvznD~>{
9`zLZ5vd
4TFrLW;W
y pM;/(
sgS(+Ot8
&*tPv=
vhZRbz
*J0{<;?
?KE0%\B,
JmxLH>5P
?S`Rt4x=6rawJ-4
k.P"3z:F
,B^08p
tb:RzlM
Tr;]0a>)+mjr{k
)G`(X+V
LjNO*LpnjD
oELXmPc
`vkiUj
9;n:Z$R)XnH
#3MS0J%41f$)U
.0Zb%y
>dbcy 3{
idWP9m
fcrTe!0Fz
#3LXyc
obTgN0'x3~:G
z7Hv][Tu
Qmq J^Wev
#G8h=ct
Z^8`v)fu
-R5r$V:8
8vLG=-I_EGDzqq'
2$eGfk
Y`W5oEbYO6:
)NG=8uMXS`
v^sPu5DY
q|TZ?\/0
V"iH"W,
\}E"[\LZ,R
2Tu~2Kl
^:zF+c5
rbFl6dE
Z$'+ 2U\EOj#o.
q)EOXm
a+>9&=>u
W\EOj#o.}=n39
)ErOXm
zlqE?d
c5GKX?Xnr
2YR&azs)sRd
{.{``8ya
{h:3eo.
pr$*p=Mi
][B,iiU
J-{b7E
!VOAez
UyYZ^:
.*?(l9sElXm
6jZ*<W
() D"Rz
\H0|+m
B{/yJ]5
)8mOM?
.a{e'Ke\
g.pe'GTp5(1- [ed
](e'o0Tz[G
`{M-}atx.KXV9
2_LiOlBd
8D-alC
_Fq"@?62
c9Xa`xx8H
$]HDx<F
t_gD[LV6
/p`%bg-ge?4o7z
IXpYH0{*lM
DD`o$iC9
iXm[M:Z2X
CJAp6?4
LY[+te`Wk`A0'yCj
0$yxG{
Rq"RNx
?C9F`a@n
-EZd ^6
zlD^F@
BXmwZ`kk|SzlMS]a
KoP"|M
.%'0*@n0|N{
9tz2LZ&g5<Srn3
VZoQ/6
G}xzP"'
dmt:T0{E
hfr)=HK6k{|
N0lmMT?la7G
{SU7XZ7rVFvI
7Fp2uL/
}?tQCm
hV^x9J]X D
A)SxTseDD]
ZaM$]&
ZE/8Z_
+Ot^L8\
K1x+L6
ao8,gM
1P"'1;
bx^<`a,lBi
im VG=)[Czd
b}+IOa
[e%ETi<~mIH7:F
R:F8,Z!OJ
rKGMS=m
9|'k*(k
X'Ng|k<`a
fZ[{LXJj
tn8}k\b3
Aav!(Dm
H[{1(.
1a+]vb
>F0i56|&Zg/8Z.J
ZCm/p`
HP"!P.+^
d8DHP"!U
HOm.P"+
:8DlP"!
HO+m.P"+:y
eL7q7a{jx+?dW
8)i[Rv@
T/gtc3:2g0^
PA@;p`#
0 |`La]
2?g0] OIXSX&S
~cSejMN
~cSejMN
_"'k"(
9e.uYF
*9;F`RA'
[e>ao8
\nLcz-A-8Q}H&NQ
9=@&3@m^>W)
O\Do1>O6F
nbl0Tc18B
[TsY')XrJY8
`PF>z0K
Iun+dMlD`
$IJ,`Y
O)\eMH
Y{1)tc
zl1Sj_NC`e
t[p,QS
Ilm/kN)
E_Ql1F`:
&D.$Z pxbSeuP\E
ZyR =QK
<M2Z8\
Kk7zv{q
jpP%WDD
b3<$eP
v_l/8R
Z:Q5#/\u
P&Z?m/p
A(%/DD
v _;n[
H0Ks~Z
qnl64nM^vxjtoA
oTe04S
7G6,9S2
Zm/8Z];);W=7Moo
bslvy`
E)(LXm6,Jv
D)(LXm .6z`nK
S}WMMXewf
*tNb[:F/vyC"`${L.
&>G)mp*8
fRB"d43o"`
lSSMzLZ
a=6:FK
FF)2n*
10^2FEa
pZf9a^}
XnrO^Z%vzS\u
ddMc!UtmE"d|8D[Jx.4
bvS`UgwjC{'
iS}UUW
{la 9FGQ[=1^
3:F`3L{I
p[\d.vdTka0>z
&MXQ[0j`
H0{FM"7:F`
S}UUW.(Z[j
~UY-'XP"I
&v%^LN$
v|5t |
#OR74.
O;3Em^0f},)!
.Va@3u
Z`#vNT#EceqNbW{
c0_m]D
>RT9n8W.9,
QKmdzP[
bteDD^
oH0*y{j8F
iL{L*"MXy9
]`e _e]DSOW
#vNT#Ecy~NbW{
:/bD|j6mW
XQM,`[6
Rz,F[[
rG)km^YN
O7x+'gW
&+ -xDSJlMpg
MIjSzl
8 V"!7
EMXm[6
.=gl.2ObMO`
W}NbW{
-4Gl.qC
r#~:G8Dg"i7
8D`d"ie4
8DHd"i]4
8DPd"i54
8D8d"i-4
8Dg"i7
zlMF^Z{
W'{NbW{
-4Gl.q
E^@`f*
E^J`f*
E^L`f*
E^V`f*
E^X`f*
E^b`f*
E^d`f*
E^n`f*
E^p`f*
E^z`f*
E^|`f*
DvcXm;Z
"3:F`a
b3:F`a
b3:F`a
b3:F`a
`[Pjlr{9r+^
b3:F`K
D3^+.`5
ley1j"K^
b3:F`+
D3^+.`5
joR}"3:F`g
ID;^#.`z|5
}"3:F`a
b3:F`a
b3:F`a
b3:F`a
\D/^'.`5
D?^/.`X5
K-EH
D7^(`^05
rx"3:F`a
b3:F`a
^sd`z$5
b3:F`a
bIHE-{
b3:F`a
bIRT2uTu
b3:F`a
O^;.`5
`[Pm`gb.v
b3:F`a
D/^'.`5
D?^/.`X5
jov"3:F`
ID;^#.`z|5
joRw"3:F`
ID;^#.`z|5
D7^(`^05
ez'AU4;
Bt"3:F`a
"zt"39hSe
NrsrF`!
b3:F`a
SfEP3.?cE"
9X.@F93Z.2
?eHkQz'A
I}D^i`wTu
jou"3:F`pP
ID;^#.`
qQ`=}1{
]`e'~hS6lM<hG
Rj,U[[
vt`ck`
.Ly`7@"*]
t.EYRu,K:
ajHIPm
H:0}\M^l
81E-c0
<0}~_M^l
4x<9=B
bv*XqQl
C@,`J4
HDDm3jb3l
M!"C)]G:Nd_c!0
UYrSKxlM
Aaz81"Ld
Q3M%:)
zMXQ[D1
FBD8yNYR
&>iQ}\*
oRKE0A
HDDmJ4b3
H0coE{Q
0FV}L>ZG/8_wt
'e80*m
sH8CnSM
~y"N)R-z.E
U/=!{H.K
&`}2SzM*
5D`'|O)dv\2[7}X&
'@v$;x+/L#
":4D2)a
Zd ^DZ%)-=qD4F
iU^Uuk,`[0
sFT}S3*
`PSAjrkM
_%U5r.$X%pY
, ZL.8M
5-=|*|
`~b!6$F_o
NL2J$n
\DCMXm
GlaTeih`VKnF
]Tx=o
GT vG$T
XF'E^u!POo#W@5GL`a
a.9-o")dn.i;yh
'}T\"/L`vI].
K0GwQ^
evW(LXmi_
8evvW(LXmY
LvX2F`
9N7kbvk
T: 4x<
?l89KE-
&e=3 )
S}WMXSKA;
M1^=4u
*</GSDlMF'
P|Pvq@;TfU1}i3[
6|;Qd{[
uTf0p/Wo
:C"$)'
3|I'Dm
5w,In9
s)'aI9[
?<'8'v
R9S`d[Q8
9Y<?*D
S8S; ,)Us
'[=DTiaj
8K $>P}|"[p,,
D\~5TN/
o E:#>F-uD
_0*E;*B
fD!4I0&#r$~;JV
Qqb3${a
`e<WjRvoi8#
.KG*sW
+[cTuP3
liit!5rN/L)l
~;bu^LW)bBTPi
RGu\6U~
3S+r}>
Fl=c\hx
qJvgz+1Dy!
]^L.1$JJ
KoRZ,w
N%lQ8+
e'~;>@YQRyatySk4)$AN
kuAa6*ObWp#)9
Xm4&D*
[.5~e(qLb'\EOj#| Un
aR[7#/X>-vGc5
SYW4V&
h/yM5$ R;
eq{Fm*dfel%81x,)
9meh2[
`/:y"N_m_H
Tu#DDEn1
m;F`fcE
~8V19iA}>D
ulv+c0GV
>tBM"RQ8k
Y1+lOzf OH
=N A^-
HDDksk
rC@82F
}D b[m/
N9}`DDD
0(DOwL
WvEHc0m_6
>fyFaY
?"|,LBp
RyMR)(IXmY
MXYs.xf
b3:F`F}9
]Tc10:
OW^8R0uT
HSGRlM~
`<6zj@
cC$}iZ5/8Z
9/+</TGv#M
Xm[8ZE=y5
SPEBXm[
v|D`a9
BMW;nF2FG
B:q9m~O0-Xn,4
egqc{Y
\d`Te=
|8V0M f_)
<w6!yb
2$Qn*0
](mHS0?
