1.3
低危
DACN
0.12
FACILE
1.00
IMCLNet
0.86
MFGraph
0.00
反病毒引擎
| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| Alibaba | None | 20190527 | 0.3.0.5 |
| Avast | Win32:Malware-gen | 20200113 | 18.4.3895.0 |
| Baidu | None | 20190318 | 1.0.0.2 |
| CrowdStrike | win/malicious_confidence_100% (D) | 20190702 | 1.0 |
| Kingsoft | None | 20200113 | 2013.8.14.323 |
| McAfee | GenericRXFM-UB!832D35804157 | 20200113 | 6.0.6.653 |
| Tencent | Win32.Trojan.Filecoder.Dxmr | 20200113 | 1.0.0.1 |
静态指标
动态指标
在 PE 资源中识别到外语
(1 个事件)
| name | RT_VERSION | language | None | filetype | None | sublanguage | SUBLANG_ARABIC_EGYPT | offset | 0x0008742c | size | 0x00000328 | ||||||||||||||||||
该二进制文件可能包含加密或压缩数据,表明使用了打包工具
(1 个事件)
| section | {'name': '.data', 'virtual_address': '0x00028000', 'virtual_size': '0x0005e704', 'size_of_data': '0x00005a00', 'entropy': 7.349871283018365} | entropy | 7.349871283018365 | description | 发现高熵的节 | |||||||||
网络通信
与未执行 DNS 查询的主机进行通信
(1 个事件)
| host | 114.114.114.114 | |||
文件已被 VirusTotal 上 52 个反病毒引擎识别为恶意
(50 out of 52 个事件)
| ALYac | Gen:Variant.Graftor.281734 |
| APEX | Malicious |
| AVG | Win32:Malware-gen |
| Acronis | suspicious |
| Ad-Aware | Gen:Variant.Graftor.281734 |
| AhnLab-V3 | Trojan/Win32.Teslacrypt.R178173 |
| Antiy-AVL | Trojan[Ransom]/Win32.Bitman |
| Arcabit | Trojan.Graftor.D44C86 |
| Avast | Win32:Malware-gen |
| Avira | HEUR/AGEN.1045453 |
| BitDefender | Gen:Variant.Graftor.281734 |
| BitDefenderTheta | Gen:NN.ZexaF.34082.Fu3@aa69v8HO |
| CAT-QuickHeal | Ransomware.Tescrypt.T5 |
| ClamAV | Win.Ransomware.Razy-7101238-0 |
| CrowdStrike | win/malicious_confidence_100% (D) |
| Cybereason | malicious.04157c |
| Cylance | Unsafe |
| DrWeb | Trojan.Encoder.4321 |
| ESET-NOD32 | a variant of Win32/Filecoder.TeslaCrypt.L |
| Emsisoft | Gen:Variant.Graftor.281734 (B) |
| Endgame | malicious (high confidence) |
| F-Secure | Heuristic.HEUR/AGEN.1045453 |
| FireEye | Generic.mg.832d35804157cb48 |
| Fortinet | W32/Kryptik.4560!tr |
| GData | Gen:Variant.Graftor.281734 |
| Ikarus | Trojan-Ransom.TeslaCrypt |
| Invincea | heuristic |
| Jiangmin | Trojan.Bitman.zm |
| K7AntiVirus | Trojan ( 004e16e91 ) |
| K7GW | Trojan ( 004e16e91 ) |
| Kaspersky | Trojan-Ransom.Win32.Bitman.adww |
| MAX | malware (ai score=87) |
| Malwarebytes | Ransom.TeslaCrypt |
| McAfee | GenericRXFM-UB!832D35804157 |
| McAfee-GW-Edition | BehavesLike.Win32.Generic.hz |
| MicroWorld-eScan | Gen:Variant.Graftor.281734 |
| Microsoft | Ransom:Win32/Tescrypt.T |
| NANO-Antivirus | Trojan.Win32.Encoder.ebkubm |
| Paloalto | generic.ml |
| Panda | Trj/GdSda.A |
| Rising | Ransom.Tescrypt!8.3AF (CLOUD) |
| Sangfor | Malware |
| SentinelOne | DFI - Malicious PE |
| Sophos | Mal/Generic-S |
| Symantec | ML.Attribute.HighConfidence |
| Tencent | Win32.Trojan.Filecoder.Dxmr |
| VBA32 | BScope.Trojan.Encoder |
| VIPRE | Trojan.Win32.Generic!BT |
| Yandex | Trojan.Filecoder!iLj4pgu47LY |
| Zillya | Trojan.Filecoder.Win32.11216 |
二进制图像
288x288
224x224
192x192
160x160
128x128
96x96
64x64
32x32
运行截图
暂无运行截图
该样本运行过程中未生成截图
PE Compile Time
2016-04-06 04:37:31
PE Imphash
13a03105c86691a53a0ec9681df0ada1
Sections
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| .text | 0x00001000 | 0x00022820 | 0x00022a00 | 6.718736793898537 |
| .rdata | 0x00024000 | 0x00003610 | 0x00003800 | 5.04093807332225 |
| .data | 0x00028000 | 0x0005e704 | 0x00005a00 | 7.349871283018365 |
| .rsrc | 0x00087000 | 0x000008b0 | 0x00000a00 | 3.7798394832650666 |
| .reloc | 0x00088000 | 0x00002512 | 0x00002600 | 4.62094315288085 |
Resources
| Name | Offset | Size | Language | Sub-language | File type |
|---|---|---|---|---|---|
| RT_ICON | 0x00087130 | 0x000002e8 | LANG_SPANISH | SUBLANG_SPANISH_PANAMA | None |
| RT_GROUP_ICON | 0x00087418 | 0x00000014 | LANG_SPANISH | SUBLANG_SPANISH_PANAMA | None |
| RT_VERSION | 0x0008742c | 0x00000328 | None | SUBLANG_ARABIC_EGYPT | None |
| RT_MANIFEST | 0x00087754 | 0x0000015a | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
Imports
Library gdiplus.dll:
• 0x424164 GdiplusStartup
• 0x424168 GdipCloneImage
• 0x42416c GdipSaveImageToFile
• 0x424170 GdipGetImageEncoders
• 0x424174 GdipCreateBitmapFromHBITMAP
• 0x424178 GdipDisposeImage
• 0x42417c GdipGetImageEncodersSize
• 0x424180 GdipAlloc
• 0x424184 GdipFree
Library KERNEL32.dll:
• 0x42401c GetModuleHandleA
• 0x424020 GetFileSize
• 0x424024 SetFilePointer
• 0x424028 GetDriveTypeW
• 0x42402c HeapAlloc
• 0x424030 GetLogicalDriveStringsW
• 0x424034 HeapFree
• 0x424038 GetProcessHeap
• 0x42403c WriteFile
• 0x424040 GetFileAttributesW
• 0x424044 ReadFile
• 0x424048 CreateFileW
• 0x42404c FlushFileBuffers
• 0x424050 CloseHandle
• 0x424054 SetFileAttributesW
• 0x424058 LoadLibraryA
• 0x42405c FreeLibrary
• 0x424060 QueryPerformanceCounter
• 0x424064 GetTickCount
• 0x424068 LoadLibraryW
• 0x42406c GetVersionExW
• 0x424070 GetProcAddress
• 0x424074 GetCurrentProcessId
• 0x424078 GetCurrentProcess
• 0x42407c Sleep
• 0x424080 GetStringTypeW
• 0x424084 MultiByteToWideChar
• 0x424088 RtlUnwind
• 0x42408c SetStdHandle
• 0x424090 WriteConsoleW
• 0x424094 IsProcessorFeaturePresent
• 0x424098 HeapSize
• 0x42409c GlobalMemoryStatus
• 0x4240a0 GetSystemTimeAsFileTime
• 0x4240a4 GetEnvironmentStringsW
• 0x4240a8 FreeEnvironmentStringsW
• 0x4240ac GetConsoleMode
• 0x4240b0 GetLastError
• 0x4240b4 EnterCriticalSection
• 0x4240b8 LeaveCriticalSection
• 0x4240bc HeapReAlloc
• 0x4240c0 GetCommandLineW
• 0x4240c4 HeapSetInformation
• 0x4240c8 GetStartupInfoW
• 0x4240cc TerminateProcess
• 0x4240d0 UnhandledExceptionFilter
• 0x4240d4 SetUnhandledExceptionFilter
• 0x4240d8 IsDebuggerPresent
• 0x4240dc HeapCreate
• 0x4240e0 GetCPInfo
• 0x4240e4 InterlockedIncrement
• 0x4240e8 InterlockedDecrement
• 0x4240ec GetACP
• 0x4240f0 GetOEMCP
• 0x4240f4 IsValidCodePage
• 0x4240f8 EncodePointer
• 0x4240fc TlsAlloc
• 0x424100 TlsGetValue
• 0x424104 TlsSetValue
• 0x424108 DecodePointer
• 0x42410c TlsFree
• 0x424110 GetModuleHandleW
• 0x424114 SetLastError
• 0x424118 GetCurrentThreadId
• 0x42411c LCMapStringW
• 0x424120 ExitProcess
• 0x424124 GetStdHandle
• 0x424128 GetModuleFileNameW
• 0x42412c SetHandleCount
• 0x424130 InitializeCriticalSectionAndSpinCount
• 0x424134 GetFileType
• 0x424138 DeleteCriticalSection
• 0x42413c WideCharToMultiByte
• 0x424140 GetConsoleCP
Library GDI32.dll:
• 0x424000 SetBkMode
• 0x424004 DeleteObject
• 0x424008 SelectObject
• 0x42400c CreateFontW
• 0x424010 GetStockObject
• 0x424014 SetTextColor
L!This program cannot be run in DOS mode.
$UoZ$UoZ$UoZ
Z&UoZK#Z
UoZK#Z<UoZK#Z\UoZ$UnZIUoZ--Z)UoZ
Z%UoZ$UoZ%UoZK#Z7UoZ-Z%UoZK#Z%UoZRich$UoZ
`.rdata
@.data
@.reloc
V0t&3t +
<Bf=fE@;r
fu Kt'
3_^[M3@Y
M_^3[,Y
3_^[M3X
@u3_^[M3X
`a`uNlaB
r_^3[]
_^[M3U
|tp~"`xptalt
||M_^33[yU
SVuhq^rj
^[M31T
um39}v
G ;}rnh9
^3@[dS
SVWj$B
3WQfD$$
|h`vPV
hR$C2j
_^[M3oL
SQj Uf
REPSQ#
f1f;2u
|_^3[_^
SVl3p@bB
3Wtdx8@bB
xO|xh~"`dhxaxt
M_^3[$H
SVt3l@bB
pW`\x8@bB
xO|xh~"`\hxax`
hI}(Pjtp
QlRdQR
SVp3@bB
3Wltxd$
xO|xh~"`thxalx
M_^3[#F
SVl3paB
3Wtdx8aB
xO|xh~"`dhxaxt
hWPypl
M_^3[$E
3[]VW}
@u+WSE3;I
+VSQMI
Au_^[]U<B
@:u+PSW
@:u+PSV
@:u+PSV_
@:u+PSW?
