1.2
低危
DACN
0.12
FACILE
1.00
IMCLNet
0.84
MFGraph
0.00
反病毒引擎
| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| Alibaba | Trojan:Win32/QQPass.949d0065 | 20190527 | 0.3.0.5 |
| Avast | Win32:QQPass-WK [Trj] | 20200121 | 18.4.3895.0 |
| Baidu | None | 20190318 | 1.0.0.2 |
| CrowdStrike | win/malicious_confidence_100% (D) | 20190702 | 1.0 |
| Kingsoft | None | 20200121 | 2013.8.14.323 |
| McAfee | GenericRXES-IH!3D5371DAADC1 | 20200121 | 6.0.6.653 |
| Tencent | Malware.Win32.Gencirc.10b0cd35 | 20200121 | 1.0.0.1 |
静态指标
可执行文件包含未知的 PE 段名称,可能指示打包器(可能是误报)
(2 个事件)
| section | |
| section | petite |
动态指标
该二进制文件可能包含加密或压缩数据,表明使用了打包工具
(2 个事件)
| section | {'name': '', 'virtual_address': '0x00001000', 'virtual_size': '0x0008d000', 'size_of_data': '0x00014200', 'entropy': 7.944740004557047} | entropy | 7.944740004557047 | description | 发现高熵的节 | |||||||||
| entropy | 0.9906739736563792 | description | 此PE文件的整体熵值较高 | |||||||||||
网络通信
与未执行 DNS 查询的主机进行通信
(1 个事件)
| host | 114.114.114.114 | |||
文件已被 VirusTotal 上 58 个反病毒引擎识别为恶意
(50 out of 58 个事件)
| ALYac | Gen:Variant.Ulise.40861 |
| APEX | Malicious |
| AVG | Win32:QQPass-WK [Trj] |
| Acronis | suspicious |
| Ad-Aware | Gen:Variant.Ulise.40861 |
| AhnLab-V3 | Malware/Win32.Generic.C3054432 |
| Alibaba | Trojan:Win32/QQPass.949d0065 |
| Arcabit | Trojan.Ulise.D9F9D |
| Avast | Win32:QQPass-WK [Trj] |
| Avira | TR/Crypt.XPACK.Gen |
| BitDefender | Gen:Variant.Ulise.40861 |
| BitDefenderTheta | Gen:NN.ZexaF.34084.hiY@aSF4JG |
| Bkav | HW32.Packed. |
| CAT-QuickHeal | Trojan.Mauvaise.SL1 |
| ClamAV | Win.Dropper.QQpass-7194329-0 |
| Comodo | TrojWare.Win32.PWS.QQPass.AZF@5jtl8l |
| CrowdStrike | win/malicious_confidence_100% (D) |
| Cybereason | malicious.6f7e9f |
| Cylance | Unsafe |
| Cyren | W32/S-f105df27!Eldorado |
| DrWeb | Trojan.DownLoader12.31656 |
| ESET-NOD32 | a variant of Win32/PSW.QQPass.OWD |
| Emsisoft | Gen:Variant.Ulise.40861 (B) |
| Endgame | malicious (high confidence) |
| F-Prot | W32/S-f105df27!Eldorado |
| F-Secure | Trojan.TR/Crypt.XPACK.Gen |
| FireEye | Generic.mg.6fd73236f7e9ff9d |
| Fortinet | W32/QQPass.WK!tr |
| GData | Gen:Variant.Ulise.40861 |
| Ikarus | Trojan.Win32.Dynamer |
| Invincea | heuristic |
| Jiangmin | Trojan.Generic.daulr |
| K7AntiVirus | Password-Stealer ( 004b75691 ) |
| K7GW | Password-Stealer ( 004b75691 ) |
| Kaspersky | Trojan.Win32.Scar.oetk |
| MAX | malware (ai score=87) |
| Malwarebytes | Trojan.QQPass |
| MaxSecure | Trojan.Malware.300983.susgen |
| McAfee | GenericRXES-IH!3D5371DAADC1 |
| McAfee-GW-Edition | BehavesLike.Win32.Backdoor.cc |
| MicroWorld-eScan | Gen:Variant.Ulise.40861 |
| Microsoft | Trojan:Win32/QQPass.G!MTB |
| NANO-Antivirus | Trojan.Win32.Krypt.fojgcs |
| Panda | Trj/Genetic.gen |
| Qihoo-360 | HEUR/QVM19.1.B565.Malware.Gen |
| Rising | Stealer.QQPass!8.F7 (RDMK:cmRtazp7S7NMjMelT+QKe71NjtyT) |
| Sangfor | Malware |
| SentinelOne | DFI - Malicious PE |
| Sophos | Troj/Agent-AMTH |
| Tencent | Malware.Win32.Gencirc.10b0cd35 |
二进制图像
288x288
224x224
192x192
160x160
128x128
96x96
64x64
32x32
运行截图
暂无运行截图
该样本运行过程中未生成截图
PE Compile Time
2015-01-28 21:36:24
PE Imphash
f9e8597c55008e10a8cdc8a0764d5341
Sections
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| 0x00001000 | 0x0008d000 | 0x00014200 | 7.944740004557047 | |
| petite | 0x0008e000 | 0x00000308 | 0x00000308 | 4.033120167407879 |
Imports
Library kernel32.dll:
• 0x48e210 ExitProcess
• 0x48e214 GetModuleHandleA
• 0x48e218 GetProcAddress
• 0x48e21c VirtualProtect
• 0x48e220 VirtualAlloc
• 0x48e224 VirtualFree
• 0x48e228 LoadLibraryA
Library ATL.DLL:
• 0x48e230 None
Library GDI32.dll:
• 0x48e238 BitBlt
Library gdiplus.dll:
• 0x48e240 GdiplusStartup
Library MSIMG32.dll:
• 0x48e248 AlphaBlend
Library MSVCRT.dll:
• 0x48e250 atoi
Library ole32.dll:
• 0x48e258 CoInitialize
Library OLEAUT32.dll:
• 0x48e260 VariantClear
Library SHELL32.dll:
• 0x48e268 DragFinish
Library SHLWAPI.dll:
• 0x48e270 StrToIntExA
Library WININET.dll:
• 0x48e278 InternetOpenA
L!This program cannot be run in DOS mode.