&Zm/>_)\
:afhc.
:F`]X+-
/G`v= Xj{G^zt
(f[nd"
#vNj~H9
F)$ANR6@`
{\*ezLZ
%fS?WlMs3:FoB
DDnvMz
;"Z.LT
][H}>{lM
;"uKDD]xMn
_1MXTUM.kH
&c8Wy%U
zFBy.0
HxR lMa
Z$QB.,msG
GnM+3:
ZqS>)ND0n
eFR6gX#zb
(L`vJ^
<gW~.!:
!v;UOIj0k
796DzT2b3n
!vv\Mj0K0nObd
}Rv3^p` )
Gz,e\T
Xp-2.`vHA
0m a8N
U^_jm[[
_\wO2L)vd
]L/bhZ/
7g"uL%`ed}SWglM
0|0qC@
|VI<R6.Y>G(2
T|D6*q
&2Z=)}\ZsO/8,
*6*q{cm8
DD?myQo
$gTtJ^
s1`Tt:
!7T}D>
A_MAgr
*VT_{.*
Xm/&x/kTuDh
`u3W9:g
SOlMmDaz(snSE^7
,K10^2F
b3:F`a
`#vNR\u
&j%7['
>tAM'$
BF=:F`L
Zk6/>W=0E
j0xxM'
Nb:F`LC9
`OTeCDD
<R{ [<v
z^LZ5E<
l8,Q"oQ
>T`+S&lMKc= 9ci
QsYiS\lM
o7%?< #
jS lM{.(a!
O=uLz-Q^D
b3WF`8ya
T^L.un
HDDi,c
IF`8Dd"iS}UAWg
Ep>JSzzl9
uW-kR>
<x<>CpW
,vWz>LZ
9(%D|)X
2o/Fym
S$l+m$E=+
9`z~L?(a{
D8ME0AW
/s|"@q,U8o
z::=)(
"A4C2{
V8GoRN
K:2jkO
)-5HODo
]&G"R:a1)=)H0qEX5|
wDO-L@;&0 }$D
]&9az^
yy)vz,T8S .>->)+
eD_zDF
8FD-)nr,
j0*y{# Uj
xENXmzi6
d4</C8
)km^YNz vp
S&AN$R
q8W-St
0Om)NQc
&DO,L8i
11u/"yM=-~F
6>iQ}IMX
x| v]0gUDc
iS}UU[ 8W-6J>
K9S8-ya
pO\LZ%`eo`d
]E>XmT
~4HlkEP^
N4HkEP^
7HhE^c
7HTkE^
7H\kE^#
7HDkE^3
r7HLjE^
b7HTjE^
R7H|jE^
hE^=SupHZ2OzOb<
pG`T^"
TuV#om
`vvDuDD
.MuTWr
XE-Xmh
zEOuDL7J6
MV:S>K
=Hs{.{
XRJQ[=SgupHZ2O
Ob2zi!
6XE* XmPc
`vSP/4
P[L7=7)+
j0{wPW
{ aF>G
j0{_PW
{ aF&G
pXo+rr[
HJ8Kk[
j3:F`aFss
D7^(`^ 5
]Dc^8`V
5}g}!a"'^
uhzX D
zlqFL{
Zm/L#vN
uszPo9
+O7x+:
@c2FayM
]`!N1jDD7{f
V\ikOn
W:eoM]4d
;"~,LT
cN)_F1#3c;
0LRr/U[DD?m
N=t/"`yKg
~S zl9{
s*R Zm/6-eXKDD9{q
kH6lM^h
kMX UO.0x
vULz9i
s*R'_n/T
RQ[D5'v{`e/@e?Fo
Sav\`K
V>T!J:
I2ersJ
-_>dWML[89yOoeG<0m
atySk4`}
a<#OFl
8v}>)2<zb
b2io/#
PEvXmY
]n :F`
F>)2<xHj2&S
[8ZE=R5
p`v}\7+
<; `ak
&YMVnL]X
:/CSDlM[
+hv7+6n
U{-m/9-
HS1Kb3zZ&
6BQ}]&?b8K.S
upHZ2O
9/+<TKkM
8L.wvac5
W8aAh~z7
v`8#F6
9ebcG56S
D9h~z8/c}
Z/i/Z`v#tg
SgYm/sg
j9mGh1m(K`}L*0
GSslM(fp7R
40P"Cb
R9dzZLu`
xNy6i)
-W8mA/
Mr]E*DXme@g#
),Heo3
6:i})D
roUq,,t?
3DD\Ew"3v
]&Zo/L
LYeppS{lM,
vcTmT
s c[#T
v`cTT6zoR
asN SEkmyQ
Y+!;l.8#_
8u~Z[ip
s \c T
v*`T9TyoRQ
vr`Te6
b35#GO0
X7r-maDuu
VXdRtP
JF7od#
]\FIk8
.r+p(h
$T{dDg-
>_M,A]
~UT\t0
p`%~f36zC`
[ 6c&T
v$aT/T=
Ysm 6c&T
XtG|Z`v"j`K
Dj&H5I0,
ZEm0UW
MDv@Iz(5+pF>.
j.)"F@
.D`fT-T~oV
)s/ bc7&T
v>gT-T~oFV
s] *c'T
5+pjf,K"3[
'G.FhVxV.
(R?oMj
w&uN%4
gT1I0,6+Z
]&WOyQL3
)k_zjL,
wq*6*u{mI=88M
Ep>J6mM
i`u2-t,
)MS#C eL
eS^zlT;jV
)DFXm;IZ+>)+
->PM#R[[}<u
b3:F&7A
Mv_ Dn9
9)\ooq
zsBD/byB"a
_s# Ec+T
cM%E>j
|expa0=h?KE0i.oUcv,Q8g_.
l-`Tc5
<0au1(
~&%{DD7T
~&%+DD7T
={nLm/msh
0x"lM=ic"
R[/X;/a{
24gLO9
-<0I]1-
X G,D8k*.>->)+
c}l1l:L"Vp
853D0:y
shFE0Xm
&{L*{m/Z~]
DD\E#"3v
2ekr6D
r)URzHUl
6tPyhu
U=9FKy
upg3le8cao
MXm) T~
.)\e{DD
]&Z{/X9Z:J
|9tzL\%/eDDkQ
-{L"~O m/3
HK7m3fpyP
o{omY588M
)kmQDB^
?z[[`vyb^
HRmn?S2-3Un
F9r=]ERTXm[
R?bZ-v
C{9z[<3w
ubXeeFG
e0co9S+{ij
>DM,,88
pDDk9S~p\ea
e <'O0*m
<LUY}\*Zk|/>G
hYvvNC#y
&d ^p`#vNh
8tx^"oA}]E.OXmK
uSzlqi
&d ^=3%j
5N`,Dv
a }L9[
\oSbzl9U?
}]EbCXm
$Z&6?Imnb
IOPkncn|j
j=Y~b3
9dzLX%vd
vqTTJho@
+R,,Do)3
C2:yxC
Q,(W:rZ
hom9ONs:2mLE
=T&9na[S
(HDDj_`
D";n8W-R
bte04hb$
PwMcvl
)e _]9D
&iQ}\:NMX
iQ}\:2MX
g0>?WPe=gV
6>iQ}D"&MXyZ5`
&1cJX5t
e0S~lMO
d'eHA3r5dlAu
s Zc.D
9n8l.3
,Tuigc
X&QJ,,9A
}\.9f8;H.
&AJO}=L
5uS,,/m.cTn
-\J1f+N
30</GSlMc3;
jHRon9So
5E[z~ L8w`
?R[ ^0o%d
)e0<'OS
My)D-[
</GSolM
[z~#L8v`
UzM XS
_<?C0*y
2%;]re
vaCo9[N|
b3[4/a
$IF.(Z=)2oC
56\|pDm::2Ft
sXczbL#1
&l_5Z5p?EHojW
=I&QJ*
"TAS}SS
W &+[j
4</Ok?Cv`^Uf
wGZIT{
"\9oA}L*N
mGG`Uh3M
X&AZ,/
({5?UR=
ZxhAC#A
IXSmZ5p
`u.b3\+tjhv
6<xTU%
Vq'w0*
57?=}%
^=3~\1n{N
j%8j^p+cK
,It<GtBD
v0|T9TeoL
DsF c=T
XEdXm9
|6uO5L
3tPy(=jPL
flp'( <a
<:avf#xF6
)_q,T8gR.~p4'D<SVzlMl8
EX3t\~ylc
~H&z4j
[6RbP@
>lJML8`.;p
K f F\N
M0L&YzLZ,c5
<w6E&+g8<0K\E?"3v
`groUp*(`
hND*(7v.
-d_f6`L
}]h$u,u
G~b,}_
6>xlMF'5%91{9
zD~va
5wR6g#
)p/Ot<
DD?m}=t/RyM0\R
qcAFzh3 F@\
lR"M\5
ryJbfP
iS}UIW?z]
SolMK<3:}%
E}Xmz6
e0<6m1a
zlT;jV
29)DVXm;4=p
eG>iz8_w`
8Unlq/C}wm/88O?