_^3[:@
EEfEEfEEYf
RQ8PRh<rG
tj UM`
hXlPQf
~EhxrG
W ]]f]
]]f]]]f
PMQj NARs
3_^[M37
M_^3[[7
SVp3aB
3Wltxd$
xO|xh~"`thxalx
M_^3[4
L$,L$@t$4p
QT$8t$@D$DT$L$
@:u+P$
3t$ j<D$HSP
SQD$P<
@:u+WT$H
PD$XP$
T$pPR$
SVp3aB
3Wltxd$
xO|xh~"`thxalx
M_^3[-
SVh3paB
dWt`x8aB
xO|xl~"``lxaxt
h5=Pdp
M_^3[,
SVl3paB
3Wtdx8aB
xO|xh~"`dhxatx
h>aPpl
M_^3[+
SVl3paB
3Wtdx8aB
xO|xh~"`dhxaxt
M_^3[*
SVt3laB
pW`\x8aB
xO|xh~"`\hxax`
M_^3[)
SVd3taB
xO|x\~"`X\xaxl
QpRhQ`RQ
M_^3[g(
SVh3paB
dWt`x8aB
xO|xl~"``lxatx
M_^3[h'
SVp3aB
3Wltxd$
xO|xh~"`thxalx
M_^3[&
u=S\HTX8L
S\H@<DL
L[XD9<t
GM_33^"
_^M3("
u5u1SDPT\XH
SDP@8<H
[\<98t
5M_33^
$j h<dB
Ku9\$Dt
RD$TP+
jD$\gD$`rn<D$d:OD$h
L$PQT$\R
D$HPL$dQ
L$P~* B
T$Xh B
D$8;T$<}
O;L$<}
T$@@D$8
T$HRD$TP
jD$\gD$`rn<D$d:OD$h
QT$\R
D$`h@B
S3VD$0D$$W$
D$(hdB
L$,D$
RT$$D$
SD$,h@eB
L$$D$0t_|$
t>T$4$8
Qj@RT$,t
W3hpeB
WD$$heB
WD$\heB
WD$4heB
WD$PheB
WD$(heB
WD$HheB
WD$@heB
WD$LheB
L$|QPT$(
RPL$`QD$d$
T$8t6P
T$X;T$XRT$Lt
D$|PQT$Ht
RPT$@t6$
QRT$Lt
PQT$Dt6$
RPT$8t
QRT$,tD
PQT$Tt
8@8v)@
p-}}33
]uu3yZ
]}};yZ
]uu3yZ
}};$M\
]uu3$M\
}};$M\
uu3$M\
]uu3$M\
]}};$M\
uu3$M\
}};$M\
uu3>pm
}};>pm
uu3>pm
]uu3>pm
]}};>pm
}};>pm
]uu3>pm
]}};>pm
}};vmz
uu3vmz
uu3vmz
]}};vmz
}};vmz
]uu3vmz
}};vmz
Uu2vmz
[^[_]U<
3SQf$L
T$$RhAB
RT$(RPA
T$.3SRfL$4xk
L$,Q$H
T$ RPA(
w+t7;t
t"_^[$8
Q$RlrG
hoVS58G
SSShx@
3958rG
SSh#&j
jVhtCj
SSSh@6@
SShtCj
=_^[h`vP
j<WRTc
>@49uC=hr=P
VW3};t
MQj<UWR
>@4E9uu*$hr=P
RQ PRP
ESV3$bB
3Wptx8$bB
xO|xl~"`tlxaxp
h(suPH
3Wtdx8
xO|xh~"`dhxaxt
3Wtdx8
xO|xh~"`dhxatx
SVp3aB
3Wltxd$
xO|xh~"`thxalx
hi'P+p
]U SX$V
#U3#U#U#U#U#
[]U$H$M
#M#M#M##3
^P H$[]U
]@##M3#M#M#M#M##
@###M3#M#M####M
S3W3 ^
_[u;F #F
m^[]UVu
B +q$r$^]
x3PQPF
U3PF$PERPq
U3PQPRq
3PF P3PEP}q
MP3PQfq
P3PROq
P3PEP8q
P3PQ!q
U3PRPF
xE3PQPF
U3PRPF$Pp
3PEP3PF Pp
U3PRPF
P3PEP[p
p3PRPF
PER3WPo
E3PUxRPF
U3PEP3PF$Pio
U3PQPF PRo
UU3PRPF
U3PEP3PF
Up3PRPF
E3PRPEPM}n
xE3PQPF
3PUURPF$P
U3PEP3PF P
U3PQPF
U3PpP3PF
U3PQPF
E3PRPE]
P3PQUQm
3PEP3UPF$Pl
UU3PRPF Pl
U3PpP3PF
U3PQPF
3PRPE]
P3PEPk
PF 0F$E3PEP3
M3PQUUPR7k
U3PEP38PQ
Up3PRP0P
UP3PQPRj
3PEP3MMP]
PUUWRj
P3PEPyj
P3PQaj
P3PRIj
3PRP8]
M3PQUPPRi
U3PpP3PQi
Ux3PRP0Pi
3PEM3PU
V]M(@6i
U3PQPRh
3PEP3PQh
03PEP3PQFh
x3PRPEP.h
8EWP3PQg
U3PRP(Pg
3PQPRg
3PEP3PQg
U3PRPEPvg
U3PQPR^g
3uPRP0Pf
M3PQdUPRf
3PURP@Pf
83PQPRof
3PEP3PQUf
U3PRP P=f
PQPR%f
3PpP3PQ
x3PRPEPe
3PEP3P}
E3UUPRME
M3PQPPR1e
3PEP3PQ
U3PRP8Pd
(3PQPRd
3PEP3PQd
U3PQPRd
3PEPM3PQd
PUV$3WREb
U3PEP3PF
U3PQPF
UU3PRPSb
3PQPF$P2b
U3PSPR b
M3QPQPMa
P3RQMa
ME3PQPF$PUa
U3PSPF
3QE3RPEF
P3PF$PU`
3QPQP`
U3PSPF
M3QPQ}
UP3PEP
3QPE3PF
3PEP3PF$PU_
U3PSPQ_
M}UP3PRK_
P3PEPU3_
3PEP3P}
3PF$P3PQU^
3QPQP^
P3PEPN^
3QPQP;^
3PEP3PF$PU]
ME3PUQPS]
P3UUMP
P3PEP^]
P3PQF]
F QPQP\
URPF$P\
P3PQ}\
U3PRPF
3QPQPT\
3REF QE
M3PQUPRl[
3PEP3PQR[
`3PRPEP:[
X3PQPQZ
U3PRPxPsZ
`3PQPR[Z
3PhP3PQAZ
SWV$dY
_^[]USJVu
~ ##X
x v$#H$#
_p$^[]
OuEPEMK
OuMQEu
M}]_[]U
NuMQ4r
NuMQEe
NuMQE5
NuUREQ
^]U4SVW
F _^[]
U3is-@
SV239M
@H]UTS]
CxW{PWFPM
3G$G G
FH[]U`SVWh
(|TMuMQ
_^[]U|SVu
u_^[]UPV
UUEEMMUUGP
HtHpHlHhHdH`H\HXHT
~A8B(f
VKx3WNx;t0;
_^[];t@
~PC(KPWP
F$_^[]U
UMPt.MDt
_^[]Gx
N$_^[]U
SVW39Nxt
9HPt6E
Ox`QFP(
EP(`dM
_^[]3;t
@ OPQE
N$_^[]U
U(R49E
EPEUlU
~PW4KP
F$N(V,F0
N(N4V,V8
F0F<N4N@V8VD
NLRPx#U
_Nx[]UP
~-(H^|E
k|L0QE
8TNuE3
wtwpwlwhwdw`w\wXwT
M3M#M3M
U3U]#U#3U
U3U#U3U
U3U#U3U
#}M}}#U
#}}}#U
}3#3]U
#}}}#U
}3U#U3
#MU#U}
#}}}#u
}u3u#u3u
#}}}#u
}u3u#u3u
#}}}#u
}u3u#u3u
#}}}#u
#}}}#u
u3u#u3u
3u3u#u3u
#}}}#u
u3u#u3u
#}}}#u
u3u#u3u
#}}}#u
u3u#u3u
#}}}#u
u3u#u3u
#}}}#u
}u3u#u3u
#}}}#u
#}}}#u
}u3u#u3u
#}}}#u
3u3u#u3u
#}}}#u
}u3u#u3u
#}}}#u
}u3u#u3u
#}}}#u
u3u#u3u
#}}}#u
u3u#u3u
u3u#u3u
#}}}#u
#}}}#u
u3u#u3u
#}}}#u
u3u#u3u
#}}}#u
3u3u#u3u
#}}}#u
u3u#u3u
#}}}#u
}u3u#u3u
#}}}#u
}u3u#u3u
#}}}#u
}u3u#u3u
#}}}#u
#}}}#u
}u3u#u3u
#}}}#u
u3u#u3u
#}}}#u
3u3u#u3u
#}}}#u
u3u#u3u
#u3]#]
u3u#u3u
#}}}#u
u3u#u3u
#}}}#u
u3u#u3u
u3u#u3u
#}}}#u
u3u#u3u
#}}}#u
#}}}#u
}u3u#u3u
#}}}#u
#}}}#u
}u3u#u3u
#Uu3U]
^[]US]
_^[]U,B
\A@|MQP@
j@@|URV@
'C PP(SR
C PPSR
sC PPtSR
*M_^C@
C PPSQ
C PPSR
8LC PPD-SP
sM_^C@
M_^3[U
F$F(F,F0F4F8F<F@FDFHFLFPFTFXF\F`FdFhFlFpFtFxF|
VWj@0j
PHy#L#
ltF@@t
M_^3[R
VWj?3EVPi
EP$QRE
urrtOG!ucrt@S
M^33[O
_3[]VmG(|mC
8M_3^N
3_^[M3M
3_^[M3ZM
3_^[M3 M
3[M3YL
3[M3$L
t(MQWE
3_^[M3FK
3_^[M3
3_^[M3J
#t8RWAPu
M_^3[JJ
3_^[M3I
PdEHdE.lsEPQ
^]3^]UVF
Vj;h5H
QEzEpBEiy GE.yaE)?E,HE|c
REPQVu h
][U,SVW3SEPMQE
;t+MQSW
_^[]35hUH
_^[]Uh@
EPMj QF
^M_3[C?