f$L"E""E""E"YY.#E"J}&E"Y,#E"MZ& E"
c& E""E#E"J
7E""E"#E"Z)`E"Rich"E"
`petite
R*"ck%
LBB$)2B$L
*+#Xred
9XAMx1
rt+-Tp
IWY/YDY
Fb;k.b
F1 Dqi
.LjAQN2l
HBk8)96
PTL0Nm
!0nz<V
qiF{B!<
3tHE0@
$)Kb
6M+]Rn
[r&725dt5G
BDES8k^#Q|Gi/
B\&>,M8]
0$&OAk
Q*V={3*zETv>
,iS{es]
Z#d4_r
$~X'c"{
6&/4%^F!Ubet
&\x9" \P0 Ry.
|{,Q S
usDfBsO
~P ;F"`\-B
.56s>Z
Y&;JthRj
?Q^PD3
VAeoA7
:tB3cb
o88]hJqe
I!OkD\D
FdY)bv<V
" &)Bp!k
iMHzy!\A2
:SPitb<
/%JK)j7 daVdj
!1,'j+B^
F5uIDy
]:]omVH
74Cl:QhD
LZokzgVS,1
O&A74#0v@LV
%#=stV
3:Q/"+jI4e
HB.IVvBQg,h
-l BfOp#
r4D8V}.r!8
,,h]JctxZ
;YpBC@
n e]
lUA>dW
Iyy`M
#tvUJ;\8(8ANCb4
m4$mDca<
Fu`!V]
Ct2_L]Hr'
RP0 ;G
:nJON-nn)
c|xnP
=_ksW$\&
,Ib#YB_P
I>Gc`X
+20_7a
s-c`%Skr
Wv.J`>
L#PU`7-c#
D(Y_zA =
,n|j"!i
E#CL9,
!4k/lRD
C.Xcq}@
9].aB
Ru75CLE
R\[Jd-_
D,;W&<~
Oc@YCc"
t^CzL!YSD)}k
"NY;#0lkrsTb
:-@dFAWk
*|0i#b
&hWdY#
"x'a&
kN)Ve*UT`I
>M]}(
8VI@Wc
4XSiA!_"0<Z
OIT$z*7
)Vkjhe
zTZ)tZ_f
4Y`1RA\
Cm?S.lm
\2M}}QQD'2Q
vMW%41M_B5
\gi6.U'Wu
-/D5R\^
K~2Jhzk
D P~8R
_w+gc}
( |^nP
1(FNT'Ds6+
1h}*X*E^E}ck
p% SqE
Hf ks1
0TX/uk
{$+O(q:jGO
D8A%/QAv]
~mG5_;S/
$u15*5
JHZTh~
02,t.9
D,/LGtE
BUsDb)*4Ypj4KV
dum}EJ:I,>9
pd$Y\\A
$U>MdA
pK#AU7bL
WE3FB``wC
>(Q%["
i\OrL f
=,!Xx/I$I:5
Z\\E!C
^Fx0dgI
Z{y)6#
a4K[|R
)*t3eO
y}A*Wd$
4fOH.l
+j: p)
1e&"J KboCYkiP
32,xzZ/[b
3dl|W@
} D?!?p,WK QD
!K)r0a%
)kDj<F!y
(@9S(s?
zHtIz|qP
[`1R}1$NB)b
G%Ilmna%ls
r0L:%he#
U(c`5Sc
6I]B`jR>(nn
LBLuAU
e(&8Oi1
V[Ru#-(4[i_
Pul5Gf}%L
^`)3::!!
w y~2{ p}
ATFfH8ZW>]M
V/4?CV
#]Z.v5tn
=y={85
Q6Lk5a~uLX\ y<.9
*{A/U-#
P`ZQQHxGO
VjQ4)T.C6dC
dC6d\*4a8
6XDA4)_t)
bX;w]+!?PQb0w
z.7j_F
o}1l\'
?A}1lw
evTW'`1X:/j
6 !):4
e|DW;}vvW-
rWY>Fu~u b
4OW/@SGy}Txq2
O}r9f)8`W
($8=W$oGD
{_ul]@E]
6@naX_\
Js$1mk3}e
}7Q/h0
sN!5?[U-Ze<c
DOx=I?
C<B}@d
CF%ei/YD.
Q#1FK0C
r,oadf
AF_wTHy/7h}X
8"|=_=
&w]]v`z
BC2=GC
Q\.jZ_C
"&>A(
F.D,~0[
u-o?tW
k4Z^3gn
uy:2hSJ
CA T7O
(Bj4cj
LZu!:r
]}hrg+
s!r{!e
S9T,~3zx`yA@X"
b`hQc}l\sn:ShO
qHCvac_ws
v,\>D+f
DA<0l5c<Sk
V(Se]e
w#tlR3
`c+Zu%
UtlWHWL
.Ix|l;[+[
+g);}&&
]a7w c
s*kx5];
`^$6,~
Wp#U0BPw
W.ZoP$'M@^S
bF]` u[a'
B%14(LU0?P
Vhb+2rLf`qlWFE
tPR1L!8PAdj
bb9P YJ
!@1vafn
qsp[s)HL3H{+HU
`9G;d3n
Cd~FC0Q
.CA$Qgb8
)^R^5D45DS
!N=yQ}
]?=$EU[-UP
8KU-L
?h|}Wic
Y d}YA
*:|0L$$PQB$$S$$$-
$$?8$$)'$$ )$$
b[Vqdt(l
N\ABtbb
4-,T .&)9
Cy`94j
faAfcR|Aep
*~m|$
IK>QU
W}#CPNR_|
) *G@b
>t]wj3D
YC2b D5r`
WqvQU?rV`%
S,ShKIk*{
,*0!A@F
no62!l=? 4
rRTA@
hO9TG1
j:5sPQP
Z$:3vwC
p3Md[e
c{A}Pf
9ojF"}gs*;
2B .3"m
0gNmKb\R
NsZ"& 4
=6xPS1MCt1J
tk0((Bhqj1g
#!22[~aC
U% c,?T-
UG+ x:
)uTDL^
_E=bFr_
B+)Q(N5!
