0.9
低危
DACN
0.12
FACILE
1.00
IMCLNet
0.44
MFGraph
0.00
反病毒引擎
| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| Alibaba | Backdoor:MSIL/Bladabindi.04320dab | 20190527 | 0.3.0.5 |
| Avast | Win32:RATX-gen [Trj] | 20240328 | 23.9.8494.0 |
| Baidu | MSIL.Trojan-Dropper.Binder.a | 20190318 | 1.0.0.2 |
| CrowdStrike | win/malicious_confidence_100% (W) | 20231026 | 1.0 |
| Kingsoft | malware.kb.c.1000 | 20230906 | None |
| McAfee | BackDoor-FBHS!D83062318E12 | 20240327 | 6.0.6.653 |
| Tencent | Trojan.Win32.Bladabindi.16000442 | 20240328 | 1.0.0.1 |
静态指标
动态指标
网络通信
与未执行 DNS 查询的主机进行通信
(1 个事件)
| host | 114.114.114.114 | |||
文件已被 VirusTotal 上 56 个反病毒引擎识别为恶意
(50 out of 56 个事件)
| ALYac | Gen:Variant.MSIL.Bladabindi.6 |
| APEX | Malicious |
| AVG | Win32:RATX-gen [Trj] |
| AhnLab-V3 | Trojan/Win32.Agent.R132372 |
| Alibaba | Backdoor:MSIL/Bladabindi.04320dab |
| Arcabit | Trojan.MSIL.Bladabindi.6 |
| Avast | Win32:RATX-gen [Trj] |
| Avira | BDS/Bladabindi.alif |
| Baidu | MSIL.Trojan-Dropper.Binder.a |
| BitDefender | Gen:Variant.MSIL.Bladabindi.6 |
| BitDefenderTheta | Gen:NN.ZemsilF.36802.qm0@aeYn3Zm |
| Bkav | W32.AIDetectMalware.CS |
| CAT-QuickHeal | Trojan.Generic.TRFH369 |
| ClamAV | Win.Dropper.njRAT-7400469-0 |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Cybereason | malicious.18e12f |
| Cylance | unsafe |
| DeepInstinct | MALICIOUS |
| DrWeb | Trojan.DownLoader9.26652 |
| ESET-NOD32 | a variant of MSIL/TrojanDropper.Binder.CA |
| Elastic | malicious (high confidence) |
| Emsisoft | Gen:Variant.MSIL.Bladabindi.6 (B) |
| F-Secure | Backdoor.BDS/Bladabindi.alif |
| FireEye | Generic.mg.d83062318e12f6b4 |
| Fortinet | MSIL/Dropper_Binder.BS!tr |
| GData | Gen:Variant.MSIL.Bladabindi.6 |
| Detected | |
| Ikarus | Trojan-Dropper.MSIL |
| Jiangmin | Trojan/Generic.bcpht |
| K7AntiVirus | Trojan ( 005496a61 ) |
| K7GW | Trojan ( 005496a61 ) |
| Kaspersky | Trojan.MSIL.Agent.ffjt |
| Kingsoft | malware.kb.c.1000 |
| Lionic | Trojan.Win32.Generic.lExa |
| MAX | malware (ai score=89) |
| Malwarebytes | Generic.Trojan.MSIL.DDS |
| MaxSecure | Trojan.Malware.300983.susgen |
| McAfee | BackDoor-FBHS!D83062318E12 |
| MicroWorld-eScan | Gen:Variant.MSIL.Bladabindi.6 |
| Microsoft | Backdoor:MSIL/Bladabindi |
| NANO-Antivirus | Trojan.Win32.Agent.dzsrep |
| Panda | Trj/GdSda.A |
| Rising | Backdoor.njRAT!1.9E49 (CLASSIC) |
| Sangfor | Trojan.Win32.Save.a |
| SentinelOne | Static AI - Malicious PE |
| Skyhigh | BehavesLike.Win32.Generic.dm |
| Sophos | Mal/SpyGate-A |
| Symantec | ML.Attribute.HighConfidence |
| Tencent | Trojan.Win32.Bladabindi.16000442 |
| TrendMicro | TROJ_BINDER.SMA |
二进制图像
288x288
224x224
192x192
160x160
128x128
96x96
64x64
32x32
运行截图
暂无运行截图
该样本运行过程中未生成截图
PE Compile Time
2020-06-03 13:32:43
PE Imphash
f34d5f2d4577ed6d9ceec516c1f5a744
Sections
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| .text | 0x00002000 | 0x0002fe64 | 0x00030000 | 5.777163498545004 |
| .rsrc | 0x00032000 | 0x00010b60 | 0x00011000 | 4.26407619053847 |
| .reloc | 0x00044000 | 0x0000000c | 0x00001000 | 0.016408464515625623 |
Resources
| Name | Offset | Size | Language | Sub-language | File type |
|---|---|---|---|---|---|
| RT_ICON | 0x00032320 | 0x00010828 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_GROUP_ICON | 0x00042b48 | 0x00000014 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_VERSION | 0x000320e8 | 0x00000234 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
Imports
Library mscoree.dll:
• 0x402000 _CorExeMain
L!This program cannot be run in DOS mode.