]UQSVW
ft#f;uEPWVK
_^[]_^3[]US]
VW33fE
_^[]US]
V33Wft
fu+DC;
_^[]UQS]
E^[]USVW=|@B
VWEPM3Q}}
_^]SVA
;tcUSVR
39}vG{0M
FL;urS;
VW33}}
>@4EEE
>@4E}zt
>@4EUUvuh\rj
>@4EEE@U
>@4EEE
}9}t h,
Q_^2[]_^
E_^]3^]U(B
3_^[]_^[]Sh0hB
SVh3ptaB
dWt`x8taB
xO|xl~"``lxaxt
M_^3[N4
SVd3ttaB
xO|x\~"`X\xaxl
QpRhQ`j
M_^3[%3
SVp3taB
3Wltxd$
xO|xh~"`thxaxl
M_^3[C2
SVp3taB
3Wltxd$
xO|xh~"`thxaxl
h4U5Pp
M_^3[S1
SVl3paB
3Wtdx8aB
xO|xh~"`dhxatx
M_^3[R0
SVl3ptaB
3Wtdx8taB
xO|xh~"`dhxaxt
M_^3[X/
SVl3ptaB
3Wtdx8taB
xO|xh~"`dhxaxt
M_^3[d.
SVt3ltaB
pW`\x8taB
xO|xh~"`\hxax`
QlRdQj
M_^3[K-
SVp3taB
3Wltxd$
xO|xh~"`thxalx
M_^3[a,
SVl3ptaB
3Wtdx8taB
xO|xh~"`dhxaxt
M_^3[h+
SVl3ptaB
3Wtdx8taB
xO|xh~"`dhxaxt
M_^3[u*
SVl3ptaB
3Wtdx8taB
xO|xh~"`dhxaxt
hg!zPpl
M_^3[)
SVl3paB
3Wtdx8aB
xO|xh~"`dhxaxt
M_^3[(
SVh3paB
dWt`x8aB
xO|xl~"``lxaxt
hp4kPdp
M_^3[}'
SVp3aB
3Wltxd$
xO|xh~"`thxaxl
M_^3[&
SVl3paB
3Wtdx8aB
xO|xh~"`dhxatx
M_^3[%
SVp3aB
3Wltxd$
xO|xh~"`thxalx
M_^3[$
SVp3aB
3Wltxd$
xO|xh~"`thxaxl
M_^3[#
SVp3aB
3Wltxd$
xO|xh~"`thxaxl
M_^3["
]USVWt$
USVWl$
u 1}$1M(1
ZYE03E
u@1}D1MH1
ULQRU0
ZYEP3E4ET3E8EX3E<E\QR
u`1}d1Mh1
UlQRUP
ZYEp3ETEt3EXEx3E\E|QR
_^[]1USVWt$
USVWD$
_^[]1;
ESV3W;u
j"];~Cj3X
QSjVWp
e_^[M3f
SSSSS#
U SW3j
3Y}]9]
;t5;|"Mx
;v*8CSVh
woVW=B
:t3^[_@
U SW3j
3Y}]9]
;tV;|BMx
YYt"Mx
39]fD~
;v*8CSVhA
!NbQPFJ
S3VW9]
3_^[];t
B:t"Ou
U SW3j
3Y}]9]
fu3_[]
M9]u#WN
Y3MW0u
ft'Ou"+
jPfDJXdf
_#^3[u
VWft1E
YY]jXh0jB
WPWPWv
M_3[ j
whu;5XB
8]tEMap<u
TM_^3[
PY^hS=@B
Y%u 0B
USV5@B
3W;to=(B
P`Y9_t
uV:Y_^[]
t4V0;t(W8jYt
Fpt"~l
lVYYYEE
FlvlYE
YYt:V5B
PrYF4t
PdYF<t
PVYF@t
PHYFDt
P:YFHt
P,YF\=
~lt#WY;=B
33_V5p@B
YYt0V5B
ffffffE
YM_3[)
3PPPPP
u,Q ;t
QPvYYu
ItUhtDlt
HHtXHHt
4itqnt(o
t-RPSWO
0@?If90t
;u+(;u
u'~! Ot
`pM_^3[
UQSV?G
t4+t$HHt
ItUhtDlt
HHtYHHt
2itmnt$o
t-RPSWgC
0@@If8
u'~! Ot
`pM_^3[
YYuTVWhA
3]j h kB
3PPPPPV}@Y<v*Vp
^SSSSSyj
;tFtA3
M_^3[j
B:t6t:t't
t4+t$+t
ItQht@lt
3F tBP
itmnt$o
cj0XfQf>
t-RPSW01
u(~"j OzYt
u(~"j0O!Yt
j ONYt
`pM_^3[z
j h@kB
Y+t"+t
+tY+uCc}
Uw\]Yp
u>OdMGd
u wdSUY
EPQEPEj
j@j ^Vl
H3H/5UH
;rSWf9M
YYu,9E
W>+~,WPV
Y/V|Yt
Y}3u;5
YY3BUVH
4V'YYE
F$|3@_^
@;u`3@
uNSW<B
1E3PeuEEEEd
Y__^[]Q
E_^[]E
9csmu)=hB
W34809}
;u d8J
4 3,9E
P4UM`8
DQP C@
,PVEP$
3+4H;M
(PVHP$
(PVHP$
r3VVhU
QH++PPVh
(P+P5P$
\,+48;E
8+0[M_3^Gj
DDDDDDDDDDDDDD
8csmu*x
S^`N`H
j$Y~\d9
QY^`[_^]
5V~f>=Yx
3Y[_^5B
3PPPPP.
UQV3W}
ft;uf t
Bf8\tf8"u8
ft$9Uu
UQQSVWh
V33SfB
[]YY?sJM
;r4PYt'EP
_[^SVW
E3E3;u
tAt2t$
+SVWT$
URPQQhA
t;T$4t
;v.4v\
UVWS33333[_^]
33333USVWj
_^[]Ul$
S3VW;~ E
@;u+H;}
39](SSu
]9]tWuu
};~Bj3X
3;t?uWuuu
t"SS9] u
EWTYuKEYe_^[M3
MBu(Eu$u u
ES3VW]9]
39] SSu
EYe_^[M3
M6Fv >v$6v(.v,&v0
v<@v@vDvHvL
Yv4;5\B
PDYF ;
P2YF$;
P YF8;
YvL;5tB
Y^]QL$
UV3PPPPPPPPU
$s ^UV3PPPPPPPPU
EU_^j
f;v6;t
Map_^[;t&;w |j"^0D8]tE`py
<E`p0M
YY]VD$
eE,Xh%A
PuZYYu
;r>PuDYYt/
B(;r3_^[]
UjhHlB
1E3PEd
Eu}hDaB
3M_^3[
t.VEYt"V9
Yt.VYt"V
VYt.VYt"V
]39}~0N
D=VP[YYtG;}|fE
YYM_^3[Uv
PYYt}E
E`p;39]
S3VW;|[;
t6<0t0=B
FGIuX^_]
3USVWUj
P(RP$R
UPjhpA
t:|$,t
;t$,v-4v
UQPXY]Y[
u,6{ ;t
WVYtPUH
^]3PPj
RQMQVp
YY]UWVSM
VnYY;t u
]WVS3D$
Fu^8Mt
MKf3;u"|j
E`p^[9M
|j"W8M
E`p33PPPPP6
[SMQMQp
M_^3[c
E`p3[_^
MN`u#1wj
{@PVS"
E`p3_^[
^VMQMQp
[M_3^=^
_WMQMQp
tS]3K}-
[M_3^P]
et_EtZfu
VVVVVV^j
t*9csmu"A
mVW_^]M
M#\EP3SSSSWEPEPu
E`p3M_^3[Z
M{[EP3SSSSWEPEP
E`p3M_^3[VZUWVu
DDDDDDDDDDDDDD
WO@PWV
PEP"YYEPj
U3PPPPP|WVU33D$
u'339\u
JBtj 3Y+@M
}99}r"9U
JBj Y+3B\M
3+BL1<
Jy3^j Y+
M_3[DN
u'339\u
JBtj 3Y+@M
}99}r"9U
JBj Y+3B\M
3+BL1<
Jy3^j Y+
FWE}MuMMMMMMM9M$u
<+t"<-t
h<+t<-tk}
+t HHt
B:t,1<
+JMtHHt
B:}QMEO?
tEPuEP
}M]U3EE
3f;u AE
f;u!AC
u4}u+e
f;r#33f9EE
[M_3^JB
EAV#f}
W]EEE?E
S3PPPPP
i3f9Ut
EfUu}M
3f;u GE
90t!uuE
EMuUm
HuMu9Et
u4}u+e
33f9EE
UUUUU3##
f;wK3EE9
}fEEEEEf}Z33f9u
Ea3f;u
f~7}x+EMe
EM}Um
H}Mu9Et
u4}u+e
f;r#33f9EE
ufEEEEEfu
~(E]Mm
0K;]sE;]s
EM_^3[\9
K;sE;s3f
SVW}f]3
S3VWEN@
tfM_^fH
HH:mm:ss
dddd, MMMM dd, yyyy
MM/dd/yy
December
November
October
September
August
February
January
Saturday
Friday
Thursday
Wednesday
Tuesday
Monday
Sunday
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
(null)
`h````
xpxxxx
`h`hhh
xppwpp
CorExitProcess
Complete Object Locator'
Class Hierarchy Descriptor'
Base Class Array'
Base Class Descriptor at (
Type Descriptor'
`local static thread guard'
`managed vector copy constructor iterator'
`vector vbase copy constructor iterator'
`vector copy constructor iterator'
`dynamic atexit destructor for '
`dynamic initializer for '
`eh vector vbase copy constructor iterator'
`eh vector copy constructor iterator'
`managed vector destructor iterator'
`managed vector constructor iterator'
`placement delete[] closure'
`placement delete closure'
`omni callsig'
delete[]
new[]
`local vftable constructor closure'
`local vftable'
`udt returning'
`copy constructor closure'
`eh vector vbase constructor iterator'
`eh vector destructor iterator'
`eh vector constructor iterator'
`virtual displacement map'
`vector vbase constructor iterator'
`vector destructor iterator'
`vector constructor iterator'
`scalar deleting destructor'
`default constructor closure'
`vector deleting destructor'
`vbase destructor'
`string'
`local static guard'
`typeof'
`vcall'
`vbtable'
`vftable'
operator
delete
__unaligned
__restrict
__ptr64
__eabi
__clrcall
__fastcall
__thiscall
__stdcall
__pascal
__cdecl
__based(
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
GetProcessWindowStation
GetUserObjectInformationW
GetLastActivePopup
GetActiveWindow
MessageBoxW
advapi32.dll
user32.dll
ws2_32.dll
ntdll.dll
winsta.dll
shell32.dllwininet.dllurlmon.dll
Gdi32.dll
gdiplus.dllcrypt32.dllSHLWAPI.dllImagehlp.dll
psapi.dll
olE32.dll
winspool.drv
mpr.dll\
H;^6AA
The scalar for this x is unknown
RIPE-MD160
123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz
%X%X%X%X%X%X%X%X
XXXXXXXXXXXXX
AAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA
H;^6A@...........91278458.........