/jyB"`-{L
:8)kmQMu^
XgaKJDM'
&6i5).J$y,:c
)g0\l6
9/+< TKB^M
5}th5i"[]8
7z`;#nf.KXT
V`pC,Q6
"A4C}k9
l&Zwm/8Zc:]
Z%`e'lS
*q'l0hA;
Xpd ^=1Tu~#B>
/*{yM%
D</OSlM
o2R,<'}.5)e0_GD
AD~^0 ]&Uu_a?^
TzBjBh
(nMX{%^
C~HR_ok
>dMNT^3%J>
~mMXyZ
)0fM2In
yy-C.&mMXy9
DK9S~h
:/bD%j6
Nb:F`/tyK
40P"Cb=>F`
S;j[:W-S
upHZ2O
{`mUvzWI]
R?z[K
(:/c{Zb
Z?/8Z%v`
`a~jev
)|(f\m
jBU/]V
{:oa)i#
F.I/#k^9kyy
EXmYYZ`vp3
BbMXMZ`vp39
M%S.7>RY [t
d-C.>R;yt
c0<?WS|lMm
YR]"b^
=9!>)CZQ[=
%I-ej0qC@
z&gLbKXP
oKQ<hG
dLt_"i
N2H![m/msH9
,M0{\EP"C2 ev
"OE/LZ#vN
EU$ub~
PZ:b*n
]{Fy/Z
Do.*3!
upHZ2O$_kW
7{H0^Mz
RraVJO)DXm;
9/+<TKM
&9dzLuc5
WxNbW{
)km^YN% v>K
v#3< t^"X
bWVj2k=?SV
6+LVyj2s=qV
m6+dVj2[=zV
pa_~6F
Vj2#=c{V
M6+4Vj2
I.hVRaTVj28
n#Xnm/KIf*
E^ `f*
E^*`f*
w^HPC2F
r#:G8yf
iS}XR,k[8#Q
)Uz2ObNa9
^%5;+Ber
ZHxRlM=mc
S7uoza\
W&Z?l/0j`
<Szl6zf
cM$bu)mp$Z/
<SzlMl
SXM^[8wpVd+
&-\8YZ
@h<3~HkBd
E-tZDz8
Z*r}e'
!F`>KEly"`
)X[d ^Dv`b]qm
<P-{Y,
nu]\s:]zl
Tuh2q2i
+Iun+9
dXr~:F`G
(/v-/]?(>]<
PDDoT9
.v[`esl
X[Q[DZ%)(8iD4F
-4x:zlM
3]^3gv
`:l.ul?
_EvMXm
p`#vNT#C<0I]rCf2:"
9iY}]E~K
DuS*?zlq)&{
apS/{lMMl8:
p`%v`Odn\o
E:MXm=
g5IGG_
~|Tc8<0}lM7
[}.$Z`'j;
H*6*u{
d}S{lMlp%a
M&3Dm/
\P:AoLc
_-Q^j*)
\`0tU
{L"vCMXQ9.
sX@&t/L
\RfK@Tu
\RfI!Cj)~Q
!#:F`G
S[rlM6fFjD T"9("m|.
^R&#vNh
lfKhUubfl
vDmgiQ
ogW.L&2:
;j;]:O)
8yJ2vx
N[6:F`
>=("mRQJN
yb0zJ&^
b3zZ&7t
RQ[EXju
qe+4jS9KX5
3Am/f5JZ
dXr~:F`G
(/v-/]?(>]<
PDDok;
9YN:J;p
r< 0=d
|k<;Eh8p
N&3Dm/
r)%*H:{m5
|[-/`v"Yea0<.
y7W DSK <)2
iV)F93\^Mgn
"W7 >fPl
e'w?jj
Ed{.eL:+>)+
b3:F`a
b3:F`a
bIUB*W
b3:F`a
b3:F`a
E/^'.`5
D?^/.`X5
D7^(`^05
ITD^(`x5
#3:F`a
b3:F`a
bIHW9{
b3:F`a
bIWG0|%
b3:F`a
b3:F`a
#3:F`a
E/MIB7J
b3:F`jQ
.IE{^W3`
`DQh{jl,k
b3:F`imQs
D3^+.`5
&IpE^>`L4
E^8`6`4
H0E[^ `Zu
H_P0al7>
^R vTc5
b3:F`3lQc
HPE^=`<4
`Cghb|
b3:F`a
^HxD^K)`
#3:F`a
b3:F`nQk
D3^+.`5
E{^/`}8&`
b3:F`a
.{tZ*e
b3:F`qQw
D3^+.`5
^/`Y8q
Z$Z_4pQc
D^(`<4
uM\u[^Lr2
t.uM\y
b3:F`a
#3:F`a
E ^`>p
MBDzdMp
^`2p@c4
-a`\ujEo
#3:F`a
b3:F`a
8u{[>}
`/.5yM
%D0){36A
RZd ^D5't
2ci-]EBXmT7.
)\ea0<bD;
'0 _EDK
Z%o}sSHzl9
VgByCx
Hu#IQ[
5/f7yM8{O
h;xOBF<,0m
]-N,T8C.
2H1P"EX5f
RDL#y^BS!d[
`0KmIO
OLZ= H0{<9
>8*}c}O
I!v]0gWn0g
R;jS#K
VR arr["
?,ML|[
0/P"C@
`MY~:O)3
Ut)ENXmK
4LuSnAzlqJ{
;LME6M
EU}wtEO5.L!
#F9paA
KK^[m/>KN|
YG4qC`
56\"Em::2Z
HTNl 0/
`.T-DP
L9+>)+
"GY{8RuJ
ka!8@wHU
</GS3lM
jSvqzl;SQR~|atySk49
'r.=g.
HuSqzlqG{
Z:.a5'
F<0xl
]&9mZL(
OJ0m}M2
,N1x+:
~pm_x QN,Q8?.#
)%|U-DzrLW;W
",IRn7'"-
pe:F`,dc
w\}na^
0l98CP/-]
e+{iB?:
@Y@FN9yd
X&9z^L
:)SWlM}nm
uSMXQ8
7)%EID
[L/|Z[rSoJvD
_qd ^DU
S}UUm/X%v
E%;fcS
`MY~8W-
De0<*0m9O"F
T0mYNQc
Nqx!CC
qNL!;/a{
ebSOlMMfhG
T7G0m=
]O.JnL
^B);"~.LT
{L*F!MXQ9S.`
HDDlxg
S}WQMX
c(RuOqL
GzlT;jV
6)DVXm;L
H&Z/8Z]
_t@,jzXC7
d4:/GSlMl
8mzc}]
QXmsH9
:/GSlM$-{
iUBR9}
B48k.H
O9az&LU
)-oH4xM!Nf&0
L*kc^[
yb<e0<zDOS~`Fr^P0
]p-uDP
.1j>)+
eEGo9V
K:8-L$
s9456\Em::2:l>J
H:9J:k
-X&AN,/
<hB`L!
#!U$ud,
esED%~x
H<R4.]K.J@
MXzNHL\5
xEX(t`vJq
&>iA}[
g0</C8W7
G`ciQ}
HS>zl9
?8_.#9n
~L>-vGc5
%4&Zk/7
p`%`eqD>
`MY~8W)f
HxRSlM=m
A-Y"rw
Li#"N_m_H([
\0hoZa =
".#~a{
eGo9f.
M#Ry8Wv
i]_d ^=
HDDhEz
Z]5`8)
]PRUd ^=
&0L!X&AN,/
)a/o 0
vs;u8I
{lw8I=!S}XR,k[8#
^DncHU;nG
!iE=L4
8*.7zvq`
]`RS,D[
')#=QKD<
Te0_FDFzk
K10^2F
D2;nzBM7
d4</G0
`v/e </G0Wz
%8j^p=cK
eItjzlM
z,rFj&
&9mR8G%;
C{bzJX{
8#F9pav
!v]0gUqD=7r:s
coY}\.kXi`Y
&IN,T[FLA
|*}lMQc
NqxiMC
@R?f8.
.jXkYT
epD>Zb
S;n[8Z-vu`em
>8MDgiS}
`J.Zu{:#W
^uDncOS
DD\E+>#3v
}]E>W)p
HPK\EOj#[v!U~5IRYW
&BY`22}
)`9n8K.S
dupHZ2O
Jvx~mU
8QKD<rLW;W
MXy msH9
?K:!U^D@,J[8Zh`etD>9
&1cf:_%#
ly:L"Vv
:53Uz
E>}L.N
:/bD%j0mJ
^Dnc9S
X%b<GU
4x'Qpm_x QN,Q[VLC3
>TMd{QL:(c5
@H:2hL"
]EXmS%
j.)Xe}f
`; 89`
<bDCSOW
bve0<zD+
HV[GG#MrT
Vq],Y>G)
e </G0gz
dDDurLW;W
es8Z;[f|
WHYq,P[[>)+
v*ksUm/
k9<-wk
&(0{<Gv}
-=v&9q
&|RWQ[hv
`5}]HR6
Z+bv7XuvDD\E
[\]{^[
'^L%vz6
S$V 6b)
YM0(;R*n
J Lo<}N
9[8:.5BxbQc
2|zs,Z:"[$R!/D*J0{<9
WKkq@2+
0ml>Pl
}]EGXmYZvt`em$
Le4=!U&2t,/
`3)(yH?