dWYk}~
>ab.!j!n`&d
+ -oU*
]p9ULG
L{V}3fVH| I2-
GE*y(sl7
qe_xc;
)c~5ZvWAoqeo):
jsrqi}q
?PtD!$
S;Dxz|{
q0[T@)
&JK8 &
8?~]UM!n1
>Z.UjC.~
>R8QfaD
_(y8W@YG{tC}]
r;*!>C
+fRz]:`2
8u>u$;t|p6[
pwwzmsN
qG^q$I
}}z] B
AA>fIO}>*}E
LuE]E;0
j=W[/s
x$-FmH
OKPM="
rAQU8jZKrouiy
?V@FYC^C
)*T"~HE2cC
{u6?P{C
{,Zh]W
3?DJ^AA
^AA\AAR I
W ]2#
Wch1g%[!Y;A@2qI
vU"e<f
m.U]g*Q
aW5w1CAX0
vxSyvYvfu
fuX]'/{F +r
B7N=n+H
A^ ja3
A*G= !:O
rw_O1SvwP6
C pLH`r]
@6+B1a .6
?_ht>B
d\? 4a_
,6uAG$b,
B(@3EW
\vuz9VR
x?Ed, IAB@w
Y2_!:>F _Iq&C
&(4GbNPZKl
b|M-@#h<i1tl bvmQWu
[3PL'LTAJ
P$j]\(P}?}zh^%Sp05k
h<R]mAD5
j=P]R`Pm
,$r%L;
6w,,X>
~U|d2h
_.}w(u.)\YEs
]<0O[O
e >4Qv
y"`+:Hfc
6 )j @7
/'kd- H=E
qTCTC8
]Te{E*sy
1'!U`8u
{W(]VzL
c{>cbZ{6
y14HQY`WK3
9(;Ewq~
q-,WOo<k{X^U'
&?3Ttq `ANllA
U,8oD8
: D+A8wz
2*&C!4z 97
{l_6 v
(C@g4<<
fo(bp`H
`}4Tx]
}A+>178
.XAvA x5>4vZ
}8&?.2,@B
0]@D,MV'&U
F|;AN]\@0u`U
HuCYFB$Q
P>gC(YM-%v~w9
SApNv~
8U<[#A^T[$?_|
A( HA!4?=d
lmR)q]&
:R{t B K
~>`n! H4
Vt !8i
@A-vA!
Yaj[UA8[>
!V1v
!AT&B v
WhgcAfjA! jAP
CV6dC6
Ym:Q7j
=OWGZA
^z"*,}>.A(T,
M]C3/T
4O,\!+
]9$]gx
n2w:)eL
)AK k6oI
{*h<r9
L#PAhr!V
,*o77Pf&[
AvGVH(sJ
ZL b7o
$Y<#-K
v B Jh&#E}sm+?st
6\[S*_A6
J]`Z&fu>~
4 A|PyG
*AU+B?tF^C\En!16
C@AAth6!|1<_6/&
%>m1]t
OQB'!4
VY`9oa
?P}0'^
~V`a>k.XR&0:Q#7M'
1]e#xKM
ZUN:u/U!!6wcw
wX1,]W
-5<%s6BE#Tcr
_Z|'Y}
QqDSCD
fsVlAQ$+"P
(NqJIy
Z9DSmqcR?0
[A%qz6.V1\NS
PKD_rB*
|n]+UgO
[AEbAfw]
x!GLlat
@P.!e"_WH
^mz ~
LbZq`W
A6< *{7dC
l!!bxA
sQhhvH0oa
q#R8x}
2K`DS5&\e
BXds]6;%
UsO-kz0Qo
-%& J]
,T?C^X
vFh69N@<
<j'E4B<
fP41*|N
7R~P5
;L|?-|
o{3 bg
}D>TQ>b(
NF.@z3g!
S8[:NGz
IvQC64
A$vU6}+v
qs.?(Pvw
HW6+gp]EW]
a\eWzZF
mI~.V[R'[
aS8ai'
)rfQ)4x
N6~xfQ (BQ=jC
"U6G2v
UALC&3~;0y
NQ4MS8
4G VA4
441dAR
`XQz;1{@%
ESj{.H~
~%d0FN
0<ujtuM
zB5aC18
k*giT5
aA^A0A|A
t "$ p
eIe{YaRz
_db(\\
?PY n'
YyRA7D
,s^RVt
.ypRThi
\A2U](
DANp0bL
LKQii(]48-Cm
B>|UC/;:!
u&1An\3nKK}
U!V8xlAmNuwP*x
q_}].r]p
JUU1_K{@:
=:~|t:P5
x]D L0
PJSyW*
9`ZQ<Kf.m`6
YMt):A
&0wdVo
/>u_p_
OW"}L]+}
Ip<N6j
+f{^Z1
_4R_.Esl!-X
Vrd!Vdl]Ow_
ua'$0 :y1ju
AXH"_b
l*u]bh$
HTM1;LUZBj
^0`)z<X U
~QX 0"Tbx
U/WJeA
&ch"Nx82
&bZVLA6
bsHp+uNv)5
8Fy! tb-j C^A
#N*:uk
,6\Sb Yu
ZQ,j3]5w46V
dDGoM[
*H]5vz
}h!F%awe
iIq\[uLqo
9]dEkLYq~
eXNRGmp
1U'+d/r
b*t*"C
wupuI"T
>#$V+:`"iK4)6&'/$+{8}
qcC!~^
"w[PQEncd
I@/"?!.U9# E<
84XBj6
#umVQl
mKra;H{
V``3Wi}
EcX[.WjEE{
pGACe_'W[NWy
I2<rHO3C
ZU:`FW
[(+8c>
CSC`_)
.._..|
..h;k.}Fz;"|+q`7gDI
K&oh$I%u
4=twiN;W((sp$b#
6oCPoQnp
i|E_#U+5zs]"e
gZWHlxj,@w!D
B`.&vA;
0JHw<8C
A1W}>o
~A<(i.mA
=Dt)AJ
|08UDmI!J1ou34y
M@Wu{ 00
*^]$=@
5T%CcvB
$I@DC@u@)nM'g
Y/tMc%<0
A 9,:lx{/
Jl2t2?TsdV;@5=&
l.jA2hiB_U
upNF^#D~qT:Z8YTw9
K*_<PC0~=0d
lAQ@_'!,L
NULmJjC-Ao
b;@;pI*bBI=;06
4Zp%L{
b>Q^U](v;
C&}FV
Ueu,WTTr
e\P6>}
bA~AVA~A~sA~A~-
tC~nC<+B{wD/u
_PVgo^6$EBK1
Hw{k;ff
I>GMR#
`xYC*wR#FI
]S<)gj
I="K^WZ
O`3IUl_x
fk{($Q'Hg;;xO
pmdy_H^
BOa56Qi,7&^`]]
n'unRUc
*bXAD|H
! ]xtm
0X991]8j
pc.Mq}`ax:
-&S?x8_P
:t7%vt}
:I6FW>
;<<cIh*
Jv!X1,
R@7ec-]w
q>.bBpV~
a\h{YP;
w'x[ kH
4D91?