NetStatisticsGet
NetApiBufferFree
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
CreateToolhelp32Snapshot
CloseToolhelp32Snapshot
Heap32First
Heap32Next
Heap32ListFirst
Heap32ListNext
Process32First
Process32Next
Thread32First
Thread32Next
Module32First
Module32Next
CoCreateInstance
!secp256k1_fe_is_zero(&ge->x)
pubkey != NULL
input != NULL
outputlen != NULL
*outputlen >= ((flags & SECP256K1_FLAGS_BIT_COMPRESSION) ? 33 : 65)
output != NULL
seckey != NULL
secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx)
result != NULL
point != NULL
scalar != NULL
0123456789ABCDEF
1#QNAN
1#SNAN
GdipFree
GdipAlloc
GdipGetImageEncodersSize
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipSaveImageToFile
GdipCloneImage
GdiplusStartup
gdiplus.dll
LoadLibraryA
GetModuleHandleA
GetFileSize
SetFilePointer
GetDriveTypeW
HeapAlloc
GetLogicalDriveStringsW
HeapFree
GetProcessHeap
WriteFile
GetFileAttributesW
ReadFile
CreateFileW
FlushFileBuffers
CloseHandle
SetFileAttributesW
GlobalMemoryStatus
FreeLibrary
QueryPerformanceCounter
GetTickCount
LoadLibraryW
GetVersionExW
GetProcAddress
GetCurrentProcessId
GetCurrentProcess
KERNEL32.dll
LoadStringW
DrawTextA
USER32.dll
GetStockObject
CreateFontW
SelectObject
DeleteObject
SetBkMode
SetTextColor
GDI32.dll
PathFindExtensionW
PathFindFileNameW
SHLWAPI.dll
GetLastError
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
GetCommandLineW
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
LCMapStringW
ExitProcess
GetStdHandle
GetModuleFileNameW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwind
MultiByteToWideChar
GetStringTypeW
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
HeapSize
00P`00P
++}V++}
&&jL&&j
66Zl66Z
??A~??A
44\h44\
11Sb11S
##eF##e
''iN''i
,,tX,,t
;;Mv;;M
)){R)){
//q^//q
`@ `
99Kr99K
33Uf33U
<<Dx<<D
88Hp88H
!!cB!!c
==Gz==G
""fD""f
**~T**~
22Vd22V
::Nt::N
$$lH$$l
77Yn77Y
%%oJ%%o
..r\..r
!> !
>>B|>>B
55_j55_
((xP((x
--wZ--w
:QPQR~AeS~Ae
j:'^:'^;k;k0 E E6XXK
8 0U 0vmvm@vv
**&5D&5D
L/FFkk
mzmzCRY
Xt!Xt!Ii)IiDu
Tyxy{X>kX>'q'q2OO
f #}:}:=cJ
1LQ3`Q3bS
dwdwBkk
+NpHhXpHh
E.llR{R{fs#s(rK
W $fU*fU(
I0(0(m##
NiNidee
h4b 4b
4.S4.S
]@`@`e^q
HMFMPTTq]
plZrNlZr
=X6-9'6-9
h\!h\[T
[TE$6.:$6.
Oa a ?ZwKiZwK
**<"C<"
&O\r\rgDf;Df;[~4[~C)vC)##h
sJ$}J$
2t)m)"
H7Gd"Gd
?uV},V},"3"3nIN
??,:,:oPx
j_bT~FbT~F
Vo-o->%
}cncy;{; &x
OOnenx~!
Jo6Jo6
)|)|311*?#1*?#
5f5f1tN7tN
vM`CMCQ
Lj, , JFeQ
zG<zGYUs?Us
s7s7<SS
_[_S=o
h>h+8$4,8$4
%w(<I(<I
dVdVc{
U2p2!Hl\tHl\
.?AVtype_info@@
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
FJ-I(31,d;
u$kAt:0P^(
jULh[k8Jl
tJXy,z;
mgUN{Nf
`L> !Z?Ntv
Pu:St.1
BM-%B*
MtLH[=&
k?Nl,x
bv 9M?
\~677`(<
N4Qz}%
Y0GSD!
M`F[p(6[p
H_|KN)
ei7T#S6
!G*W2=
@8Ik;8
BK;vPB9!iH
O!<,~s
*v-Vw=/
HH-dZp
_4nrzW"#
f9X: )K7Ia A2:'
|Se!BJ
k;ALHg
[i n:~
{0q*)GI.C
O;b@rS9%$
Vg?@/C
y?'4Fkp9
CluUSRa
Zb'_g- A&,<
9lPae[mr5
_xW2oiqg
vjI.4Wh@w3_`.5g]>
rIoi[f#
NKb3)H
1}ZO$o3jb
Y8/Z1p
0#aTf=
~P][Z,3-~
(>Mbawq%^
/$k[qW
G`=.sd?kl
(\@{.Wh
]&8)!&Su&a>f
U'.KL;,1uD
J 4$,~
RE(Ajx
1nfB4/S
e}C_i?oa
-ZvVA$
E,)PD6
*BsxpD&D@*4
\HIQpi
y@E<KrryI%2#
[)J-s&>S
eXN]@kB9<
4c:n@3!aU+S<
eF15t]#k)9
6$&6U[WK#
7rt?xQ
snX.dNF7p
qmvbsI?G
Av`g_I0 1.G
FE";6K{
^sk>X8N
2h < u<8EFCv
wYN!'2&IjN
0Wp6s/
"c7=zv
n]{'/U\+zh
D8t;Z#
:t "VXr1YdwS1
9@];Z
D-+P.2vz
H z()cY
UaO a8
\S2Ljcx
W{%pBEil,
lKc]BR<:%x
YA\{"U
-yw5Ou
Rn-CiU%\|Q>ZV
tr-@RthZ7
]y0~L_
tDuBf7
g>.BkAm#HY
\&c-wV
nvVTQdvp
y1 ;a+/
/"woS&fsj7
'+|*L6%I
Aay5[?
g7ljol_
PV9-c9'~y
b;N,I|vpb
*F([Ff%
VeX}4G
wVOYXzW
^&D{TGB
x733HvXkAAG#
%8%r]0H
=*8<JNj>v
J$.GpEB\7
R_{`4KF8(
msQEF8
lhIF_[\
TMY<V)
He{F6SJ
%Dw9XJ
u6U]\T`E[Q=
|KA$ZN&
nLa-8p
=W5/ 9
Cda0"G=ZE)
GX)!*4.
U2YJpF^(;
G:GMb1
LFz`f|'u
ydfyODRR]u
VaeT$Wreqd
$+7FjJ
/iDZa*
j#UH+*
McfKKA"
R^7Z$3\L
AbQD2pp
!khV&ggVc
;N're:
+qMkY(
3O]&wa|4n
l@Pv[f
X|Uz|\
bIZH#dK?o
J$.$BB-
~Mqtxwr;
5.:y:oWP\|NQ
0n3kS-zk
VftSG&
d;4^la*B
N;1's{
<6Rz?e
=$qwc%
H=0SLb
Dj!4@m1
FXK3FPpg3@
grxGw]Q
FXc8Ep
L1lQ $vCm
YAxm7<V3N&
@1,\Z-
5u?okR &It
O7N6>RFA$
BJq(p0z"<@
0/(,'kQWjnB(
s_K!?AL
]?^]-Rh-yU
j,TV{c
rm3\pj
3}|03{*
VgZs"
slLbF{Q{
[9`IIN
<q2 kw
:?n`ed
kNH#0sYqU{
rt_\8CE+KsK`
bMCGt[-{
`x33cy
-SY`+E=T
QAe]N,
2|36,[
iDKZ?L]_>;=
'I")&5
Yob%i2)'hdl6i{q
[6OAxpW
+RdTh-Dy;
%3!6_K
;=Fj\o0,l1#)
f=gBl4,:gz$r
Mv=V|}[
!-S0\bz
L23RqY
.NHf;|4`+
qO quP
nrcU L
hGXy)~o
Z1]3Q?[
Obs9xcUU}
%4M&c"T
<|,=gE}0u;
EBJH1?h_
xKhAB,D
u!c.,l2_3
X~<Y:duis
LD_W~5
c#bCP=
.1Cu{TV
aI,`8VQ
8"WHth
?<vO}?2^}q
v))Xfjf]{
=W7L`NRgTWH~6
9$Zc%{
``QuoF
buOT39
w`|$q >p
/ e}h5
eA>3MK
TzNPt+<
='bM.6p!
zqjp2d
tU2[ 6eQ
6>UAOWgAmm
<e:b`p
Bj&A$vc%SG
+nn;ehx`_j]]F
zj8nHQ2m
l;@svfI^3
FxGT3NcM
O*XAJVl
kI+aP\vC8t0
R'1QuC&
egc{oSb
RmQ") iJ
nqNHNS^
M8"A25"V
SYvI:p
=RCKD!5,LmMZ;C
FPJg]LAz)<b:f!
5]">{Cthn!M*}8E+q,O#U|-
!]RHTJ
%_zEz,pY~!x$o+RymQ%,gq
'd \]NsKYZ@^
YKbz:Gm
g,w- mkR
D^<iP&>
ug P5g6Mkq{V
`Up)bsenHsa6[5
n\i8O\Bk
QX|hEh
_/m|3=(
1iez|BtCCSC
nn="M>m
8?mLRJ
M=k_y%U
h w[uCs
-Aix@D
j4?2LA5a!<oY
&mDA'M
<[!S1-
)VPz^[2
l?]3SW
3Zy45W]6ATpmV
kI@4d~'
zpBiy G.ya)?,H|c
.?AVGdiplusBase@Gdiplus@@
.?AVImage@Gdiplus@@
.?AVBitmap@Gdiplus@@
I x@oGAkU'9p|B
~QCv)/&D(
uuvHMXB
9;5SM]=];Z] T7aZ%]g']
?Zd;On
7?3=Bz
;1az?aUY~S|
D?$?9'
*?}d|FU>c{
zc%C1<!8G
u7.:3q
#2IZ9W
,%I-64OSk%Y
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
01X23333
4"4)40474>4E4L4S4Z4a4h444,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|55
6666]7p7
88$9E9L9d99
>9>M>c>x>>>6?b???????
0R0X0k00000061<1111=2H2222L3W3333K4V4444=5H5555
6A6]66666
7Q7V778888
9 9'969\9e9v99999
::::S;;;R<<<======
>$>,>4><>C>N>p>>>>>#?4?
-0R00000000000
1$1)1:1Z1
5:5Q5r555Q6_6
7+727R7
77777777777777?8b9::s;
<!<B<<<
=7=Z===
>7>T>>>
?7?T???
000S000*1Y1111J2g2222J3a3333M44-88
<&<.<6<?<E<K<Q<W<_<z<<<<<<<<<
= =*=;=o=
?"?(?8?@?S???