&[8Z>)|
l=8SX6
WeN_TE
U}>hMXp}T+O
]ECXmU
Uu0m]C
hGn0xl
)%=QKyGz{g
`OE2%%
|m/8Zb
j.dDgM0-
U_qd ^=
]\eenyg
rCL;l8
`/*Ky.
s(R_T&`YU
!9{\f8c>
iS}UMW
/ lMWnhEu
M=_Xm/
1-mQCDu
Lh-"%<rD
Pvu`eT]
v #3l!B`UzP
|rH<R4.[8Z%
TF3+Ob
Fa0A9z
qg+DD}l
zB+ y>
&1cj/+h `
U}]&+[8
eG<Dcz%
21S3.D:
c0RP^=3 yp\m_%DE
I9hvj,`@
`vh1yk
6kE&(&:m[8o
!A}SlMQ
Zmv:T+S[lM
a{yop@
}&Zl/0i`
+(0O?9
rG[gQ5
PHUN`738
}?@Mx]
u`v)8
8?KE0M:'}>T
^d ^Dvz`/<S~zl;e
Y7 a#T
w\ezDp3
{LeHiL
9azrLZ4%j
S,c[8Z#zxblkhC
o}PmSIP9
?*Rh,j[+d;J
]`eb>{
b3:F`#Q{
D3^+.`5
L#3:F`a
^Q`x;<z
efSjzl?P
u<}ryvZG#MrT
b(Vcp,y8\'fvt
b(3w`M=!<\&D5z
#vNT#Ec}UObW{
sv&G,[^[e~b
%^:?C)M7
_zjfLU
t*km^YN
vHR{lY'd
g >/G8RqJ
:F`fc.
eli8*}^'
'EDkMW;nG
e'w?|*
cH0}NgLE{OS
oA{F\"
h2~qU$
=3 vP`e&d<SYzl6zuU
GT`qUS
&mGo9F~l
*:%;Pb.
zMX%b<2U
Rq#F9pa
9j8A.X
8{ m9agpP0M:
9GU^WUMX
jSmzl?B*j
*F\$R`eVDW
H0K\W
$]&ZG/8B[!
^EBEn}HU?
TmS QlM{
6}9[[]
BMf.E=
N]b3Q?m"N_m_H]
c{FV}J
JN.Bl%
}J:MXzM.
p`%vz`
P"E$/F`L9
iNmgMP&
yV>F6M
/exoZDCy
bte'DDEK
<SBgY G
&ZC^89Y
tiorLW;W
&|zzMZu
$4<:0*
Ft3i#T
$_{l.i
e5&Q.
V8R%>)\e54D0wz%8j^p,v
Zf.[%v
r4"\EOj#o
ELXmsg
WdBf3)
Lh&v.DD6
]@RW,Z%~v
2P_%VE
C&D,X"Zb
RjmMKjc
NLXzM>-a{
es8Z;[~l
`; >G.3
upHZ2O
UybA-)zL
,p>zS*{l[
OMTZGy.EW.a
"7lI8}M=]
]{lm/`
[wb.X,
<+6*m)
WQ[=1%vxb
GdM=ic"
k.R[b.XZ^
T$0-N$z
&D,,::jE/)
_H0mG%;c\P
2GFzbe
;LME0E&.
|-}ODPyz
j92P,N0{<
WFlEJ`]
n[Pm/p>JUuN`+j
21rzD\<
6Jr!/X<0
VEXUSevTt
dy0<i6gL
+OtjzlM
HDDkX{
qjF{<:~bdNe4mLK0
.J,J[[$Ce`Q*
kSzlq%
,Q8F.DRMe`K
_IMXTUM.k`
cLi>3yC
>d\Md{M:-vGc5
upHX2M>
HDJg1~2O
1&AB,8
KJ%3u9
$AB{LZ%v
<?O0={|
)e}n0C
Md>_MR
NObflU888
GLj2xg2nvbG
NLXzM,
g+6*}{mY8=i[5
22 31z
KBZ%~v
\+SOllMv
c0_DFzlc =
4_-3Vb
2u8G%3
omuS+53U~AB
GT^[:v
1}Z`3b;Q
^I`H.4
iOD0:a
ypuACC:6M
2:5'UzQ
}D69j8
Sl9[fp
X{jmgN
<'c0:q
fTe </CS"lMyfP
C%?N!9
-H0*y{a
l :L"Vb<(U
9SR:F\
R9[n\5v
Co9Cl=
{L.LXQ9cW.va
,M0{<9
\Tt@8Y.
>B5?&9
!v]0gUtiWzb
N1,5?n
C,fxG`aEu
IeH}0:y{
7IPK1K
c}l:L"Vva
)7r.,pG`v Y
M%(&IN[[H89
&Z y/8Z%
_]DSOW
na{BDF6M
/eGDDocQc
NqxQ<C
SqNm1L!;/a{
eG<78yx
=1%vzf
{5;nUF
/<iS*zl"a@Ea
L[][`vv
wObQ{F
pwOb{F
o9S*:FRa
R["^`vJ
M\>SMy
j0*y{?
|oH<R4.]
-)IDrr[X
`J$n'#
g'YGO]rCfnP:"
0xniMeG,8E
rbl}8R:
](-HP4
/_jR6rq`
QOmSamM%vx5|Bd
L/9\]5
x?KE0}]&W,Q8[U.r!p
p`%#/T
b2:8vLb
G0RY^X Z6)-
HY`>B3
f!v]0gUb07Zr6;
B{RFda
cM)&AB>9
IYl/{Q
:#36;,
!Ur65sSYW
-VDxHLh
<mzC1'
>/G~ObW{
>@IM,J9Re%Uum.W
j0*y{2a
NY{8h\ciQ
UZoQ53Uz
}\"k#Il/
#MctE;P
/yoA}>@ML[
dr>l{5
S?j8kl.{
O9az.LU
-+Gik9d2:
6<Szl;e
/Kk`v)X
#3lY8UzP
|BH<R4.[
OlY^euoZ
_iDS;U
R[E.X;/a{
)l:L"VO`
!j>9 {
,D[[=kvr`
j0*y{
+t-aDPOW?
}I*49hn#E
)\e5<*0m
M<l:L"V!HQK
`e`+SJmM
)g%4</G0:q
!S}WeMXmz\
]b:H6kzl;
`; EM.3
HY`1]mM'
[&AN,"fz\e0_%FD
k(vx>@
&:iD2}L*4Z"/8G-[4
~Ym8}.&w]
2EDmnT
]f"Hgzl
+)8LXm[
OyvI{H0
=(&zYm/9n`
)e5 >/S0*y
!v]0gU0O
J9fr&\,Q[K+
j`m9SkGhQ-(}\*49n6
9n6 y`^`
Fm9~Qc
6.kD2}L*;[
HKG{i%;~9\P
l6/GTy`DxBLm
8ce>JLub
9dzL={
Tej0}M
9{X&Z/7
^CXtRvzhhh
luUc!0
g >/G0*}
8 9#kQut"X7
:/bDgj0DqK
IZ+>)+
zR2 ;hc
<jS{l6{f
)\e'4SPmM[2 ;fc\P
](HK2F
7L#F6aGm)h
,</0/y!ev3
Qa,U8 0.#
)\e5_1o
I6{2 ;Rn+
-{DPOS
.%'0 AK}D
}L9qzNL,
+6*y{mi88S}XjR6d`
Q:S6zlK22;BM0
3)m8_jE
8#F9pa.
T<tupzxU%8j^pDfcKy(n
ll/CI=p
F>/CaObW{
CE1XmY
o</nMWv
<j0mL;
>tqzxBOW?
}0Om:v.
fv[5PvlB
-QGo1nb<
9b88.3
Kjcl889
Ni@nW=
}0Om7fx
b=H&A,,ma
L!9+>)+ak
__jR6 h`
MbkL:2?D
)\AKlMWFxR
vx\9o_
2 ;PXa
dE=I+O0{:
8W6)e54_
mp,Z%~
[zO0{:
`YTe0<
*! DD6
x$AJ*$
Uo1"0:FGyD)r
7)\e5<?C2?
1(F9n[Kw
j`?mQD;DNsi
M<V}L9[
KLCeD>@UM
.v>nEFY>D[M
9Vs(8kM=ni
9j8O.9%+
10#F6kGm)h
}L*+MX
[)$)\e5
gSeYR'
*2U~6.h
I6mzvp
oMLJ[`.)
,Q8_C@
MXT2\-v
QHDEKjcl
<mzC1'+
?y:B"`){D&
:/bD'j6mg
=#T$6"u
M\>([My
/HPv{#jo*
y:-Am)WQ[=9\
\}>M/Q
:QK5oz%
>QKUVzz
9B 0}L*
mlV oZrm
d9n8_.`-fD8}N2vx
bV;F`L
C.RqnX
LB\%vq
M1&)9n8
]+Sc0mMKoa{8
4xspm_x&9b[
v`/~xKw
icl/Z%
8#F9pa
En{T;jV
GT9M<~
CK8tEqYm[
K9tzd,
iU^T@,J[89m
]{ewED
7Re,pg
I(uD2k
2b3E_n#
9dzZL:w)(t
e <'C0m-L
cM!0)?niZ
{L"6LX [o>K^
_5`qGv
S6uw99
]`eO?2.