x1b.=SG
PIwA(z%da.$uBc2P
s[]"\v1j0
r<B w]
~.Xy%n
J1KbP'7;s
PzW6f<@0@_/
B[@f*OR
P(B ~Hs
*O U}R
WeSqEgF
v>xHP(%@
c<.H?HrnWU
aYI]gI
B-ISW,6#ZjA
+E3~<"F/v+
.v1f&w
` 5Xy<&*K
<wbjE-RL
=|d=?FfMC
9>N%ltE9W(=)
e*";7!G
2 [H`HI*3U
fH;(lA
&GY2niWt
u+Xq6Q]+
^:<z'-
Tzwx_Oqh3
L6Ck(l4gC!k
QWAvCw
DT/,nZ
Fu7>;V
"$$!6/
V` 2}O
J/=~KCt
9zVJZJ<
0W$_tW75t
:+]wUg
. %-gl
_mwwG>D
54c=O6XKy_Q
\8G+u8
rk$F#m
SCL!p"`,k(
3O0#|Z
VQ.v8.
Xx8k:}
X004J3b
QWamaakYIj"d
aViWH$
TVSfPa#i
Oc46"p
CEWc?,-
Sf.ebA
57~$lF
rPw{<Z
w+4):>wH
7WjA$[J
0DjH_U =v
WQHHV]
FHq>TeB
^a, `w
.QfnLrYd
U+$dC,
Z`9/s2
fDU4T@D
qL_k.a
j_4&,,
LE+]Ju
1{d1KuU
aAIa ;
>euRu:/w~W4 *s-6{tc
p3owW }
-4Nsfsf
Uq~Wh>
(nwp`K[c
$XxX.Aose}G5;
tYo}cb:1n
6T@<68xq;+
PP_wp8
1:'Ci&i81
JlH*KL
Qqqb5c\
$qA_?A;F @]
rnW/=8^rX0^3e,
A`+Yl4R),%@
T6urMb<Cxse
e3B/D<MQ0f
2.M9|gEq
(tfA4b >$_D[
xL7G^L
9?D%o>bIz
gRaNQG
PnA{qb
XA"vS 5
|w1O (@
_f[1{*z
B`'4S^*
w-u-BB<Tnugl
tJ\q? "$Z,h
dhA/4K4
2!kH=M]` d e
fdXKx-
D7iWW&>j
AXXC&VRi`z7
/(^&0V
vJdCXx
mNVQNUZ
0b$!_(I^
r3j`1&b7yX% 0&i
[Eu]3@
FF@+Y{:
vnA_+"6*)
4oTfa+r~
P0Tb}&
"I?&1?
IFQgEq
YqJKouo
&PtG"0U
H^G+6$
(K= e<k Ch,?ul`C
,)L wqu
>,Vlz
-!'O8_W9
N~4rwU]<G
PC,(_!yW#2]|
?TIO')
mg[$Q1
C3hvze
t VCPS|
{aFd=KvZ3
,[_a;
..psedQB~ p
qoUU+/9lEP!
k_ek]v(
8*zq]u]{p]q]#9h~G
7<@A.N{C~}C
c3zOC)
6!'W@5 .wgC#
//R#[B
a6^C,,\.
pVA] Ww+<_Q.n$pWW
>e;l.jQJ@S{]_-
juAQo}W
RQ]|b1N=^N
0QLt>
>>lSQ(L,V^
]9RBaO_
:5't)qRW}
bzNh|&Z6^s
+S.3]A
R;1CST!@U
CDu*&]q
P.] }}
7;- T
F4M$L
I c+}_
wFNiOcz_b0BM
Q5vG:CT'UY&lSx_U'h-hWO"`
}CiNTy_*
u"5bL?
C|hRZj~DR
9|: TLqy)\
W_JO,6bN@?$`'MW_
x!.k}13t
byfuAu
RWioD1?
W)DLV7Hvu[
/),qTQC
j0zUC*7dw<Yv\
u!j-]x
J[LcW
>oDN>~?V}Yu
w*0!%Bhw}Z=&BAT\
] J{; ^_uW 'KOtp}
]FL HH@(|R~H
>C{WH4
&@a#+9
u.ZAXA
^Au0v$T
=<&6-.
yGu'b\
yVbkXDp_
Zv&:H}A4LCjh
vKC!m)@y
&,wQj, -8C
\`\JT`
fA!!@4"
LC@6+&<
YjdCx|iNC@<
C@<o!@<
! `qJk!
"$C@<D[vC@<
DC@<!
! XB!