`.rsrc
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADPy3(
L!This program cannot be run in DOS mode.
`.rsrc
@.reloc
K #(I
l#ffffff?[(
l#ffffff?[(
(I
j_ (b`
_ 8c`*
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADPK
L!This program cannot be run in DOS mode.
`.rsrc
@.reloc
x6 OR
y6 OR
z6 OR
{6 OR
|6 OR
}6 OR
~6 OR
U Y Z(b
U Y Z(b
U Y Z(b
U Y Z(b
U Y Z(b
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
Capture
cam.DirectX.Capture
GraphState
HeFrame
CrossbarSource
DirectShowPropertyPage
DsBugWO
cam.DShowNET
CLSCTX
IMediaControl
IMediaEvent
IMediaEventEx
IBasicVideo2
IVideoWindow
IMediaPosition
IBasicAudio
IAMCollection
DsEvCode
PinDirection
PhysicalConnectorType
IFilterGraph
IPersist
IPersistStream
IMediaFilter
IBaseFilter
FilterInfo
IMediaSeeking
SeekingCapabilities
SeekingFlags
IReferenceClock
IEnumFilters
IEnumPins
AMMediaType
PinInfo
IMediaSample
cam.DShowNET.Device
DsDevice
ICreateDevEnum
IPropertyBag
ICaptureGraphBuilder2
IGraphBuilder
IFileSinkFilter
IFileSinkFilter2
IAMCopyCaptureFileProgress
IVideoFrameStep
IAMStreamConfig
AMTunerSubChannel
AMTunerSignalStrength
AMTunerModeType
AMTunerEventType
IAMTuner
IAMTunerNotification
AnalogVideoStandard
TunerInputType
IAMTVTuner
IAMCrossbar
IAMAudioInputMixer
VfwCompressDialogs
IAMVfwCompressDialogs
VideoStreamConfigCaps
AudioStreamConfigCaps
DsUtils
DsPOINT
DsRECT
BitmapInfoHeader
ISpecifyPropertyPages
DsCAUUID
DsOptInt64
DsOptIntPtr
FilterCategory
MediaType
MediaSubType
FormatType
PinCategory
FindDirection
VMRMode9
VMR9AspectRatioMode
IVMRFilterConfig9
IVMRWindowlessControl9
VMRMode
IVMRWindowlessControl
IVMRFilterConfig
Filter
FilterCollection
Filters
PropertyPage
PropertyPageCollection
ISampleGrabber
ISampleGrabberCB
VideoInfoHeader
VideoInfoHeader2
WaveFormatEx
Source
SourceCollection
VfwCompressorPropertyPage
VideoCapabilities
System
Object
WithEventsValue
System.Drawing
System.Threading
Thread
Bitmap
get_Capturing
get_Cued
get_Stopped
get_Filename
set_Filename
System.Windows.Forms
Control
get_PreviewWindow
set_PreviewWindow
get_VideoCaps
get_VideoDevice
get_AudioDevice
get_VideoCompressor
set_VideoCompressor
get_AudioCompressor
set_AudioCompressor
get_VideoSource
set_VideoSource
get_AudioSource
set_AudioSource
get_VideoSources
get_AudioSources
get_PropertyPages
get_Tuner
get_FrameRate
set_FrameRate
get_FrameSize
set_FrameSize
get_AudioChannels
set_AudioChannels
get_AudioSamplingRate
set_AudioSamplingRate
get_AudioSampleSize
set_AudioSampleSize
zgraphState
isPreviewRendered
isCaptureRendered
wantPreviewRendered
wantCaptureRendered
rotCookie
m_videoDevice
m_audioDevice
m_videoCompressor
m_audioCompressor