`9`+OtjnEX3Ou4
;J8D*;J
}vrN@i
-)&Z^8Q
<0}YMhpd
ZG=.:Qv
p`%`e~V
M-9_DDn9
MrDNXi^
6<Svzl9
WB'_ T
)<(HD0)
hc^hLS=m
0}$AN,sf6+
hp\}%;nG
6w2e0Q`
@,J[8A
&$Z%vz
y2!S}UYW
8Zn1aG
,,dd]t+O<yk
]osQ Z
UKQ<hG
>i.P&Z/.}T
JF7n,`Lld@"P
#b0hB
LkM4"O)
-,tOU/L9-
`}SzlM
<<0g<l
6}vp.;ZXp9T*J0{<9
5]Zd ^@v`
GPH&q,2
lvm`eSEDE%
)HZP^=3!t
Cxq$Z/@&v
l8'["N_m_H
S)R7`R8
$IiHbz
b3lZ8_"
@^\xwkW
c@Rao8
ZLX +i`
kcf~"3
D^(`BiZu
mUu.uTz
;KE0M:
W^t4k5Y
7>c,j~`
`vh1x+<{c^
rb/H:2hP9
40JX$w,Q8L.>->)+
IBqQQW D,zf
`MY~X%p
D0*}{\
Y>P{M"Rs
<w6E&+f8<0K\E
M1ND)Z'o/8U
%?myc{
vQvt(X41
^D5'vK`erYr
]n<nSylMKbG`
0a}]&9q
\i8sMl
3U~hKV
]U) #`b\
<w6E4+eGY{
UM}L.MX
Tuj& L=%;1{
]`k`9S"{l7
.R7x+zlM
b3:F`8yb
m+z=/vW
ukz6)22
s|LV_F`8yO
HDD)UE;
y~BuV*@
,r.$FVf$
zbBwU(
yzBWI%@AT
B#`8yx
Nj1c2Q
cC$&|4@1v
HDDyR].
t!gr{=aXm/
zbBuV*@
$po}*B1|
qjzlM5
HDDu[a
zuh=*^L.o
ut)-a^L.f
V:F`8y
Qg7w5k
HDDbNl
B#`8yA
4no)v$,sN
1:Z#O6i
0/yo{+b
HDDL[g
cuQxv.qN
DF{clU8x
&3cn.LAh^
S?2n.LT`
01<GEz
qrH9#F9pa
?"n.L#
.xTQUj{:
6TNoQ%.@
X7 n/[
>|qM#R&8
)rLXzMZx
)(LXm8:.~~\
kHS"{lZ
oB(y"N_m_H
-+DP?{
a.{\^a9
DD0$hW
,HkmQ04^
EDcZx9(P^
)km^YN
&R[h>W%F
v|E`ak8
uDD\EOj#L!Ur
HQg7w,|6
)RRY.x
U) Qm/`xT
#H0.;slM.r9f]H
I6>C{lM
{$ 9#]
f:Ez{C
tX=]eDD
gw22MD=S
hv`k-H6>C{lMM{
|f8PGXm
%|]H(HGXm8;J.
j6>?plM
cb3|gLf
{RZ;1.[5Z
fP2$A
eC=G`aRgL
EO-rLZU)
rZ6>C{lM{d
9 )km^YN
?rrh=I;a,
HDDlRg
HDDc[o
s(R7[l/
m+ObW{
]`GesDD8oLbF:R
i)RFYm/6
mM{sLg
sR)R['<
j_";X3{
+^{F;y
GLm/k"a&:U
`/yM!O
1=D[oC
>UMOe&L
E/Ym[>W-Ff\
D:/WSqlM{
X#;l/9
]`c0_!E
t+{F.x-
.e"3$W
#^g`N4
IE^w`jl|4
#3:F`?Q6M
Ep>JSJzlT;jV
Runtime error at 00000000
0123456789ABCDEF
KERNEL32.DLL
KERNEL32.DLL
KERNEL32.DLL
KERNEL32.DLL
advapi32.dll
advapi32.dll
oleaut32.dll
oleaut32.dll
user32.dll
user32.dll
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetSystemTime
GetFileType
CreateFileA
CloseHandle
WriteFile
WaitForSingleObject
VirtualQuery
SetFilePointer
SetEvent
SetEndOfFile
ResetEvent
ReadFile
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVersionExA
GetTickCount
GetThreadLocale
GetStringTypeExA
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetDiskFreeSpaceA
GetCurrentThreadId
GetCPInfo
GetACP
FormatMessageA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitProcess
EnumCalendarInfoA
EnterCriticalSection
DeleteCriticalSection
CreateFileA
CreateEventA
CreateDirectoryA
CopyFileA
CompareStringA
CloseHandle
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegCreateKeyExA
RegCloseKey
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantChangeTypeEx
VariantCopyInd
VariantCopy
VariantClear
VariantInit
SysFreeString
SysReAllocStringLen
SysAllocStringLen
MessageBoxA
LoadStringA
GetSystemMetrics
CharNextA
GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
7project1
IniFiles
"RTLConsts
System
SysInit
KWindows
UTypes
SysUtils
SysConst
^Classes
3Messages
CVariants
$VarUtils
QTypInfo
sActiveX
8Registry
KFAr_%
Y3&ss.7
KOPiB
*7bsD3&
KBWRR#
KJJT^=
0Is&r"
KqkMVoA2cIs6
KEIG94!
0acfrd&qIJ{qIJsqIQB
UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUK
EGCW'2
zr{ID^
D?^/.`X5
sqPd[dl,
B.CcE0
b3:F&pPk
ID3^/.`5
xS[L77)+
UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
G&O*z6
4PTvey
.#[V#1=?S:
zP N;Z
"DnWWo&H:
;_B#Fa
Ja1;K RqH~J)
a|S!jAI+ZL
f-,W.Y=
M#{>|y
Y:iI{z]P35
`y}",1
J a`Pyeh{iSm
:s9dEp, >
UUG!QUCd
r) Ri}!LcTHrB
un0Pg=E
bKs5V6P
9r}[lj
:2_]l!ZyA
A!+0!=&0HA+Y<
lW85C"9bN&u
[1<(_5
L](8Ta;b.d
.Ec9'bLat>)
#BKEvL%t4n5Y;;
;_T[ca1
|I.LnK9`KKv
Muk@R#yX`
8ZgD.:!R
7T[74Q
vC-Pl9&
23_AK31HXgJ
>~GM#]
T-/*yF
(e@|BFR
/.)OWY
g.=)tp
X`"|;'
CH8jAe8\%
^g?lS,-'
7pSpSo
2e>x;61
naO<7S
%1'+! g4
S"](F$xo6Nt|k~)x
=Tcs6%
.Vp?,_~XH#Mb
[i|`=4!{
:bJrk+RV
"j4dc@
7sdK%g
f{q$g+
LkXk2pQ'5
/[27S<e
y=kI,p
~HrOG08&tKCO5U?
9q'8u#
w#|!kns5
I2|u;kL
qM"*my
iQ<VNA`
)/,Rf0
-/n<1aS9X+T1%;
mP@5i6T*
Hb!W~A"UFUO
K;|k3hHH*X"9Og
it=442
""|{vCJKF#{
P|#czD;~+*
3MOmXdP~
PD[xrQ
+#/O`9>
c+:Y*"~
DH'7pJv"G`TBF
c"(vVK7zI6@fr|:
A@>:iZT
j8et+R?
^AG'mPYR;
4s=5 I
XJZ<GG~r
gL2*{?[
pNJ,/0F
r|;rT\y
jJOznp+LD
~zSktQol
9s{[+DQJ
ye:</c
`]@,R@l
hc)wT|
7gV5 gn
qe8@"(ajMg$
l}<;vJ
OAP=B.};";aG
<Owj'7L
x3L<vw
^`lotdA
gNU8 `
VJ)]]^|
{h?T3Vz
@u=9V!RJPp3YmyO
E2^\e-
&R6U1_H
+(".^qj
-%~S2eo}o
m2IpzY$q
dD^6CZ
9gS`YGB
REz|k3Kr
-x34$H<QD-j7$:L
}@hXY>e
iQiWP$RK*
Po~Ua8o~Bp,
93xQ&v
]%%_HX4
V&LEZ4}zl
g_9Cp|
oUs,q
#Et5x,
<$7k`"5
#-m?7srJ}
k =E#YFMZ
s(2<nzKZ
D�V�C�L�A�L�
P�A�C�K�A�G�E�I�N�F�O�
L�i�s�t� �i�n�d�e�x� �o�u�t� �o�f� �b�o�u�n�d�s� �(�%�d�)�+�O�u�t� �o�f� �m�e�m�o�r�y� �w�h�i�l�e� �e�x�p�a�n�d�i�n�g� �m�e�m�o�r�y� �s�t�r�e�a�m�
E�r�r�o�r� �r�e�a�d�i�n�g� �%�s�%�s�%�s�:� �%�s�
S�t�r�e�a�m� �r�e�a�d� �e�r�r�o�r�
P�r�o�p�e�r�t�y� �i�s� �r�e�a�d�-�o�n�l�y�
F�a�i�l�e�d� �t�o� �c�r�e�a�t�e� �k�e�y� �%�s�
F�a�i�l�e�d� �t�o� �g�e�t� �d�a�t�a� �f�o�r� �'�%�s�'�
F�a�i�l�e�d� �t�o� �s�e�t� �d�a�t�a� �f�o�r� �'�%�s�'�
%�s�.�S�e�e�k� �n�o�t� �i�m�p�l�e�m�e�n�t�e�d�$�O�p�e�r�a�t�i�o�n� �n�o�t� �a�l�l�o�w�e�d� �o�n� �s�o�r�t�e�d� �l�i�s�t�
P�r�o�p�e�r�t�y� �%�s� �d�o�e�s� �n�o�t� �e�x�i�s�t�
S�t�r�e�a�m� �w�r�i�t�e� �e�r�r�o�r�
F�r�i�d�a�y�
S�a�t�u�r�d�a�y�
A�n�c�e�s�t�o�r� �f�o�r� �'�%�s�'� �n�o�t� �f�o�u�n�d�
C�a�n�n�o�t� �a�s�s�i�g�n� �a� �%�s� �t�o� �a� �%�s�
C�l�a�s�s� �%�s� �n�o�t� �f�o�u�n�d�%�L�i�s�t� �d�o�e�s� �n�o�t� �a�l�l�o�w� �d�u�p�l�i�c�a�t�e�s� �(�$�0�%�x�)�#�A� �c�o�m�p�o�n�e�n�t� �n�a�m�e�d� �%�s� �a�l�r�e�a�d�y� �e�x�i�s�t�s�%�S�t�r�i�n�g� �l�i�s�t� �d�o�e�s� �n�o�t� �a�l�l�o�w� �d�u�p�l�i�c�a�t�e�s�
C�a�n�n�o�t� �c�r�e�a�t�e� �f�i�l�e� �%�s�
C�a�n�n�o�t� �o�p�e�n� �f�i�l�e� �%�s�$�'�'�%�s�'�'� �i�s� �n�o�t� �a� �v�a�l�i�d� �c�o�m�p�o�n�e�n�t� �n�a�m�e�
I�n�v�a�l�i�d� �p�r�o�p�e�r�t�y� �p�a�t�h�
I�n�v�a�l�i�d� �p�r�o�p�e�r�t�y� �v�a�l�u�e�
I�n�v�a�l�i�d� �d�a�t�a� �t�y�p�e� �f�o�r� �'�%�s�'� �L�i�s�t� �c�a�p�a�c�i�t�y� �o�u�t� �o�f� �b�o�u�n�d�s� �(�%�d�)�
L�i�s�t� �c�o�u�n�t� �o�u�t� �o�f� �b�o�u�n�d�s� �(�%�d�)�
S�e�p�t�e�m�b�e�r�
O�c�t�o�b�e�r�
N�o�v�e�m�b�e�r�
D�e�c�e�m�b�e�r�
S�u�n�d�a�y�
M�o�n�d�a�y�
T�u�e�s�d�a�y�
W�e�d�n�e�s�d�a�y�
T�h�u�r�s�d�a�y�
J�a�n�u�a�r�y�
F�e�b�r�u�a�r�y�
A�u�g�u�s�t�
E�r�r�o�r� �c�r�e�a�t�i�n�g� �v�a�r�i�a�n�t� �a�r�r�a�y�
V�a�r�i�a�n�t� �i�s� �n�o�t� �a�n� �a�r�r�a�y�!�V�a�r�i�a�n�t� �a�r�r�a�y� �i�n�d�e�x� �o�u�t� �o�f� �b�o�u�n�d�s�
E�x�t�e�r�n�a�l� �e�x�c�e�p�t�i�o�n� �%�x�
A�s�s�e�r�t�i�o�n� �f�a�i�l�e�d�
I�n�t�e�r�f�a�c�e� �n�o�t� �s�u�p�p�o�r�t�e�d�
E�x�c�e�p�t�i�o�n� �i�n� �s�a�f�e�c�a�l�l� �m�e�t�h�o�d�
%�s� �(�%�s�,� �l�i�n�e� �%�d�)�
A�b�s�t�r�a�c�t� �E�r�r�o�r�?�A�c�c�e�s�s� �v�i�o�l�a�t�i�o�n� �a�t� �a�d�d�r�e�s�s� �%�p� �i�n� �m�o�d�u�l�e� �'�%�s�'�.� �%�s� �o�f� �a�d�d�r�e�s�s� �%�p�
S�y�s�t�e�m� �E�r�r�o�r�.� � �C�o�d�e�:� �%�d�.�
%�s� �A� �c�a�l�l� �t�o� �a�n� �O�S� �f�u�n�c�t�i�o�n� �f�a�i�l�e�d�
F�l�o�a�t�i�n�g� �p�o�i�n�t� �u�n�d�e�r�f�l�o�w�
I�n�v�a�l�i�d� �p�o�i�n�t�e�r� �o�p�e�r�a�t�i�o�n�
I�n�v�a�l�i�d� �c�l�a�s�s� �t�y�p�e�c�a�s�t�0�A�c�c�e�s�s� �v�i�o�l�a�t�i�o�n� �a�t� �a�d�d�r�e�s�s� �%�p�.� �%�s� �o�f� �a�d�d�r�e�s�s� �%�p�
S�t�a�c�k� �o�v�e�r�f�l�o�w�
C�o�n�t�r�o�l�-�C� �h�i�t�
P�r�i�v�i�l�e�g�e�d� �i�n�s�t�r�u�c�t�i�o�n�%�E�x�c�e�p�t�i�o�n� �%�s� �i�n� �m�o�d�u�l�e� �%�s� �a�t� �%�p�.�
A�p�p�l�i�c�a�t�i�o�n� �E�r�r�o�r�1�F�o�r�m�a�t� �'�%�s�'� �i�n�v�a�l�i�d� �o�r� �i�n�c�o�m�p�a�t�i�b�l�e� �w�i�t�h� �a�r�g�u�m�e�n�t�
N�o� �a�r�g�u�m�e�n�t� �f�o�r� �f�o�r�m�a�t� �'�%�s�'� �I�n�v�a�l�i�d� �v�a�r�i�a�n�t� �t�y�p�e� �c�o�n�v�e�r�s�i�o�n�
I�n�v�a�l�i�d� �v�a�r�i�a�n�t� �o�p�e�r�a�t�i�o�n�"�V�a�r�i�a�n�t� �m�e�t�h�o�d� �c�a�l�l�s� �n�o�t� �s�u�p�p�o�r�t�e�d�
!�'�%�s�'� �i�s� �n�o�t� �a� �v�a�l�i�d� �i�n�t�e�g�e�r� �v�a�l�u�e�
O�u�t� �o�f� �m�e�m�o�r�y�
I�/�O� �e�r�r�o�r� �%�d�
F�i�l�e� �n�o�t� �f�o�u�n�d�
I�n�v�a�l�i�d� �f�i�l�e�n�a�m�e�
T�o�o� �m�a�n�y� �o�p�e�n� �f�i�l�e�s�
F�i�l�e� �a�c�c�e�s�s� �d�e�n�i�e�d�
R�e�a�d� �b�e�y�o�n�d� �e�n�d� �o�f� �f�i�l�e�
D�i�s�k� �f�u�l�l�
I�n�v�a�l�i�d� �n�u�m�e�r�i�c� �i�n�p�u�t�
D�i�v�i�s�i�o�n� �b�y� �z�e�r�o�
R�a�n�g�e� �c�h�e�c�k� �e�r�r�o�r�
I�n�t�e�g�e�r� �o�v�e�r�f�l�o�w� �I�n�v�a�l�i�d� �f�l�o�a�t�i�n�g� �p�o�i�n�t� �o�p�e�r�a�t�i�o�n� �F�l�o�a�t�i�n�g� �p�o�i�n�t� �d�i�v�i�s�i�o�n� �b�y� �z�e�r�o�
F�l�o�a�t�i�n�g� �p�o�i�n�t� �o�v�e�r�f�l�o�w�
Process Tree
- 0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe (2948) "C:\Users\Administrator\AppData\Local\Temp\0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe"
Hosts
| IP |
|---|
| 114.114.114.114 |
DNS
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
TCP
No TCP connections recorded.
UDP
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53179 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49642 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 61714 | 114.114.114.114 | 53 |
| 192.168.56.101 | 56933 | 114.114.114.114 | 53 |
HTTP & HTTPS Requests
No HTTP requests performed.
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
| Name | d81bae146047222e_windows xp serial generator.exe |
|---|---|
| Filepath | C:\Windows\Temp\Windows XP serial generator.exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 51635040c11a804f883000bb895d65c4 |
| SHA1 | 4693ee422d905b36ee8b49a79e5a8ad75664af5a |
| SHA256 | d81bae146047222ef4d88793dfd2182b958e3d5659d5fd5a9d198ee14d2d4221 |
| CRC32 | 4E090CE5 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9590aefce6fe9ce2_internet and computer speed booster.exe |
|---|---|
| Filepath | C:\Windows\Temp\Internet and Computer Speed Booster.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | c6b8bcb1471f9fd80523944028b5ca24 |
| SHA1 | 0ae12948c2f2e8baf4378f139220de1da0ddfe4e |
| SHA256 | 9590aefce6fe9ce2021b276b12191a478ba15909a8e020c1f9c66ff33deef0fb |
| CRC32 | 9255385C |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 688c8d19609e51e3_[divx] harry potter and the sorcerors stone full downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\[DiVX] Harry Potter And The Sorcerors Stone Full Downloader.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 3be915052c1a6b9828d13a0a1423267e |
| SHA1 | a835241ed77f3c775da279a01d4736b6a08c160f |
| SHA256 | 688c8d19609e51e3622d787f3921e33b06c54e7bc2a7e3cfee991d6d31692963 |
| CRC32 | 321AE109 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | cb912a9029e32c71_cat attacks child full downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\Cat Attacks Child Full Downloader.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | ca1ffb1247d746f66dad0e3c31c5cc5d |
| SHA1 | 8c9f1c0d2cdadda7c0736d20000a6f6605c4c106 |
| SHA256 | cb912a9029e32c71fd60d7d0816c12f6a2cfddb0db77b3f97850b05a4a5668b2 |
| CRC32 | 86EA718A |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3f73c8841d20b664_star wars episode 2 - attack of the clones full downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\Star Wars Episode 2 - Attack Of The Clones Full Downloader.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 54262a0ad4a6be1b759ea0ccdbce9f3d |
| SHA1 | ebc51293b9c3e88b59557b0301500c0dbcd903b2 |
| SHA256 | 3f73c8841d20b6640af1636100a1b752dc39e64c42157b84b9cf2d1c5c3e8528 |
| CRC32 | 05054B7A |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c72b3b57038cb436_[divx] lord of the rings full downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\[DiVX] Lord of The Rings Full Downloader.exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 74f0289b4eff4b2ef43037a998da5c53 |
| SHA1 | fda81981ab217e5cdb3e582a83096b3a31309a3c |
| SHA256 | c72b3b57038cb436e7ed722714784cb50ecc20136772d8c91defdfa58630a3ca |
| CRC32 | BECAEC3B |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4e68bcc9c2d03beb_windows xp key generator.exe |
|---|---|
| Filepath | C:\Windows\Temp\Windows XP key generator.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 90dd364a4ce49580f1c1812c5c8b0631 |
| SHA1 | d3be8135249ea40f75c91b7e00f9ed48dd28a842 |
| SHA256 | 4e68bcc9c2d03beb60376713fa6f9834d8e6bc2f8ea51eabdb354d065582d56c |
| CRC32 | 633B1C48 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 2ae31e0ecf432ea9_gladiator fulldownloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\Gladiator FullDownloader.exe |
| Size | 132.0KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | a41aa4a2bac24fcf62d9c1f9576cc24f |
| SHA1 | c85131fbff19087c322bb40bb1a5a4487ad0830b |
| SHA256 | 2ae31e0ecf432ea9a6895a3e73e966b64c684af68567da8e591cd57a1a67a1a7 |
| CRC32 | 88CB5759 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8dd7be53115ce069_hacking tool collection.exe |
|---|---|
| Filepath | C:\Windows\Temp\Hacking Tool Collection.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 2855dfef9e1a3f91c7d2d4efc51888a3 |
| SHA1 | 0b11f609eff771c0ad4ba31ac26fd15d5b56d702 |
| SHA256 | 8dd7be53115ce069b3cdcff3881705d9dae2296b22dc62fc5e4448def1cefd65 |
| CRC32 | 33E097BF |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0fedc992176a9770_warcraft 3 battle.net serial generator.exe |
|---|---|
| Filepath | C:\Windows\Temp\Warcraft 3 battle.net serial generator.exe |
| Size | 132.0KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | b7a1ecbcd8f4100ead50deea66d5e441 |
| SHA1 | 5067f8b089b34aa5173a5bc8ef84c867b9c47b35 |
| SHA256 | 0fedc992176a9770efd370a2830af1a9fe07fdd5dedbb3bc1c5b29a194c11c3a |
| CRC32 | 9C6164C4 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9d4a5ed6e8e9f868_aikaquest3hentai fulldownloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\AikaQuest3Hentai FullDownloader.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | dce54afd0bb0921d17dedaf76075ba49 |
| SHA1 | d62c2f565951c9665032e52892198b45871a27d6 |
| SHA256 | 9d4a5ed6e8e9f868279a7bba379ab8564b67ae1b29116b0a4029c6c65880b3fe |
| CRC32 | 57688FD8 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b3cd8defd92b739e_grand theft auto 3 cd1 crack.exe |
|---|---|
| Filepath | C:\Windows\Temp\Grand theft auto 3 CD1 crack.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | a203ea76c27200e96ddf043927352e08 |
| SHA1 | 1cd5626823bdbe94c4b01a76172810739201d52a |
| SHA256 | b3cd8defd92b739e789d97f02724a006b57a69b738a01d3311cfeb48eb54a637 |
| CRC32 | D87ECB38 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 33fb041cb295457e_hack into any computer!!.exe |
|---|---|
| Filepath | C:\Windows\Temp\Hack into any computer!!.exe |
| Size | 132.0KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 4778b645951c6330d2310620ad45d4ef |
| SHA1 | 632e6c157ea878793433bd6633194bca88166c76 |
| SHA256 | 33fb041cb295457e3adf6d15e76f738aa3bc5c4b38145642dc1adbe208e42d26 |
| CRC32 | E27FA0DF |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d37e35187ba6715a_shakira fulldownloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\Shakira FullDownloader.exe |
| Size | 132.2KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 1a8ee2495c7a858ec680ecfdda91a81d |
| SHA1 | f0c4ecb021cf1f81b5a2423d2020f1dc04cca3d8 |