<`xJ\x
Va@6P <
C@<H7@<
9usp` w IYN
XXC$cTJy
`xW`$
mz<Cn7*>cf^^(
f~POSR/aV
1jJtjtf#r
8#+\}p30
H=~30lv
ICvA|I
-Cb;^YmL|
$1^(\).R
dk/M-NR
`3[,'!
e0,?fe
3)kv@Z0]
A+~y=-p{(N
CD\V$H0A
(R)aRt
C=?Cxj.W{zp
TR{NABP
dN{~$bA
2Z1!zY
.Ze5I3P,DM
5 b@,
Y},F\7
)\+J{:ga=WXM(}
xl8`Mgqu.93x?3
^\y,@8g|*bX
/\e:R<JiB^
k\m7Bkm5{
1?4u}u={8),
[yen]%
P_d.xz_
=-ve<{1?;*B8/hT=-&a
J]PVSH2%`*V
"x6Jj4
9g(H+O[{
a Fr@2LJ
P#=O$LG
fgn5Z.W
C=JO-ezmfq
';-]LH
3E_Z#'
=;O/4:e
vbQ)5KL""
my\i*3d\
CDYibS4
>z`65y%owY
1 ))-N12P
Ezq\`ha'
hdu4s0n
|6.uUL^fl*|
4v:e`0Ul
hR++e7[x
ID=Oa#
)A$v=P~Q
!GG8;aB4<r~
[`h+/4
)l$4V@
mKi9#a
0H4OQ4D
^&cGE{
g,Uk,g[
0o+4r;
Ls/"P`
HPv!s_8b6
7v^[@i
7lB[@$:s1BRB,B
2n';Bw'SJ['
EH< c>7q
u* :NQ[
KP((h>Ma
?nW0et
>jDXi:GQy;4*$<b6
SyU%/bj6
0'LyeQU
KDhWN<
F5i}LD|X
(aY6QD
}&t>zap9
b~T %dh[U
4,,,h,a*4]
o0gwgzb:MX
UCcGn*
|E,0<Qm
|l%~ev?
E&V8;j<f
?Q]ZZ}CK(
m|bb34wR`X
l4WHqW
9"AdW3>&1)
)6.b=>z
a >S(|7g
TXS,-KB
'1L6$2
zZ-`4he
Pe>95(
2>:DKh0L
Q@9|p3A4s'
^OsUV8
">pH64
?z0\ QMJ;,
>=&sS[cV0-4,
{H<W;8"|d
_FQ|^gnu
BqTx:ab
%W&Zob^K/
JyJ\,9)
*oZ:V&
gB&H(w
IxOA5w
wyTeNAaq
C@l4U "4Of[v
A@S?iD~
4XZ*[$1
5n-"ydU`ux
C)`j,Q#
w`I$j[C
`ocV/w0Is-3]]g
4MDRX0c
SX~_d2
0>f-uU
$4]#d(b
vTY$b,
o*>cg'P
M5sGHi
WYl_Ata
"`;\}UV?
r3Rowk
9:c9xwC
>xl!w((
*]gEw@:
Q^_u^~
~O[0W>
;Y -jir
SyGf|H
TDEBD\,6`
.Hh 2G}E
,3pVqn
PI U"i
N/a:|r
Oq_sJZe~m]?
|}o11e
k4{(.q
EBm@`;Bjn y|
[)wM 1
I]1kC?
qDvuj_C^3
lOmj_/
XonPT<
16/&U%}
ZUD)G
7v(xM
VmaiM4u
I7wZUo81X
dF|@kK
vz7sh};OP
)&{Sg1>W)
:HA]hjm
GPjKSGiS>H
&^!wgI
^:>@kV
B*,^T5{/Q_
ASPiom
}{qges)
Dv&ol2ad[
?&4/lr^di
O;OSUi
cK4Md7I2M/[o
0wi[;
i7ei&
iI0NW{C;aC
OXosSM0
3WGci&
3$4K'#
iikK4I
x#^r$4Ms
i{S4Ii;'
wMdS2M4
O:M4Mo
irxrX{|k
i+a^{_4I
kO.bir7_
I2??;4M^
/$8*(%/(!hl[In8
[Cy&c!6z|^
2E+e-A=%*
i1O#[1%>GtTg
' (%(,
wQPADr
y"nte(
37*%qvj;LU
s5f)pg\
OS\(CE8 .(9pj
Yxk~b/MeOy_YjUvKIJkL
!5yesPjT^|6j|,j6:
)'`,POP_f/,LXfH?^ErU
c2F*`*
<1)@=[km
hXOx~z$Gy
0*1%t|
~oqvn!}$
JD}s&G^#&McR
;Twb]Zo2
TFKe@c
-k]I/~
;G>D=E|Jrzz*V@H5c]bQ*
UA$#:U
7PsJ:GC
|[AgfD[{v A
XW`i!$
wE$'HVd_
'w+7bp
G]'vUh-
*8])k.8
Y]zkYesK
/UD<c/O
SU%k<D
#[qdAZ]'R[%
ieQupWs
Ke9Nj@
tdx;|ir#
}~Qf4
D+BcmPiVoU`GYd
PrZc\hV
|F4EQbeopCLu
M;*vC^.VDB4VIa0P
WDNJOg
hw,#-%bM
OFBEQBBd89-60.X,
O-0K7MD
s{Ud`D
-CoB3<
~e,Q9L
LsMF79bu
2024/3
o|MR%4
3$UFwxal
ASzKYF"
~6RD=
MavTHh0Jj~S
0aN&"<
>QM_k-0Z' N
wAx"/1Ov1Q_@
r\Q~mlIE
8]OoU2
\hItr~
Q<.7Vbn
Tw7=7E
Br(=P,
@gP$|?Y
qbi0B@]
ocroB0+
adP/-/'{SS@-
tjlgfqWl
rtiPFZU
&[8XlXr7#H2E
<\?QUr
0X^9(EeR
{qO,p(e"Qj
m\Yrck
DQ4;sTA-N+O)
Q 0r/XC]ua
aCG"09X
#,',%,3)
(ubc>QFGe
XY6b{bzp`
,P0XT4-oR
8MX5
d PWSQ
6|{{zrX0p
yPX8~.BPXn
'`hv8vvG~
_]"[[.Q%"
6:O6MsDM
XC4E1Z
C6Ez\g
-*XHH'8b8(
P"k@.S
nw,$THrM
q+\D 7
I$%jffzzbs$~$
`Lve`^Xi&K)
UUSK-RI<
,*(Qwbh
F~XY_uX
0$]RiZ]7;
X&LNs@Wx
'>Uvc;Ep+bkf
3an0%
5g-_,?Qt8b
Bb,T|c
H^epNA*s
L76rmi
8"4G6,4-
(efkPIq(BGtT(~cq
ERWE"
O0)&;<'"<
`VLBx~gi
prlnhjdf`b]PYO[vU
O-I;K9EGAC=?9
;5767*
"p @&P$a
}oQ@6$
-=JfzntZvFp-r
~xzdfaEm\o2i
]XA^{\
@>FDJHNM
7c5C;9?=#"8$
&n(A*\,.