0 0(0V0`0~0000000000
2D2J2v22233333
414:4?4m444444444
5"515_5n5w5|555555M6Z6d6p6|666666666m777
8c88;9~9999999999998:E:N:U:^:c::::::
2J3P3g3t3|33333q555555 656?6J6[6|6
7A7V7g7t7}77777777 8W8e8p888879
:5:Q:n::
;Z;;;;
<=<G=Q=s==
>^>h>o>w>
?+?1?7??
1n1y11
2$22222
W::g<z==>J??
1*11j5
8.8':*;;;
<*<W<<
=/=j==
>2>g>>
j00001111
2%22282>2H2\2k2w2222s3~333333555555
6.6p6w6
717G777>888849J9c9z999999999J:x:::::
;$;+;2;;;{====
>I>>>)?8?
111n2222*3C3v33?4K4^4444
5 5'5/575>5Z5w55
6j666+767777+868z888
9&9j999
;Z;w;;;
>Z>w>>>
?J?g????
:0W0t000:1W1t111:2W2z222:3Q3r333*4G4d444
515R555
6!6B6666
72777h8r8|888888888888
959?9I9S9]9g9q9999999999
: :*:4:>:U:_:i:s:}::::::::::
;";,;6;@;J;Z;d;n;x;;;;;;;;;;
<'<1<;<E<i<s<}<<<<<<<<<<<<
=6=@=J=T=^=h=r==========
>!>+>5>?>V>`>j>t>~>>>>>>>>>>
?#?-?7?A?K?[?e?o?y??????????
0(020<0F0j0t0~000000000000
171A1K1U1_1i1s1111111111
2"2,262@2W2a2k2u2
222222222
3,3D3T3d3r333333V4c4v444444
5%585H5z5555555
6<6I6\6l666666
7.7^7k7~77777788E8X8h88888
9+9>9N999
:#:-:E:O:Y:c:m:}:::::::::::
;';1;;;K;U;_;i;;;;;;;;;;;;
<#<-<7<[<e<o<y<<<<<<<<<<<<
=)=3===G=Q=[=e=}==========
> >)>3>K>U>_>i>s>>>>>>>>>>>
?#?-?7?A?Q?[?e?o???????????
0 0)030=0a0k0u0
00000000000
1/191C1M1W1a1k11111111111
2%2/292Q2[2e2o2y22222222222
3 3)333=3G3W3a3k3u3333333333
4%4/494C4h4u444444444
5,5<5L5\5555555
6 6'656<6G6N6Y6`6q6x66666666666666
7(7/7:7A7L7S7d7k7y77777777777777
8"8-848?8F8W8^8l8s8~8888888888888
9 9'92999J9Q9_9f9q9x999999999999
:#:*:5:<::::
;p;x;;;;?
00000:4c447
878=8W8f8s8
88888888
9!9G9z999999b:i:::2;8;D;{;;z<
>;>J>R>_>k>w>}>>>>>>>I????????????
0"0.070<0B0L0U0`0l0q000000000011
2N2Z22
3444444
5>5I5S5l5v5555
8$868Q8Y8a8x88888888
9)9:9N9991::H;v;;
<R<<<<<<<<<<<<<<<<
=@=U={======
>%>K>>>>*?2?|?????????????????
0 0/0E0K0S0X0`0e0m0r0y00000000
1K1]1=2G2T22222k4r4
5555F6U6p69:;<<h<<i>
00000000*111
2j2225618t888:<<<<<<<<<<
=,=========
>)>4>N>Y>a>q>w>>>>>>
0R0j0t0000000
121O11111
234447
9b::::<*?.?2?6?:?>?B?F??????
0d0i00000000/181>12222 3&3;333333
4A4S4444444 5)555n5w55555555
79777777
8@8G8`8t8z88888N9n999q:::;;;;N<o<<q==>>
2L2b222_333Z444444444
5-54585<5@5D5H5L5P555555
686?6D6H6L6m6666666666667<7@7D7H777,979v999
:+:6:;;;;;:<A<V<<<<<<<!=.=:=B=J=V=
===E>Q>\??
0\001?2b2266
7.7T7f7x77777777
8,8?9E9O9999
:F:n::\;
;;;;;;<<(>_>e>j>x>>>>>
?$?3?V?[?`?w?
0000%1H1S1Y1i1n1
11111111111111)2C2]222222
3\334V55b66666@7M7l77777+8S8l88888
9)96:;:\:::E;_;h;q<w<==
>E>O>g>>>>?????
2 2&2*2/25292?2C2I2M2S2W25
6N6;o<)>
z00000000
1/1M1T1X1\1`1d1h1l1p11111122=2X2_2d2h2l22222222
3V3\3`3d3h3 5
7788G9(:::g;m;{;
<.<h<<==>y?
0000h1
5\8`8d8h8l8p8t8x8|88888W9
9999!:
(47777
1111111
2????????????
0$0,040<0D0L0P7T7X7\7`7d7h7l7p7t7x7|777777777777777777777777777777777
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8888888888888888888888
d3l3@8D8H8L8P8T88888888
9 90949D9H9L9P9X9p999999999999(:D:H:h::::::
;8;X;x;;;;;
< <@<\<`<<<<<<
0(000X8X9\9`9d9h9l9p9t9x9|999999999999999999999999999999999
: :$:(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|::::::::::::::::
;(;8;H;X;|;;;;;;;;;(=,=0=4=8=<=@=D=H=L=X=\=`=d=h=l=p=t=x=|===============
@V`w`/
x\`wP0
(]`wx0
CNwBNwBNwBNwBNwBNwBNw
6YKU`)
CNwBNwBNwBNwBNwBNwBNw
M(i+*<&
vt9v`9v<9v
87vX'9
ANwANwd@Ow
@r|0r|
r|PD98
P`wP`w
AV3FnpCE
AV3FnpCE
AV3FnpCE
0`w0`w
AV3FnpCE
X`wlld.@
|||||||$#|e
hNw8f9
ANwANwd@Ow
ANwANwd@Ow
^0OzIj
DdwDdwE
bGm|)?
(s| Y|
r|r|r|h
ALLUSE~1
{wtwuw
DOCUME~1
ALLUSE~1
SrvSetOs2FeaList: Sr
ANwANwd@Ow
8[| Y|
Z|lZ|XZ|8Z|Z||Z|
Z|L0|<0|\0|P
8[| Y|
Z|lZ|XZ|8Z|Z||Z|
Z|L0|<0|\0|
@r|0r|
r|PD98
URNXYMAV
Desktop
Z|lZ|XZ|8Z|Z||Z|
Z|L0|<0|\0|
WINDOWS
system32
cmd.exe
ALLUSE~1
Desktop
i?!kH`
WINDOWS
system32
cmd.exe
LUSE~1
Desktop
i?!kH`
DOCUME~1
ALLUSE~1
cmd.exe
Z|lZ|XZ|8Z|Z||Z|
Z|L0|<0|\0|
DOCUME~1
DOCUME~1
DOCUME~1
Z|lZ|XZ|8Z|Z||Z|
Z|L0|<0|\0|
DOCUME~1
ALLUSE~1
ALLUSE~1
MYDOCU~1
URNXYMAV
MYDOCU~1
DOCUME~1
DeleteOnCopy
DeleteOnCopy
PersonalizedName
DeleteOnCopy.A
DeleteOnCopy
Personalized
.ShellClassInfo
PO :i
DOCUME~1
URNXYMAV
MYDOCU~1
DOCUME~1
.ShellClassInfo
LocalizedResourceName
DOCUME~1
ALLUSE~1
Desktop
i?!kH`
DOCUME~1
ALLUSE~1
DOCUME~1
i?!kH`
@shell32.dll,-21785
PO :i
DOCUME~1
ALLUSE~1
DOCUME~1
i?!kH`
@shell32.dll,-21785
PO :i
DOCUME~1
URNXYMAV
Desktop
PO :i
DOCUME~1
ALLUSE~1
Desktop
i?!kH`
Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
WINDOWS
system32
WINDOWS
system32
L!This program cannot be run in DOS mode.