| SHA256 | d37e35187ba6715a5de9cb0167d1c436ed0e1b12662c0da585950edd4accbe19 |
| CRC32 | 827D5117 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b946f99537cdd3e6_warcraft 3 online key generator.exe |
|---|---|
| Filepath | C:\Windows\Temp\Warcraft 3 ONLINE key generator.exe |
| Size | 132.0KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | a29dcac893ac3c32f39ebe26b8e0e493 |
| SHA1 | c5bf88120e7a9c6c752f7f31792993f26b9eaa2a |
| SHA256 | b946f99537cdd3e6215e92fd8915d5d98c8322ce02e4d47fcf740a68878dbe92 |
| CRC32 | 67081DA7 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6025615a074b5f11_britney spears nude.exe |
|---|---|
| Filepath | C:\Windows\Temp\Britney spears nude.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | ecb2057b8995c9084c3a8aef051673aa |
| SHA1 | f3cd2260416fa8def9c545c7feae32eeadeca01d |
| SHA256 | 6025615a074b5f11083e5b512a2b3be1dea5c7902e597ff1f4798905c88fa31b |
| CRC32 | FC05AC65 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 71184a40b6048b6c_sims fulldownloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\SIMS FullDownloader.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 0892ed2fbc5bac4381da19428ecd8399 |
| SHA1 | 8540c712af45230a61d03e69aa015b0d139c9513 |
| SHA256 | 71184a40b6048b6c69f946264af981e65e12069f5783b8a51ce8650d41723d63 |
| CRC32 | 7CFD68FB |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 487bf26b991de887_zonealarm firewall full downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\ZoneAlarm Firewall Full Downloader.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | bac128287f50d6317a3fce14dd06c643 |
| SHA1 | afa389e0a9a0d60c606b4b5bb2ef1d731670989a |
| SHA256 | 487bf26b991de8871b703b240949e4c23cc649ad4116c66925e271d2fb183927 |
| CRC32 | 0A7619C6 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c0201d84b0d1d76a_moviezchannelsinstaler.exe |
|---|---|
| Filepath | C:\Windows\Temp\MoviezChannelsInstaler.exe |
| Size | 132.0KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | c2a203a1e7eb35d4c5c8299cc363d62b |
| SHA1 | d4c4f7976867bd3175302681d71c4ea688edf019 |
| SHA256 | c0201d84b0d1d76a9a8edf125861662784f4dda900817e59d04e85b98569daec |
| CRC32 | A0A345C2 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b7b3a04968f75ee9_microsoft key generator, works for all microsoft products!!.exe |
|---|---|
| Filepath | C:\Windows\Temp\Microsoft key generator, works for ALL microsoft products!!.exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | b1116fff96cbd5dad62708dc282dd7b1 |
| SHA1 | a8fb6eefcb5ed029f30d882f21016de6d72d20ca |
| SHA256 | b7b3a04968f75ee93c5f8dc24f9580b46c6065c6431052224f2298ffc5adb3a1 |
| CRC32 | A968C1DA |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4448447852c7c329_quake 4 beta.exe |
|---|---|
| Filepath | C:\Windows\Temp\Quake 4 BETA.exe |
| Size | 131.7KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 8444a02672435afc8e4128321302f6ca |
| SHA1 | f6b778a968c5756c61a49f5eac5e99f2882c51de |
| SHA256 | 4448447852c7c329bb0115522ad47de7ccfe7ef9d42451ebfc417d21bbdadfe9 |
| CRC32 | E944BB7B |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6c8225f9f7e70512_star wars episode 2 downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\Star wars episode 2 downloader.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 1b76675f5f42e9fab328b4ab38c86576 |
| SHA1 | 4937c9c736276945487b7e8480b70d91230680a2 |
| SHA256 | 6c8225f9f7e70512f380f37ca48ee99112d0d55fdb7a7b88f6275b172fa75988 |
| CRC32 | 5C896B2B |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5ca74a46cf984524_windows xp full downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\Windows XP Full Downloader.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | d9be731489ef2d801b02a642c9891998 |
| SHA1 | e44b49296b6706ebfcf73c061bb2660b9b3208ad |
| SHA256 | 5ca74a46cf98452415acb0dc6eb52653058dc08034f1db8f878690e56d4dec71 |
| CRC32 | 246A137A |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e1644b6214103501_starwars2 - cloneattack - fulldownloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\StarWars2 - CloneAttack - FullDownloader.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 41b0b91b4a2112353eaeebb4ebada9c3 |
| SHA1 | 06dc2a3e2e0afedc49f14fff2c4ede1c6aa4516a |
| SHA256 | e1644b6214103501dee73a4dc2af0955d57c4c5ceb773ec096be37270f489386 |
| CRC32 | 1B33F775 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 96a84bc25cf2de41_msn password hacker and stealer.exe |
|---|---|
| Filepath | C:\Windows\Temp\MSN Password Hacker and Stealer.exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 965534a2ff4bec0240a547097f0a03c8 |
| SHA1 | 3377fa70eb726bd78e225a40870197e4c3020c0d |
| SHA256 | 96a84bc25cf2de4149d60109023364391f32c9c9c2b49b3424f327c697359333 |
| CRC32 | A5BDD0DB |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0353e3bbb7cd7512_gta3 crack.exe |
|---|---|
| Filepath | C:\Windows\Temp\GTA3 crack.exe |
| Size | 131.7KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 398ca925ffafa7c1b5bc023b3d3f905e |
| SHA1 | bbbe5ecec9eafc7cdbaa1efcaa39a3fd80abc932 |
| SHA256 | 0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869 |
| CRC32 | 79EC061E |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0d304d3f7bd9b02f_aim account stealer downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\AIM Account Stealer Downloader.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 858386c3ea3d415f2d8d03bf70c71c9e |
| SHA1 | 938795a8c58a525291fbffe8583d3e4bcbdb9395 |
| SHA256 | 0d304d3f7bd9b02ffde6b9e9d46bbbbfc5a6bd60f03d351fe1690d2285e79945 |
| CRC32 | C7DAEE21 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | fbbf9de9bd1d12ed_macromedia flash 5.0 full downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\Macromedia Flash 5.0 Full Downloader.exe |
| Size | 132.0KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 5037f72ce431ab250e651074cfb1dd3e |
| SHA1 | dba26d7db5566bfdf4168e562868ed117b472656 |
| SHA256 | fbbf9de9bd1d12ed5f926dc34fdafed9466d4c3a82d55c43e37f929e6b913837 |
| CRC32 | F8CC245B |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4bf2c119e8c4d88c_divx.exe |
|---|---|
| Filepath | C:\Windows\Temp\DivX.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 7dcbc0888b25396c2629e21fc33b77a0 |
| SHA1 | 75348392d654c2f85b10fd4ab10fab38b9a7fe71 |
| SHA256 | 4bf2c119e8c4d88c52e9681804292ee125260a98893f24942e92e9f17d3e96aa |
| CRC32 | 57AC8A56 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e20a6266adf73037_borland delphi 6 key generator.exe |
|---|---|
| Filepath | C:\Windows\Temp\Borland Delphi 6 Key Generator.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 1467caf4f8c18d0f64ba74fea2f820f9 |
| SHA1 | 5d1eefbd9fa0746bf2690b50bac220ca6adc81cd |
| SHA256 | e20a6266adf73037cf514f695569709c4984c8b6232248096c5650c2060028fd |
| CRC32 | 5B9F2AD3 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | dda6cd456bf5365e_kazaa media desktop v2.0 unofficial.exe |
|---|---|
| Filepath | C:\Windows\Temp\KaZaA media desktop v2.0 UNOFFICIAL.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 26f5c8afed20c73d0b7e01ec5e923082 |
| SHA1 | 4a95d78445441a4c5f2d14853f23d546abec4299 |
| SHA256 | dda6cd456bf5365ee9659b99ba8eb0a7de7244dcd08380fd8a8f5b19617c213a |