.fe[c<
omkjktGv:p
r|~yu{dE
GACJWHyN
L4RPVUY[
"-$y&](*,/<1
7]5f31/.,(\*$&!
HFEaC;A_]XCZ
m"oil|b0`fe\
$'6!r#
-(4.t,21)7h5;:#<a>_
%%#"^<
>9z;8576#4
Vgf<`obl
{]y|;~s@C
tDrpoBmkjNdfaBch
3A(J$h2f
oMnl}b
ag8fxr
~|[{yOG!F@
CMzHNXL8S
TViY[H];`
9}42]1?<>8
;%'b&$W+);,.ky
SBp^$1
3H24O79M$"K!?S>
8(;5#06*5
SQcLNp
IKLB@_G%Fx
{}0p~)}{Azdhg
q5-.""#!
loodS`9|K
'IF.9U
4;l>Y-K
w`$T(=
Pxo\C&
^H_)~5@
j^wfTjP ~lju
0)<-qg]|g
!VJ/P}6yO4
,}u=3wv
k,Eh4Zw.]
T(a"IX
@qb=&#
XAdm+ju
-'}OVT
wg{m_<@S
#d]%-v/KJ
Mh]EMg.HGUwu
=9C]t0
2f(srrA
mk;hS9:
@0#Df;d
tQPd.)+G
yR~DJ2{
dfC<Zj$
tq-Kr!
@-1ha?
_.J#B/W
J&h[&!2
s|-0eu,
}k6"QAuE~Sr
}O]gHwx
wayR=m3mN
~q|%miL
aM@hns$!iPi2 "4A
h-qObumle'=
;+%{Q]zqw@U
d@dC=d@7
X^z^g jW z
p\Cu{
L>5@0Au4Pz$uCv
118:?:(9L10G;(o
F1aJU(BE
z*[|.$X
a@Cw7T~xmu
g;E+Yi57AH {
MM{)1ol
@.ZYV.
@|HK68_}ZDy
D:odmS4^@
=dCJZ]5dCJZpP
/lrWEq
I1m;8*
t 9l0rWtg
WWO]B%
Ae=OZ%zqe
g5'm>Y(?U
({lX3-
$Ysu W9vS
& ;t ^c
V*v+V,c/
N0g)-,Y__o]W%#
B1:dPcf2
JxFB\fN3
,l|}68[AC
n*@m&%as F|WS
p<]q=vo
?P;t[~
jq,0j0
uBPUG_lpKP{w`
@ hrt]
YdQmB!'
d0mutd6:B
|@A^uC}
a/WUU uU
Z)+)U.'
`oH`7@
@3?{4f5w
U&oB3sH$$8
hFmu"q9d*
5hnh_Ip_["
=9l,/2
tg\VPY
8,<8?3~da~
2,&/'z`rmty
n`0SYDb
ZTE6'<$(&
>N&Wxm-;:n8
b,HINMF
SqbLFq
$d:Ea\
$dVSXj2$
sry4dH
n-9=d4^5
$H$ 2
SI2IP0
b$H&}fd
D2I]^Jdcn4I&Mq[-|$&
K3D"$B
pFiLX2I$
!"H&F (.
8?I"H2x9V'"sH$->PoWE@I&$
D2Ym``fucsLYY|{6
u6"iZuh
nLIKiSP$
[mFDU!D2IP
+o&\'"$
)&D"$y#
0$$V(JI2I
I2M3XjI2Mu
|D2I822I$
JCIhP
LI@Z
/
RS[[[[CCCC[[[[SSSS
iT_PTXUR
dhViQj^SlRfX W
yVzaae
Lp4&"1R
N]oK6$x3
=8;3@]>A
f]o@Oo
98!oHb$"
p:#in+
(C\>.K
X2[s/^
toT@/VW\;BX5E
0)F?08"
3I~!u0R]!
q*tCwLg=
Ky&=L/-.(/
;I<x*#
hj3_JG
Q3O>)%
|4znL+
lK__Ls@
yH&2u!L>d
g@;*V7l
{#<k`}|Ilt^
AQ>oVR
D_7.fWW
^/}(z_*w
yTmXLM
WU[/)X-^Wk@
A?;quS%3`zj
`R"}VX
E<BhDU*
$DBIVp"
`HgE]TWh
I-7& t
SUZ!]ewL
fX~?v6
;)WAuru
7L9H@9Ncps
<jQp_h2_
'6)V?{^W
MnmL,au
Nx_{I}WL
k>Q1+/
$"K8I?J9BB
~pgO#7
}$nK*4
_~M4>ka
3'A ~\G
)hfIEZ
% r,fHp
cQ.+X%Th
MuBo+VjdIY=
%sRoQP1>QA/6m:Gw,RfF
/("j,l
[A#:XBJ
8od}]9
/\,# %$hV'
hn+!ec
dff]ZE
2PHGVl
^S)npj
..~U0k
w7-U*]
kbj;b}4w
HUIes#%
>_&D%v
*3@|\^QA
qT_CCr a
9+!<=K:w
(7[5B~s
R*}=n9v}
ru] Q}/ v
4R<W-x
"AZ&*c
_0^}+]r`
.bH<"c=yCJp:2
JYH<h@.
7KI:H"
;5k$Jz
H?~ YDc~U tC
]/]]_lvQ1W [[a
Q$QY$k
Ti"P3M+l`%
#Wvbd{E
"-vXpU
E[2\8Rg %R`"O5
Z|l/o0
R[#{? HdA
l;Y8H$wyq6^
7.rr`A
srS=M=o_) zz
JS>s7?<A4P
zh2]9?8X^L[}o
FDt-;JK7
:5$.w4
OoWx{0#+p4P?