YYY_Y^
[XmXRichY
`.data
msvcrt.dll
KERNEL32.dll
NTDLL.DLL
USER32.dll
B�B�H�H�:�m�m�:�s�s�
d�d�d�d�,� �M�M�M�M� �d�d�,� �y�y�y�y�
M�M�/�d�d�/�y�y�
D�e�c�e�m�b�e�r�
N�o�v�e�m�b�e�r�
O�c�t�o�b�e�r�
S�e�p�t�e�m�b�e�r�
A�u�g�u�s�t�
F�e�b�r�u�a�r�y�
J�a�n�u�a�r�y�
S�a�t�u�r�d�a�y�
F�r�i�d�a�y�
T�h�u�r�s�d�a�y�
W�e�d�n�e�s�d�a�y�
T�u�e�s�d�a�y�
M�o�n�d�a�y�
S�u�n�d�a�y�
(�n�u�l�l�)�
m�s�c�o�r�e�e�.�d�l�l�
r�u�n�t�i�m�e� �e�r�r�o�r� �
T�L�O�S�S� �e�r�r�o�r�
S�I�N�G� �e�r�r�o�r�
D�O�M�A�I�N� �e�r�r�o�r�
-� �A�t�t�e�m�p�t� �t�o� �u�s�e� �M�S�I�L� �c�o�d�e� �f�r�o�m� �t�h�i�s� �a�s�s�e�m�b�l�y� �d�u�r�i�n�g� �n�a�t�i�v�e� �c�o�d�e� �i�n�i�t�i�a�l�i�z�a�t�i�o�n�
T�h�i�s� �i�n�d�i�c�a�t�e�s� �a� �b�u�g� �i�n� �y�o�u�r� �a�p�p�l�i�c�a�t�i�o�n�.� �I�t� �i�s� �m�o�s�t� �l�i�k�e�l�y� �t�h�e� �r�e�s�u�l�t� �o�f� �c�a�l�l�i�n�g� �a�n� �M�S�I�L�-�c�o�m�p�i�l�e�d� �(�/�c�l�r�)� �f�u�n�c�t�i�o�n� �f�r�o�m� �a� �n�a�t�i�v�e� �c�o�n�s�t�r�u�c�t�o�r� �o�r� �f�r�o�m� �D�l�l�M�a�i�n�.�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �l�o�c�a�l�e� �i�n�f�o�r�m�a�t�i�o�n�
-� �A�t�t�e�m�p�t� �t�o� �i�n�i�t�i�a�l�i�z�e� �t�h�e� �C�R�T� �m�o�r�e� �t�h�a�n� �o�n�c�e�.�
T�h�i�s� �i�n�d�i�c�a�t�e�s� �a� �b�u�g� �i�n� �y�o�u�r� �a�p�p�l�i�c�a�t�i�o�n�.�
-� �C�R�T� �n�o�t� �i�n�i�t�i�a�l�i�z�e�d�
-� �u�n�a�b�l�e� �t�o� �i�n�i�t�i�a�l�i�z�e� �h�e�a�p�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �l�o�w�i�o� �i�n�i�t�i�a�l�i�z�a�t�i�o�n�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �s�t�d�i�o� �i�n�i�t�i�a�l�i�z�a�t�i�o�n�
-� �p�u�r�e� �v�i�r�t�u�a�l� �f�u�n�c�t�i�o�n� �c�a�l�l�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �_�o�n�e�x�i�t�/�a�t�e�x�i�t� �t�a�b�l�e�
-� �u�n�a�b�l�e� �t�o� �o�p�e�n� �c�o�n�s�o�l�e� �d�e�v�i�c�e�
-� �u�n�e�x�p�e�c�t�e�d� �h�e�a�p� �e�r�r�o�r�
-� �u�n�e�x�p�e�c�t�e�d� �m�u�l�t�i�t�h�r�e�a�d� �l�o�c�k� �e�r�r�o�r�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �t�h�r�e�a�d� �d�a�t�a�
-� �a�b�o�r�t�(�)� �h�a�s� �b�e�e�n� �c�a�l�l�e�d�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �e�n�v�i�r�o�n�m�e�n�t�
-� �n�o�t� �e�n�o�u�g�h� �s�p�a�c�e� �f�o�r� �a�r�g�u�m�e�n�t�s�
-� �f�l�o�a�t�i�n�g� �p�o�i�n�t� �s�u�p�p�o�r�t� �n�o�t� �l�o�a�d�e�d�
B�M�i�c�r�o�s�o�f�t� �V�i�s�u�a�l� �C�+�+� �R�u�n�t�i�m�e� �L�i�b�r�a�r�y�
<�p�r�o�g�r�a�m� �n�a�m�e� �u�n�k�n�o�w�n�>�
R�u�n�t�i�m�e� �E�r�r�o�r�!�
P�r�o�g�r�a�m�:� �
� � � � � � � � �(�(�(�(�(� � � � � � � � � � � � � � � � � � �H�
� � � � � � � � �h�(�(�(�(� � � � � � � � � � � � � � � � � � �H�
� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � �H�
W�U�S�E�R�3�2�.�D�L�L�
C�O�N�O�U�T�$�
A�D�V�A�P�I�3�2�.�D�L�L�
K�E�R�N�E�L�3�2�.�D�L�L�
N�E�T�A�P�I�3�2�.�D�L�L�
L�a�n�m�a�n�W�o�r�k�s�t�a�t�i�o�n�
L�a�n�m�a�n�S�e�r�v�e�r�
O�l�e�3�2�.�d�l�l�
_�_�u�u�e�w�r�_�_�j�f�j�
w�l�r�m�d�r�
S�h�e�l�l�3�2�.�d�l�l�
b�s�s�i�m�g�
C�o�m�S�p�e�c�
T�a�h�o�m�a�
B�B�B�B�B�B�B�B�B�B�
B�B�B�B�B�B�B�B�
V�S�_�V�E�R�S�I�O�N�_�I�N�F�O�
S�t�r�i�n�g�F�i�l�e�I�n�f�o�
0�4�2�1�0�4�b�0�
C�o�m�p�a�n�y�N�a�m�e�
T�O�D�O�:� �<�C�o�m�p�a�n�y� �n�a�m�e�>�
F�i�l�e�D�e�s�c�r�i�p�t�i�o�n�
T�O�D�O�:� �<�F�i�l�e� �d�e�s�c�r�i�p�t�i�o�n�>�
F�i�l�e�V�e�r�s�i�o�n�
1�.�0�.�0�.�1�
I�n�t�e�r�n�a�l�N�a�m�e�
T�O�D�O�:� �<�I�n�t�e�r�n�a�l� �n�a�m�e�>�
L�e�g�a�l�C�o�p�y�r�i�g�h�t�
C�o�p�y�r�i�g�h�t� �(�C�)� �2�0�1�6�
O�r�i�g�i�n�a�l�F�i�l�e�n�a�m�e�
T�O�D�O�:� �<�O�r�i�g�i�n�a�l� �f�i�l�e�n�a�m�e�>�
P�r�o�d�u�c�t�N�a�m�e�
T�O�D�O�:� �<�P�r�o�d�u�c�t� �n�a�m�e�>�
P�r�o�d�u�c�t�V�e�r�s�i�o�n�
1�.�0�.�0�.�1�
V�a�r�F�i�l�e�I�n�f�o�
T�r�a�n�s�l�a�t�i�o�n�
C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�A�l�l� �U�s�e�r�s�\�D�o�c�u�m�e�n�t�s�
w�a�r�e� �a�c�c�e�s�s� �r�i�g�h�t�s� �a�r�e� �d�e�t�e�r�m�i�n�e�d� �b�y� �t�h�e� �a�c�c�e�s�s� �r�i�g�h�t�s� �o�f� �t�h�e� �u�s�e�r�.�
:�\�W�I�N�D�O�W�S�\�R�e�g�i�s�t�r�a�t�i�o�n�\�R�0�0�0�0�0�0�0�0�0�0�0�b�.�c�l�b�
\�W�I�N�D�O�W�S�\�R�e�g�i�s�t�r�a�t�i�o�n�\�R�0�0�0�0�0�0�0�0�0�0�0�b�.�c�l�b�
_�R�_�0�0�0�0�0�0�0�0�0�0�0�b�_�S�M�e�m�_�_�
e�g�i�s�t�r�y�\�M�a�c�h�i�n�e�\�S�o�f�t�w�a�r�e�\�C�l�a�s�s�e�s�\�C�L�S�I�D�\�{�7�B�8�A�2�D�9�4�-�0�A�C�9�-�1�1�D�1�-�8�9�6�C�-�0�0�C�0�4�F�B�6�B�F�C�4�}�
C�L�S�I�D�\�{�E�4�3�6�E�B�B�3�-�5�2�4�F�-�1�1�C�E�-�9�F�5�3�-�0�0�2�0�A�F�0�B�A�7�7�0�}�
l�o�w�s� �p�r�o�g�r�a�m�s� �t�o� �e�x�e�c�u�t�e� �a�s� �a� �u�s�e�r� �t�h�a�t� �d�o�e�s� �n�o�t� �h�a�v�e� �A�d�m�i�n�i�s�t�r�a�t�o�r� �o�r� �P�o�w�e�r� �U�s�e�r� �a�c�c�e�s�s� �r�i�g�h�t�s�,� �b�u�t� �c�a�n� �s�t�i�l�l� �a�c�c�e�s�s� �r�e�s�o�u�c�e�s� �a�c�c�e�s�s�i�b�l�e� �b�y� �n�o�r�m�a�l� �u�s�e�r�s�.�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�u�r�l�m�o�n�.�d�l�l�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�q�u�a�r�t�z�.�d�l�l�
C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�L�o�c�a�l� �S�e�t�t�i�n�g�s�\�T�e�m�p�o�r�a�r�y� �I�n�t�e�r�n�e�t� �F�i�l�e�s�\�O�L�K�*�
e�r�s�\�C�a�c�h�e�%�O�L�K�*�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�;�C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�;�C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�;�C�:�\�W�I�N�D�O�W�S�;�.�;�C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�;�C�:�\�W�I�N�D�O�W�S�;�C�:�\�W�I�N�D�O�W�S�\�S�y�s�t�e�m�3�2�\�W�b�e�m�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�q�u�a�r�t�z�.�d�l�l�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�q�u�a�r�t�z�.�d�l�l�
C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�M�y� �D�o�c�u�m�e�n�t�s�
C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�A�p�p�l�i�c�a�t�i�o�n� �D�a�t�a�
C�L�S�I�D�\�{�C�D�A�4�2�2�0�0�-�B�D�8�8�-�1�1�D�0�-�B�D�4�E�-�0�0�A�0�C�9�1�1�C�E�8�6�}�
?�\�I�D�E�#�C�d�R�o�m�N�E�C�X�X�W�a�r�_�X�X�w�a�r�e�_�I�D�E�_�C�D�R�1�0�_�_�_�_�_�_�_�_�_�_�_�_�_�_�_�1�.�0�0�_�_�_�_�#�3�0�3�1�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�1�3�0�#�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}�
C�L�S�I�D�\�{�D�7�6�E�2�8�2�0�-�1�5�6�3�-�1�1�C�F�-�A�C�9�8�-�0�0�A�A�0�0�4�C�0�F�A�9�}�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�q�c�a�p�.�d�l�l�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�q�c�a�p�.�d�l�l�
f�3�2�d�3�b�0�\�b�6�6�2�e�f�4�9�.�e�x�e�
I�N�D�O�W�S�\�I�N�F�
C�:�\�W�I�N�D�O�W�S�\�S�Y�S�T�E�M�
C�:�\�W�I�N�D�O�W�S�\�L�a�s�t�G�o�o�d�
I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�R�e�i�n�s�t�a�l�l�B�a�c�k�u�p�s�
I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�D�R�I�V�E�R�S�
\�w�i�n�d�o�w�s�\�S�e�r�v�i�c�e�P�a�c�k�F�i�l�e�s�\�S�e�r�v�i�c�e�P�a�c�k�C�a�c�h�e�
n�t�s�v�c�s�
s�t�r�i�c�t�e�d�
\�?�?�\�C�:�\�W�I�N�D�O�W�S�\�T�E�M�P�
Y�M�A�V�\�L�O�C�A�L�S�~�1�\�T�e�m�p�\�
\�?�?�\�C�:�\�T�E�M�P�
?�\�C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�
Z�o�n�e�.�I�d�e�n�t�i�f�i�e�r�
o�n� �D�a�t�a�\�w�l�r�m�d�r�.�e�x�e�
\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�A�p�p�l�i�c�a�t�i�o�n� �D�a�t�a�\�w�l�r�m�d�r�.�e�x�e�
?�\�C�:�\�b�f�3�2�d�3�b�0�
y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�
1�\�T�e�m�p�\�
l�l�o�w�e�d�
w�a�r�e� �w�i�l�l� �n�o�t� �r�u�n�,� �r�e�g�a�r�d�l�e�s�s� �o�f� �t�h�e� �a�c�c�e�s�s� �r�i�g�h�t�s� �o�f� �t�h�e� �u�s�e�r�.�
l�o�w�s� �p�r�o�g�r�a�m�s� �t�o� �e�x�e�c�u�t�e� �w�i�t�h� �o�n�l�y� �a�c�c�e�s�s� �t�o� �r�e�s�o�u�r�c�e�s� �g�r�a�n�t�e�d� �t�o� �o�p�e�n� �w�e�l�l�-�k�n�o�w�n� �g�r�o�u�p�s�,� �b�l�o�c�k�i�n�g� �a�c�c�e�s�s� �A�d�m�i�n�i�s�t�r�a�t�o�r� �a�n�d� �P�o�w�e�r� �U�s�e�r� �p�r�i�v�i�l�e�g�e�s�,� �a�n�d� �p�e�r�s�o�n�a�l�l�y� �g�r�a�n�t�e�d� �r�i�g�h�t�s�.�
r�i�c�t�e�d�
c� �U�s�e�r�
f�t�w�a�r�e�\�M�
n�\�E�x�p�l�
\�S�h�e�l�l�
?�\�F�D�C�#�G�E�N�E�R�I�C�_�F�L�O�P�P�Y�_�D�R�I�V�E�#�6�&�1�4�3�5�b�2�e�2�&�0�&�0�#�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}�
\�\�?�\�S�T�O�R�A�G�E�#�V�o�l�u�m�e�#�1�&�3�0�a�9�6�5�9�8�&�0�&�S�i�g�n�a�t�u�r�e�2�1�0�D�2�1�0�C�O�f�f�s�e�t�7�E�0�0�L�e�n�g�t�h�F�F�6�D�1�4�0�0�#�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}�
\�\�?�\�V�o�l�u�m�e�{�0�c�b�6�9�f�f�f�-�0�b�1�2�-�1�1�e�1�-�b�2�2�f�-�8�0�6�d�6�1�7�2�6�9�6�f�}�\�
a�;�C�:�\�W�I�N�D�O�W�S�\�s�y�s�
C�:�\�W�I�N�D�O�
s�t�e�m�3�2�;�C�:�\�W�I�
S�;�C�:�\�W�I�N�D�O�W�S�
?�\�V�o�l�u�m�e�{�0�c�b�6�9�f�f�c�-�0�b�1�2�-�1�1�e�1�-�b�2�2�f�-�8�0�6�d�6�1�7�2�6�9�6�f�}�\�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�
C�:�\�b�f�3�2�d�3�b�0�
"�C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�"� �/�c� �D�E�L� �C�:�\�b�f�3�2�d�3�b�0�\�b�6�6�2�e�f�4�9�.�e�x�e� �>�>� �N�U�L�
"�%�1�"� �%�*�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�
W�i�n�d�o�w�s� �C�o�m�m�a�n�d� �P�r�o�c�e�s�s�o�r�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�A�p�p� �P�a�t�h�s�\�c�m�d�.�e�x�e�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�A�p�p� �P�a�t�h�s�\�c�m�d�.�e�x�e�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�;�C�:�\�W�I�N�D�O�W�S�;�C�:�\�W�I�N�D�O�W�S�\�S�y�s�t�e�m�3�2�\�W�b�e�m�
E�G�I�S�T�R�Y�\�U�S�E�R�\�S�-�1�-�5�-�2�1�-�2�0�5�2�1�1�1�3�0�2�-�4�8�4�7�6�3�8�6�9�-�7�2�5�3�4�5�5�4�3�-�1�0�0�3�_�C�l�a�s�s�e�s�\�.�e�x�e�
A�l�l� �U�s�e�r�s�
r�p�c�r�t�4�.�d�l�l�
n�c�a�c�n�_�n�p�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
A�l�l� �U�s�e�r�s�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�u�r�l�m�o�n�.�d�l�l�
2�-�e�g�e�l�e�g�e�
C�L�S�I�D�\�{�7�B�8�A�2�D�9�4�-�0�A�C�9�-�1�1�D�1�-�8�9�6�C�-�0�0�C�0�4�F�B�6�B�F�C�4�}�
I�N�D�O�W�S�\�s�e�t�u�p�a�p�i�.�l�o�g�
C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�D�e�s�k�t�o�p�
e�g�i�s�t�r�y�\�M�a�c�h�i�n�e�\�S�o�f�t�w�a�r�e�\�C�l�a�s�s�e�s�\�C�L�S�I�D�\�{�7�B�8�A�2�D�9�4�-�0�A�C�9�-�1�1�D�1�-�8�9�6�C�-�0�0�C�0�4�F�B�6�B�F�C�4�}�\�I�n�P�r�o�c�S�e�r�v�e�r�3�2�
e�g�i�s�t�r�y�\�M�a�c�h�i�n�e�\�S�o�f�t�w�a�r�e�\�C�l�a�s�s�e�s�\�P�R�O�T�O�C�O�L�S�\�N�a�m�e�-�S�p�a�c�e� �H�a�n�d�l�e�r�
s�e�s�\�C�L�S�I�D�\�{�7�b�8�a�2�d�9�4�-�0�a�c�9�-�1�1�d�1�-�8�9�6�c�-�0�0�c�0�4�F�b�6�b�f�c�4�}�\�I�n�p�r�o�c�S�e�r�v�e�r�3�2�
S�e�c�u�r�i�t�y�=�I�m�p�e�r�s�o�n�a�t�i�o�n� �D�y�n�a�m�i�c� �T�r�u�e�
e�g�i�s�t�r�y�\�M�a�c�h�i�n�e�\�S�o�f�t�w�a�r�e�\�C�l�a�s�s�e�s�\�P�R�O�T�O�C�O�L�S�\�N�a�m�e�-�S�p�a�c�e� �H�a�n�d�l�e�r�\�*�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�S�e�c�u�r�3�2�.�d�l�l�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
U�R�N�X�Y�M�A�V�
D�e�s�k�t�o�p�
e�g�i�s�t�r�y�\�M�a�c�h�i�n�e�\�S�o�f�t�w�a�r�e�\�C�l�a�s�s�e�s�\�D�r�i�v�e�\�s�h�e�l�l�e�x�\�F�o�l�d�e�r�E�x�t�e�n�s�i�o�n�s�\�{�f�b�e�b�8�a�0�5�-�b�e�e�e�-�4�4�4�2�-�8�0�4�e�-�4�0�9�d�6�c�4�5�1�5�e�9�}�
c�h�i�n�e�\�S�o�f�t�w�a�r�e�
s�s�e�s�\�S�y�s�
l�e�x�\�F�o�E�x�t�e�n�s�i�o�n�s�
I�N�D�O�W�S�\�D�r�i�v�e�r� �C�a�c�h�e�
D�e�s�k�t�o�p�
W�I�N�D�O�W�S�
s�y�s�t�e�m�3�2�
c�m�d�.�e�x�e�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�L�o�c�k�d�o�w�n�_�Z�o�n�e�s�\�0�
e�g�i�s�t�r�y�\�M�a�c�h�i�n�e�\�S�o�f�t�w�a�r�e�\�C�l�a�s�s�e�s�\�.�e�x�e�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
A�l�l� �U�s�e�r�s�
D�e�s�k�t�o�p�
W�I�N�D�O�W�S�
s�y�s�t�e�m�3�2�
c�m�d�.�e�x�e�
n�c�a�l�r�p�c�
I�N�D�O�W�S�
C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�L�o�c�a�l� �S�e�t�t�i�n�g�s�\�T�e�m�p�o�r�a�r�y� �I�n�t�e�r�n�e�t� �F�i�l�e�s�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�L�o�c�k�d�o�w�n�_�Z�o�n�e�s�\�1�
A�l�l� �U�s�e�r�s�
D�e�s�k�t�o�p�
D�i�r�e�c�t�o�r�y�
I�N�D�O�W�S�\�i�n�f�
\�b�f�3�2�d�3�b�0�
t�i�v�e�F�o�n�t�C�t�l�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
A�l�l� �U�s�e�r�s�
\�?�?�\�C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�A�l�l� �U�s�e�r�s�\�D�o�c�u�m�e�n�t�s�\�d�e�s�k�t�o�p�.�i�n�i�
\�\�?�\�F�D�C�#�G�E�N�E�R�I�C�_�F�L�O�P�P�Y�_�D�R�I�V�E�#�6�&�1�4�3�5�b�2�e�2�&�0�&�0�#�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}�
\�\�?�\�I�D�E�#�C�d�R�o�m�N�E�C�X�X�W�a�r�_�X�X�w�a�r�e�_�I�D�E�_�C�D�R�1�0�_�_�_�_�_�_�_�_�_�_�_�_�_�_�_�1�.�0�0�_�_�_�_�#�3�0�3�1�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�1�3�0�#�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}�
\�\�?�\�S�T�O�R�A�G�E�#�V�o�l�u�m�e�#�1�&�3�0�a�9�6�5�9�8�&�0�&�S�i�g�n�a�t�u�r�e�2�1�0�D�2�1�0�C�O�f�f�s�e�t�7�E�0�0�L�e�n�g�t�h�F�F�6�D�1�4�0�0�#�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}�
n�\�?�?�\�F�D�C�#�G�E�N�E�R�I�C�_�F�L�O�P�P�Y�_�D�R�I�V�E�#�6�&�1�4�3�5�b�2�e�2�&�0�&�0�#�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}�\�D�e�v�i�c�e�\�F�l�o�p�p�y�0�\�?�?�\�V�o�l�u�m�e�{�0�c�b�6�9�f�f�c�-�0�b�1�2�-�1�1�e�1�-�b�2�2�f�-�8�0�6�d�6�1�7�2�6�9�6�f�}�\�D�o�s�D�e�v�i�c�e�s�\�A�:�
\�?�?�\�I�D�E�#�C�d�R�o�m�N�E�C�X�X�W�a�r�_�X�X�w�a�r�e�_�I�D�E�_�C�D�R�1�0�_�_�_�_�_�_�_�_�_�_�_�_�_�_�_�1�.�0�0�_�_�_�_�#�3�0�3�1�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�0�3�1�3�0�#�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}�\�D�e�v�i�c�e�\�C�d�R�o�m�0�\�?�?�\�V�o�l�u�m�e�{�0�c�b�6�9�f�f�d�-�0�b�1�2�-�1�1�e�1�-�b�2�2�f�-�8�0�6�d�6�1�7�2�6�9�6�f�}�\�D�o�s�D�e�v�i�c�e�s�\�D�:�6�9�6�B�?�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�
e�1�-�b�2�2�f�-�8�0�6�d�6�1�7�2�6�9�6�f�}�
E�G�I�S�T�R�Y�\�U�S�E�R�\�S�-�1�-�5�-�2�1�-�2�0�5�2�1�1�1�3�0�2�-�4�8�4�7�6�3�8�6�9�-�7�2�5�3�4�5�5�4�3�-�1�0�0�3�_�C�l�a�s�s�e�s�\�C�L�S�I�D�\�{�7�b�8�a�2�d�9�4�-�0�a�c�9�-�1�1�d�1�-�8�9�6�c�-�0�0�c�0�4�F�b�6�b�f�c�4�}�
y� �D�o�c�u�m�e�n�t�s�
U�R�N�X�Y�M�A�V�
E�G�I�S�T�R�Y�\�U�S�E�R�\�S�-�1�-�5�-�2�1�-�2�0�5�2�1�1�1�3�0�2�-�4�8�4�7�6�3�8�6�9�-�7�2�5�3�4�5�5�4�3�-�1�0�0�3�_�C�l�a�s�s�e�s�\�e�x�e�f�i�l�e�\�C�u�r�V�e�r�
c�m�d�.�e�x�e�
f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�Z�o�n�e�M�a�p�\�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