m_filename
m_previewWindow
m_videoCaps
m_videoSources
m_audioSources
m_propertyPages
m_tuner
graphBuilder
mediaControl
videoWindow
captureGraphBuilder
videoStreamConfig
audioStreamConfig
videoDeviceFilter
videoCompressorFilter
audioDeviceFilter
audioCompressorFilter
muxFilter
fileWriterFilter
baseGrabFlt
sampGrabber
videoInfoHeader
add_FrameEvent2
FrameEvent2Event
remove_FrameEvent2
savedArray
bufferedSize
videoDevice
audioDevice
Finalize
Dispose
createGraph
renderGraph
startPreviewIfNeeded
derenderGraph
removeDownstream
filter
removeFirstFilter
destroyGraph
EventArgs
onPreviewWindowResize
sender
getTempFilename
getStreamConfigSetting
streamConfig
fieldName
setStreamConfigSetting
newValue
assertStopped
ISampleGrabberCB_SampleCB
SampleTime
pSample
ISampleGrabberCB_BufferCB
pBuffer
BufferLen
OnCaptureDone
GrapImg
set_SetBitmap
Capturing
Stopped
Filename
PreviewWindow
VideoCaps
VideoDevice
AudioDevice
VideoCompressor
AudioCompressor
VideoSource
AudioSource
VideoSources
AudioSources
PropertyPages
FrameRate
FrameSize
AudioChannels
AudioSamplingRate
AudioSampleSize
FrameEvent2
SetBitmap
value__
Created
Rendered
MulticastDelegate
TargetObject
TargetMethod
IAsyncResult
AsyncCallback
BeginInvoke
DelegateCallback
DelegateAsyncState
EndInvoke
DelegateAsyncResult
Invoke
Crossbar
OutputPin
InputPin
ConnectorType
get_Enabled
set_Enabled
crossbar
outputPin
inputPin
connectorType
getName
Enabled
specifyPropertyPages
name__1
OleCreatePropertyFrame
hwndOwner
lpszCaption
cObjects
cPages
pPageClsID
dwReserved
pvReserved
CreateDsInstance
CoCreateInstance
pUnkOuter
dwClsContext
Inproc
Server
GetState
msTimeout
RenderFile
strFilename
AddSourceFilter
get_FilterCollection
get_RegFilterCollection
StopWhenReady
GetEventHandle
hEvent
GetEvent
lEventCode
lParam1
lParam2
WaitForCompletion
pEvCode
CancelDefaultHandling
lEvCode
RestoreDefaultHandling
FreeEventParams
SetNotifyWindow
lInstanceData
SetNotifyFlags
lNoNotifyFlags
GetNotifyFlags
lplNoNotifyFlags
AvgTimePerFrame
pAvgTimePerFrame
BitRate
pBitRate
BitErrorRate
VideoWidth
pVideoWidth
VideoHeight
pVideoHeight
put_SourceLeft
SourceLeft
get_SourceLeft
pSourceLeft
put_SourceWidth
SourceWidth
get_SourceWidth
pSourceWidth
put_SourceTop
SourceTop
get_SourceTop
pSourceTop
put_SourceHeight
SourceHeight
get_SourceHeight
pSourceHeight
put_DestinationLeft
DestinationLeft
get_DestinationLeft
pDestinationLeft
put_DestinationWidth
DestinationWidth
get_DestinationWidth
pDestinationWidth
put_DestinationTop
DestinationTop
get_DestinationTop
pDestinationTop
put_DestinationHeight
DestinationHeight
get_DestinationHeight
pDestinationHeight
SetSourcePosition
height