:)2(H\]?}s
-{_z*tC
A3._R],^^
A#q`U@
eHrR8Q
ROdX3[
6F*^_Bz| iGilh*F
R|B{Qm
0RVVAVN-QWA
o8OT2
B7! ss
G@TB!zz
Ia9*,}Y<!
T[9{p`a_XZ?_X
DG3y uf[
n ]WnCNQb
~/_C|P
Q47+6C
fD+%*~f
K="B0P
7D_,CA
.HdY\P
cb{cc^Y
b~*(8
jcw~#Z
nkV,j.Z
,B9X X|7Lf6_
sQ*}6y5
dg])5Z&Y
Re?Da@a
i-K=G=
7b*Co UhgIrn
C1>m*>
=FDk2=
L}=l.CB
"&vzk+
.),_?k@%x
{}i}yW_
5sUA^E=
07?!V$1){-
6f/6zx~e*oikuA
|a *1"am,
imp#6m-
aHfpwwLTMuh
,jb;]xU$
&ff]W&L&.B1atZV!
Fz/x:7wPX.l<n
.\,X90b*R8`2
f.5 ;m
Da)PU@t
{rYP9FR
f3c2dCd
!E8aY
=HA9H
@Tf(s-
k/^e&R9
k9pG9H9Xs8x~q~
(w{gZf
k\qArsx1%.dybUS'
4'uFX4=Gn`ZQ2
;@&4O#1x
iHi8JC
FI2I$0zA}D2I(`j_PH$
TVLDtBYr]$$P3/D2I"
>$iBi4MlCi$?
AuD2I$HjKN
R;>F9$
)2/xdH
r"&4d{
;bH$S35c
0`^v_MR
$XY@ O$L(6
O!|Q(K
/6)Y30D
""@70G3-Z/`
# //-$8n4yN
&sBN>RG
$dk 4Mim
IH,.* 3I$!7$P]RZI"iX_!V&H$wdc+$
3IIyBs*
0lK=LIm@Ld
j`$dCp\gC~I&$Vu
E"Td&'J{
=m>c9`#
iE@&d1Kzp"&4IkT9fG2iH
M</088*s
e.fVQX
6/")y-d5
[NF,x=
;|'=(8.J
j_wk[\YcKC
r9PNHsSUkvb
kp0CWe(*_1
T\<Nflne&"F.
;<\8QQ0h'
<]Zh8eFKNZD
c^Zvd8x%EP
Br-Ud.
M+OSMD~e
kpY)*r6?a
NLT^Z,K1,
}[X@[UYT
L\G0((h
nj|8#-tD
b!z9=Hc
LhH<I)|
m[MImJ
sV:l4$V`@_
ooH+t=u
6WLb9!e
3@0WG`UN
150DW;EQl
z&jx\dGa)SM
(e&/K!aj)
7[/B:)
O91p:#Cb
8?7:Ox
,&PY7j
s@YqD
e}i,AwM
<l0z^Y>
Z*4{*6ZqabR
P3[1a#
-4%`{Xp0lfFXRHx
"4~bT(S
lV@l,=s',
[2*=6R<A2[y8
RERD8y
coc*dT90Xf
= |Pk?qSaaC&
( TZ,N9z
\xTHXOQ1a
^ayQ%s 95
.8uBU"{
=)~q%8l0)c
>Y[WuvuC>pH_~'g7
*+4"r. pt0"
FV;[vR-
p27\3Zrs
u`"y+}W
<$X1t8
vQ#?ukU
i4mVXM>
0uRa0lP"S8(
=D_<`0
//k=4M
&4MM[qiweCdi
4M3)_m{L4MWE#
'U$4si2ii
daGM4Mu
?2M49iI
kAgiM$
4M4o}K!
yMiO]a4M4 -4M;Qci&Y/=
iM4M$[qweC4M
3)_mi{WE#4Mi
di'UsiG4M
?ii4I9
kM4MAg
iio}Kd!
M4M7%2M4
yO]jiIi -;QM$cY/=
M[qwieCMi
o~(6+4U!XQ(
m8=]Z<L9-K}Q~1Z<*%9'
d#=1:#`A
$BE.43
TXS[U&B
@@i}M#tg8
:N9h{TS,@
&Z'uvFZn
N/m+0*h
(BNB<=tCE
JAdM NGG7s.:TDH
u*+$<.4
35`y}$v}{&B[WW
WU]\B^c
%dQ0:Kz=<+Md"]>
h5j@h
V48^XXXX]
MessageBoxA
wsprintfA
ExitProcess
GetModuleHandleA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
LoadLibraryA
BitBlt
GdiplusStartup
AlphaBlend
CoInitialize
DragFinish
StrToIntExA
InternetOpenA
user32.dll
kernel32.dll
ATL.DLL
GDI32.dll
gdiplus.dll
MSIMG32.dll
MSVCRT.dll
ole32.dll
OLEAUT32.dll
SHELL32.dll
SHLWAPI.dll
WININET.dll
SysqemvxvooSysqemlxnluSysqemwkvquSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqemrgcsuSysqemclrunSysqemavhtlSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqemqjrlmSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqemzkexlSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqemsbnaySysqemxhekjSysqemtizyqSysqemzipydSysqemwjpzsSysqemxhcplSysqamqqvaqqdSysqamqqvaqqdSysqemnhvaiSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqembyztoSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqemurmmdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqemocvncSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqdSysqamqqvaqqd
L!This program cannot be run in DOS mode.
i2h:2h:2h:2i:gh::1h::3h:)%:"h:)%:Ph:)%:
h::3h::*h::3h::3h:Rich2h:
`.data
@.reloc
otools\inc\nlg\private\inc\msfsa\faarray_cont_t.h
otools\inc\nlg\private\inc\msfsa\falextools_t.h
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
CorExitProcess
bad exception
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
Unknown exception
GetProcessWindowStation
GetUserObjectInformationW
GetLastActivePopup
GetActiveWindow
MessageBoxW
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
nlg\lib\msfsa\faallocator.cpp
nlg\lib\msfsa\farsdfa_pack_triv.cpp
otools\inc\nlg\private\inc\msfsa\faarray_cont_2xresize_t.h
nlg\lib\msfsa\famultimap_pack.cpp
Internal error.