A�l�l� �U�s�e�r�s�
A�l�l� �U�s�e�r�s�
0�2�1�b�8�8�8�-�1�4�a�2�-�4�2�1�9�-�8�8�1�2�-�3�1�b�4�a�9�3�7�0�c�3�3�}�
M�y� �D�o�c�u�m�e�n�t�s�
U�R�N�X�Y�M�A�V�
U�R�N�X�Y�M�A�V�
M�y� �D�o�c�u�m�e�n�t�s�
U�R�N�X�Y�M�A�V�
?�\�V�o�l�u�m�e�{�0�c�b�6�9�f�f�d�-�0�b�1�2�-�1�1�e�1�-�b�2�2�f�-�8�0�6�d�6�1�7�2�6�9�6�f�}�\�
I�n�v�a�l�i�d�
?�\�S�T�O�R�A�G�E�#�V�o�l�u�m�e�#�1�&�3�0�a�9�6�5�9�8�&�0�&�S�i�g�n�a�t�u�r�e�2�1�0�D�2�1�0�C�O�f�f�s�e�t�7�E�0�0�L�e�n�g�t�h�F�F�6�D�1�4�0�0�#�{�5�3�f�5�6�3�0�d�-�b�6�b�f�-�1�1�d�0�-�9�4�f�2�-�0�0�a�0�c�9�1�e�f�b�8�b�}�
?�\�V�o�l�u�m�e�{�0�c�b�6�9�f�f�f�-�0�b�1�2�-�1�1�e�1�-�b�2�2�f�-�8�0�6�d�6�1�7�2�6�9�6�f�}�\�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�
\�?�?�\�C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�A�l�l� �U�s�e�r�s�\�D�o�c�u�m�e�n�t�s�\�d�e�s�k�t�o�p�.�i�n�i�
�D�o�c�u�m�e�n�t�s�
\�?�?�\�C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�M�y� �D�o�c�u�m�e�n�t�s�\�d�e�s�k�t�o�p�.�i�n�i�
\�?�?�\�C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�M�y� �D�o�c�u�m�e�n�t�s�\�d�e�s�k�t�o�p�.�i�n�i�
\�?�?�\�C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�M�y� �D�o�c�u�m�e�n�t�s�\�d�e�s�k�t�o�p�.�i�n�i�
\�?�?�\�C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�A�l�l� �U�s�e�r�s�\�D�o�c�u�m�e�n�t�s�\�d�e�s�k�t�o�p�.�i�n�i�
e�g�i�s�t�r�y�\�M�a�c�h�i�n�e�\�S�o�f�t�w�a�r�e�\�C�l�a�s�s�e�s�\�A�p�p�l�i�c�a�t�i�o�n�s�\�c�m�d�.�e�x�e�
0�0�3�_�C�l�a�s�s�e�s�\�C�L�S�I�D�\�{�7�b�8�a�2�d�9�4�-�0�a�c�9�-�1�1�d�1�-�8�9�6�c�-�0�0�c�0�4�F�b�6�b�f�c�4�}�\�T�r�e�a�t�A�s�
M�y� �D�o�c�u�m�e�n�t�s�
U�R�N�X�Y�M�A�V�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
U�R�N�X�Y�M�A�V�
M�y� �D�o�c�u�m�e�n�t�s�
U�R�N�X�Y�M�A�V�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
\�?�?�\�C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�A�l�l� �U�s�e�r�s�\�D�o�c�u�m�e�n�t�s�\�d�e�s�k�t�o�p�.�i�n�i�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
A�l�l� �U�s�e�r�s�
D�e�s�k�t�o�p�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
A�l�l� �U�s�e�r�s�
(�D�o�c�u�m�e�n�t�s�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
A�l�l� �U�s�e�r�s�
(�D�o�c�u�m�e�n�t�s�
C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�A�l�l� �U�s�e�r�s�\�D�e�s�k�t�o�p�
C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�C�o�o�k�i�e�s�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
U�R�N�X�Y�M�A�V�
D�e�s�k�t�o�p�
\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�C�o�o�k�i�e�s�
D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�
A�l�l� �U�s�e�r�s�
D�e�s�k�t�o�p�
E�G�I�S�T�R�Y�\�U�S�E�R�\�S�-�1�-�5�-�2�1�-�2�0�5�2�1�1�1�3�0�2�-�4�8�4�7�6�3�8�6�9�-�7�2�5�3�4�5�5�4�3�-�1�0�0�3�_�C�l�a�s�s�e�s�\�C�L�S�I�D�\�{�7�b�8�a�2�d�9�4�-�0�a�c�9�-�1�1�d�1�-�8�9�6�c�-�0�0�c�0�4�F�b�6�b�f�c�4�}�\�L�o�c�a�l�S�e�r�v�e�r�
f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�Z�o�n�e�s�\�0�
f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�Z�o�n�e�s�\�1�
f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�Z�o�n�e�s�\�2�
w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�Z�o�n�e�s�\�3�
C�:�\�W�I�N�D�O�W�S�\�W�i�n�S�x�S�\�x�8�6�_�M�i�c�r�o�s�o�f�t�.�W�i�n�d�o�w�s�.�C�o�m�m�o�n�-�C�o�n�t�r�o�l�s�_�6�5�9�5�b�6�4�1�4�4�c�c�f�1�d�f�_�6�.�0�.�2�6�0�0�.�2�1�8�0�_�x�-�w�w�_�a�8�4�f�1�f�f�9�\�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�u�r�l�m�o�n�.�d�l�l�
E�G�I�S�T�R�Y�\�U�S�E�R�\�S�-�1�-�5�-�2�1�-�2�0�5�2�1�1�1�3�0�2�-�4�8�4�7�6�3�8�6�9�-�7�2�5�3�4�5�5�4�3�-�1�0�0�3�_�C�l�a�s�s�e�s�\�P�R�O�T�O�C�O�L�S�\�N�a�m�e�-�S�p�a�c�e� �H�a�n�d�l�e�r�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�
e�g�i�s�t�r�y�\�M�a�c�h�i�n�e�\�S�o�f�t�w�a�r�e�\�C�l�a�s�s�e�s�\�e�x�e�f�i�l�e�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�Z�o�n�e�s�\�4�
f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�Z�o�n�e�s�\�0�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�L�o�c�k�d�o�w�n�_�Z�o�n�e�s�\�2�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�L�o�c�k�d�o�w�n�_�Z�o�n�e�s�\�3�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�I�n�t�e�r�n�e�t� �S�e�t�t�i�n�g�s�\�L�o�c�k�d�o�w�n�_�Z�o�n�e�s�\�4�
O�T�O�C�O�L�S�\�N�a�m�e�-�S�p�a�c�e� �H�a�n�d�l�e�r�\�*�\�
F�T�W�A�R�E�\�C�l�a�s�s�e�s�\�P�R�O�T�O�C�O�L�S�\�H�a�n�d�l�e�r�\�C�
\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�U�R�N�X�Y�M�A�V�\�L�o�c�a�l� �S�e�t�t�i�n�g�s�\�T�e�m�p�o�r�a�r�y� �I�n�t�e�r�n�e�t� �F�i�l�e�s�
W�I�N�D�O�W�S�
s�y�s�t�e�m�3�2�
W�I�N�D�O�W�S�
s�y�s�t�e�m�3�2�
E�G�I�S�T�R�Y�\�U�S�E�R�\�S�-�1�-�5�-�2�1�-�2�0�5�2�1�1�1�3�0�2�-�4�8�4�7�6�3�8�6�9�-�7�2�5�3�4�5�5�4�3�-�1�0�0�3�
o�n�\�A�p�p�C�o�m�p�a�t�F�l�a�g�s�\�L�a�y�e�r�s�
E�G�I�S�T�R�Y�\�U�S�E�R�\�S�-�1�-�5�-�2�1�-�2�0�5�2�1�1�1�3�0�2�-�4�8�4�7�6�3�8�6�9�-�7�2�5�3�4�5�5�4�3�-�1�0�0�3�_�C�l�a�s�s�e�s�\�e�x�e�f�i�l�e�
E�G�I�S�T�R�Y�\�U�S�E�R�\�S�-�1�-�5�-�2�1�-�2�0�5�2�1�1�1�3�0�2�-�4�8�4�7�6�3�8�6�9�-�7�2�5�3�4�5�5�4�3�-�1�0�0�3�_�C�l�a�s�s�e�s�\�e�x�e�f�i�l�e�\�s�h�e�l�l�
C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�
R�N�E�L�3�2�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�
\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�.�M�a�n�i�f�e�s�t�
:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�.�C�o�n�f�i�g�
C�o�m�p�a�n�y�N�a�m�e�
M�i�c�r�o�s�o�f�
?�?�\�C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�.�M�a�n�i�f�e�s�t�
?�?�\�C�:�\�W�I�N�D�O�W�S�\�s�y�s�t�e�m�3�2�\�c�m�d�.�e�x�e�.�C�o�n�f�i�g�
0� �(�x�p�s�p�_�s�p�2�_�r�t�m�.�0�4�0�8�0�3�-�2�1�5�8�)�
I�n�t�e�r�n�a�l�N�a�m�e�
L�e�g�a�l�C�o�p�y�r�i�g�h�t�
�M�i�c�r�o�s�o�f�t� �C�o�r�p�o�r�a�t�i�o�n�.� �A�l�l� �r�i�g�h�t�s� �r�e�s�e�r�v�e�d�.�
O�r�i�g�i�n�a�l�F�i�l�e�n�a�m�e�
C�m�d�.�E�x�e�
P�r�o�d�u�c�t�N�a�m�e�
M�i�c�r�o�s�o�f�t�
�W�i�n�d�o�w�s�
�O�p�e�r�a�t�i�n�g� �S�y�s�t�e�m�
P�r�o�d�u�c�t�V�e�r�s�i�o�n�
5�.�1�.�2�6�0�0�.�2�1�8�0�
V�a�r�F�i�l�e�I�n�f�o�
T�r�a�n�s�l�a�t�i�o�n�
a�r�F�i�l�e�I�n�f�o�\�T�r�a�n�s�l�a�t�i�o�n�
t�r�i�n�g�F�i�l�e�I�n�f�o�\�0�4�0�9�0�4�B�0�\�O�r�i�g�i�n�a�l�F�i�l�e�n�a�m�e�
i�m�E�n�g�.�d�l�l�
Hosts
| IP |
|---|
| 114.114.114.114 |
DNS
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
TCP
No TCP connections recorded.
UDP
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53179 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49642 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 61714 | 114.114.114.114 | 53 |
| 192.168.56.101 | 56933 | 114.114.114.114 | 53 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
HTTP & HTTPS Requests
No HTTP requests performed.
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
Sorry! No dropped files.
Sorry! No dropped buffers.