| CRC32 | 2B205140 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b73496e14e4a259b_cky3 - bam margera world industries alien workshop full downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 2a62122ad0d74f532a79cd9cbf431425 |
| SHA1 | a2bbc03e24f072e70415492493101592c09e7728 |
| SHA256 | b73496e14e4a259b7b9092bb8e0b94de826c784e394a2b66f3fd3ca0fcd5a382 |
| CRC32 | 431EE33D |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 13070368deec4684_key generator for all windows xp versions.exe |
|---|---|
| Filepath | C:\Windows\Temp\Key generator for all windows XP versions.exe |
| Size | 132.2KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | a9cf68da06e976e6f92096ed38d34d15 |
| SHA1 | 250388e94c149d6b47c5dc2fc161dec11e02abbf |
| SHA256 | 13070368deec46845b6f9c6c444853f451b541d5cbe5f268df0b4dd9839c73b6 |
| CRC32 | 1A94CEA1 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 18a1fe723658f5d6_microsoft windows xp crack pack.exe |
|---|---|
| Filepath | C:\Windows\Temp\Microsoft Windows XP crack pack.exe |
| Size | 132.2KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 948a5d171a618b7f0711bfdada4a7ae3 |
| SHA1 | 60e8475fe1b5af7f9e76cf770fb18e317099df1b |
| SHA256 | 18a1fe723658f5d668cd8c902704d4666e0a8afc1a2eab8a70235f91f777d908 |
| CRC32 | 00E0ECAC |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8ae783e04dd54cde_ps1 boot disc full dwonloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\PS1 Boot Disc Full Dwonloader.exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 1afcc76b1138f480382ab0f134f190ea |
| SHA1 | 1abf716065a7aa5b4e43b2b6595d8a0130f83218 |
| SHA256 | 8ae783e04dd54cdee8a742be45b22192ded96cee8fe901fbe59d40c0202e9ea2 |
| CRC32 | 094F0D84 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5ccd84021143f13f_half-life won key generator.exe |
|---|---|
| Filepath | C:\Windows\Temp\Half-life WON key generator.exe |
| Size | 132.2KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | fd3ee1483586635462dacff3a44be78c |
| SHA1 | 3acfcc02245a2f118cbe627b2642853cd2795ab5 |
| SHA256 | 5ccd84021143f13fa6f49bb1759c158cc73326457441c903f25c1127aee0ff69 |
| CRC32 | 031ACF41 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f91548a027a653d5_xbox.info.exe |
|---|---|
| Filepath | C:\Windows\Temp\Xbox.info.exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 10de64fcdc7bb50ce738bea51bb3e59b |
| SHA1 | f9f82902291b61032301b1895915bf7f4789b176 |
| SHA256 | f91548a027a653d59fcb234cab7f5a4cc2a9cf19a54202a73a02478e17d95fc1 |
| CRC32 | 6784B5D1 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 110b0d928899106a_lordoftherings-fulldownloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\LordOfTheRings-FullDownloader.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | b7f9cb870b2dbe25b6f668a556434ce4 |
| SHA1 | cba2c2f555d82f14bbf7835edaac4e9b3ad33709 |
| SHA256 | 110b0d928899106a407384d1381122426c03c01a0eb088bc0d5f8e65dba3f52b |
| CRC32 | 7C0BFB0C |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | df713f2851c7343a_winzip 8.0 + serial.exe |
|---|---|
| Filepath | C:\Windows\Temp\Winzip 8.0 + serial.exe |
| Size | 132.2KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 3b4d6742a3596fef0692d2a5be21ae4a |
| SHA1 | eaf455a80e589280a7cd57e5a42e3e0fdd2fc577 |
| SHA256 | df713f2851c7343aeec8495fb8d6967d8065206a502fc9c859113c71d7684bbd |
| CRC32 | AA96AFE7 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a6cb04629fbac485_spiderman fulldownloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\Spiderman FullDownloader.exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | d9125ad8d81f08d60174bd115c91f73c |
| SHA1 | c5b9792d8245bdd25e835a15469f30f17d513c5f |
| SHA256 | a6cb04629fbac48528b4982208ff889eaa7d0a40dece6d65c63a033507aacd79 |
| CRC32 | 61DA5F4F |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | bf3ad3d89474b41c_how to hack websites.exe |
|---|---|
| Filepath | C:\Windows\Temp\How To Hack Websites.exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | e669c839c6933d71cd826fbc56f4a6a3 |
| SHA1 | 5a3ff1854add2c8326c068e6f4d48a5cea5caa41 |
| SHA256 | bf3ad3d89474b41cdf49a97cc344de56ec93a2f2072a26f254544ca0ab2067bb |
| CRC32 | 02E5C1D9 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d190424c9b8cadf5_half-life online key generator.exe |
|---|---|
| Filepath | C:\Windows\Temp\Half-life ONLINE key generator.exe |
| Size | 131.8KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 1452cebbc1fd136cae28a7b31d5b7199 |
| SHA1 | 4a94daa1f25fcb62d2ea06bd5b716d7c70838662 |
| SHA256 | d190424c9b8cadf5dd53aaaf79df5ab57f2a5efb9d899eb41b7241539879e46d |
| CRC32 | 282011DF |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c7d74eb2ba25ffad_scarymovie 2 full downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\ScaryMovie 2 Full Downloader.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 77136145926201ad22e74f4afb9d7a00 |
| SHA1 | 31036aef60efef83ea592092e4b3c6eac76ea0bf |
| SHA256 | c7d74eb2ba25ffad60b2206be4f78da793270dde3cbbfa8a122c02febad6a45a |
| CRC32 | 3DF395B4 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 920464d5f229e719_macromedia key generator (all products).exe |
|---|---|
| Filepath | C:\Windows\Temp\Macromedia key generator (all products).exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | edf68e6ec1f75bc5907f439fb18add29 |
| SHA1 | e24042a2dcaca80c2406ee34604a19871344aa67 |
| SHA256 | 920464d5f229e719469ca4036ca749fc8aa63e2adbafe4fc6fa641c296b88736 |
| CRC32 | 102945AE |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a5d380bfc8021acb_battle.net key generator (works!!).exe |
|---|---|
| Filepath | C:\Windows\Temp\Battle.net key generator (WORKS!!).exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | ad3b4086ff827988771a700391c15002 |
| SHA1 | 6a8d86595c4cbdac2ea8e9ebbe7c9f3a222e9241 |
| SHA256 | a5d380bfc8021acb4e539e62a161de2f894c50108f76883a9d038fea372d7412 |
| CRC32 | 8C300CE3 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5040ff23445f92ec_jenna jameson - built for speed downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\Jenna Jameson - Built For Speed Downloader.exe |
| Size | 131.7KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | ca6d798231dee744d3d9db9e8b783e53 |
| SHA1 | 45d3aa74c26869858d49c9d37b78758a123ac20b |
| SHA256 | 5040ff23445f92ec75849c95745aeb8dd9b7d6a40c3bed46c48185a8bb64cc17 |
| CRC32 | 28743EE8 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f1e5eedb283179a0_sony play station boot disc - downloader.exe |
|---|---|
| Filepath | C:\Windows\Temp\Sony Play station boot disc - Downloader.exe |
| Size | 131.9KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 85d9d8097efb585e66e38efcc4b21612 |
| SHA1 | 4aa07ea63b5c0edd2665fd98321ea6f568f9b084 |
| SHA256 | f1e5eedb283179a079df838b9165cdf847e07a33670428410077a6c8251433ea |
| CRC32 | 1F79A618 |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f21ae3c769f932a7_winrar + crack.exe |
|---|---|
| Filepath | C:\Windows\Temp\Winrar + crack.exe |
| Size | 132.1KB |
| Processes | 2948 (0353e3bbb7cd7512c3a9bd83d99c8f15d500c8e188585a7bf809800ae542e869.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 168d5ebea641efa798b1ebdfc3e70a66 |
| SHA1 | 5f1b08ec2d5e41c0314ecb3081213cb7bd1e2d6e |
| SHA256 | f21ae3c769f932a743d69afce246495db1ac2c11a965f8d48f039c1dac9ee46c |
| CRC32 | AD1DA9ED |
| ssdeep | None |
| Yara | None matched |
| VirusTotal | Search for analysis |
Sorry! No dropped buffers.