Object cannot be initialized.
Limit size has been exceeded.
Out of memory.
Object is not ready.
]ut5p?
W3+t#Hu7Vu
^3[UQE
V3WM0u
UVW39~
<|uCt7
t79V$t2h
M 3UE9J
MA3;~\U
E;}q}M
PE @PE
MPE+@PE
G;}|}]}$
F;}^U9]
z;~\;}T;]
Yt]U]U]
EVW3EP
SysqamqqvaqqdSysqamqqvaqqd
R�E�S�O�U�R�C�E�_�F�A�T�O�K�E�N�I�Z�E�R�
K�E�R�N�E�L�3�2�.�D�L�L�
s�m�s�c�o�r�e�e�.�d�l�l�
n�r�u�n�t�i�m�e� �e�r�r�o�r� �
T�L�O�S�S� �e�r�r�o�r�
S�I�N�G� �e�r�r�o�r�
D�O�M�A�I�N� �e�r�r�o�r�
-� �A�t�t�e�m�p�t� �t�o� �u�s�e� �M�S�I�L� �c�o�d�e� �f�r�o�m� �t�h�i�s� �a�s�s�e�m�b�l�y� �d�u�r�i�n�g� �n�a�t�i�v�e� �c�o�d�e� �i�n�i�t�i�a�l�i�z�a�t�i�o�n�
T�h�i�s� �i�n�d�i�c�a�t�e�s� �a� �b�u�g� �i�n� �y�o�u�r� �a�p�p�l�i�c�a�t�i�o�n�.� �I�t� �i�s� �m�o�s�t� �l�i�k�e�l�y� �t�h�e� �r�e�s�u�l�t� �o�f� �c�a�l�l�i�n�g� �a�n� �M�S�I�L�-�c�o�m�p�i�l�e�d� �(�/�c�l�r�)� �f�u�n�c�t�i�o�n� �f�r�o�m� �a� �n�a�t�i�v�e� �c�o�n�s�t�r�u�c�t�o�r� �o�r� �f�r�o�m� �D�l�l�M�a�i�n�.�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �l�o�c�a�l�e� �i�n�f�o�r�m�a�t�i�o�n�
-� �A�t�t�e�m�p�t� �t�o� �i�n�i�t�i�a�l�i�z�e� �t�h�e� �C�R�T� �m�o�r�e� �t�h�a�n� �o�n�c�e�.�
T�h�i�s� �i�n�d�i�c�a�t�e�s� �a� �b�u�g� �i�n� �y�o�u�r� �a�p�p�l�i�c�a�t�i�o�n�.�
-� �C�R�T� �n�o�t� �i�n�i�t�i�a�l�i�z�e�d�
-� �u�n�a�b�l�e� �t�o� �i�n�i�t�i�a�l�i�z�e� �h�e�a�p�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �l�o�w�i�o� �i�n�i�t�i�a�l�i�z�a�t�i�o�n�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �s�t�d�i�o� �i�n�i�t�i�a�l�i�z�a�t�i�o�n�
-� �p�u�r�e� �v�i�r�t�u�a�l� �f�u�n�c�t�i�o�n� �c�a�l�l�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �_�o�n�e�x�i�t�/�a�t�e�x�i�t� �t�a�b�l�e�
-� �u�n�a�b�l�e� �t�o� �o�p�e�n� �c�o�n�s�o�l�e� �d�e�v�i�c�e�
-� �u�n�e�x�p�e�c�t�e�d� �h�e�a�p� �e�r�r�o�r�
-� �u�n�e�x�p�e�c�t�e�d� �m�u�l�t�i�t�h�r�e�a�d� �l�o�c�k� �e�r�r�o�r�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �t�h�r�e�a�d� �d�a�t�a�
-� �a�b�o�r�t�(�)� �h�a�s� �b�e�e�n� �c�a�l�l�e�d�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �e�n�v�i�r�o�n�m�e�n�t�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �a�r�g�u�m�e�n�t�s�
-� �f�l�o�a�t�i�n�g� �p�o�i�n�t� �s�u�p�p�o�r�t� �n�o�t� �l�o�a�d�e�d�
M�i�c�r�o�s�o�f�t� �V�i�s�u�a�l� �C�+�+� �R�u�n�t�i�m�e� �L�i�b�r�a�r�y�
<�p�r�o�g�r�a�m� �n�a�m�e� �u�n�k�n�o�w�n�>�
R�u�n�t�i�m�e� �E�r�r�o�r�!�
P�r�o�g�r�a�m�:� �
H�H�:�m�m�:�s�s�
d�d�d�d�,� �M�M�M�M� �d�d�,� �y�y�y�y�
M�M�/�d�d�/�y�y�
D�e�c�e�m�b�e�r�
N�o�v�e�m�b�e�r�
O�c�t�o�b�e�r�
S�e�p�t�e�m�b�e�r�
A�u�g�u�s�t�
F�e�b�r�u�a�r�y�
J�a�n�u�a�r�y�
S�a�t�u�r�d�a�y�
F�r�i�d�a�y�
T�h�u�r�s�d�a�y�
W�e�d�n�e�s�d�a�y�
T�u�e�s�d�a�y�
M�o�n�d�a�y�
S�u�n�d�a�y�
W�U�S�E�R�3�2�.�D�L�L�
� � � � � � � � �(�(�(�(�(� � � � � � � � � � � � � � � � � � �H�
C�O�N�O�U�T�$�
Hosts
| IP |
|---|
| 114.114.114.114 |
DNS
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
TCP
No TCP connections recorded.
UDP
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53179 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49642 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 61714 | 114.114.114.114 | 53 |
| 192.168.56.101 | 56933 | 114.114.114.114 | 53 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
HTTP & HTTPS Requests
No HTTP requests performed.
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
Sorry! No dropped files.
Sorry! No dropped buffers.