GetSourcePosition
SetDefaultSourcePosition
SetDestinationPosition
GetDestinationPosition
SetDefaultDestinationPosition
GetVideoSize
pWidth
pHeight
GetVideoPaletteEntries
StartIndex
Entries
pRetrieved
pPalette
GetCurrentImage
pBufferSize
pDIBImage
IsUsingDefaultSource
IsUsingDefaultDestination
GetPreferredAspectRatio
plAspectX
plAspectY
put_Caption
caption
get_Caption
put_WindowStyle
windowStyle
get_WindowStyle
put_WindowStyleEx
windowStyleEx
get_WindowStyleEx
put_AutoShow
autoShow
get_AutoShow
put_WindowState
windowState
get_WindowState
put_BackgroundPalette
backgroundPalette
get_BackgroundPalette
put_Visible
visible
get_Visible
put_Left
get_Left
put_Width
get_Width
put_Top
get_Top
put_Height
get_Height
put_Owner
get_Owner
put_MessageDrain
get_MessageDrain
get_BorderColor
put_BorderColor
get_FullScreenMode
fullScreenMode
put_FullScreenMode
SetWindowForeground
NotifyOwnerMessage
wParam
lParam
SetWindowPosition
GetWindowPosition
GetMinIdealImageSize
GetMaxIdealImageSize
GetRestorePosition
HideCursor
hideCursor__1
IsCursorHidden
hideCursor
get_Duration
pLength
put_CurrentPosition
llTime
get_CurrentPosition
pllTime
get_StopTime
put_StopTime
get_PrerollTime
put_PrerollTime
put_Rate
get_Rate
pdRate
CanSeekForward
pCanSeekForward
CanSeekBackward
pCanSeekBackward
put_Volume
lVolume
get_Volume
plVolume
put_Balance
lBalance
get_Balance
plBalance
get_Count
plCount
get_NewEnum
Complete
UserAbort
ErrorAbort
Repaint
StErrStopped
StErrStPlaying
ErrorStPlaying
PaletteChanged
VideoSizeChanged
QualityChange
ShuttingDown
ClockChanged
Paused
OpeningFile
BufferingData
FullScreenLost
Activate
NeedRestart
WindowDestroyed
DisplayChanged
Starvation
OleEvent
NotifyWindow
DvdDomChange
DvdTitleChange
DvdChaptStart
DvdAudioStChange
DvdSubPicStChange
DvdAngleChange
DvdButtonChange
DvdValidUopsChange
DvdStillOn
DvdStillOff
DvdCurrentTime
DvdError
DvdWarning
DvdChaptAutoStop
DvdNoFpPgc
DvdPlaybRateChange
DvdParentalLChange
DvdPlaybStopped
DvdAnglesAvail
DvdPeriodAStop
DvdButtonAActivated
DvdCmdStart
DvdCmdEnd
DvdDiscEjected
DvdDiscInserted
DvdCurrentHmsfTime
DvdKaraokeMode
Output
Video_Tuner
Video_Composite
Video_SVideo
Video_RGB
Video_YRYBY
Video_SerialDigital
Video_ParallelDigital
Video_SCSI
Video_AUX
Video_1394
Video_USB
Video_VideoDecoder
Video_VideoEncoder
Video_SCART
Audio_Tuner
Audio_Line
Audio_Mic
Audio_AESDigital
Audio_SPDIFDigital
Audio_SCSI
Audio_AUX
Audio_1394
Audio_USB
Audio_AudioDecoder
OATRUE
OAFALSE
System.Text
StringBuilder
AMGetErrorText
Connect
pReceivePin
ReceiveConnection
Disconnect
ConnectedTo
ConnectionMediaType
QueryPinInfo
QueryDirection
pPinDir
QueryId
QueryAccept
EnumMediaTypes
ppEnum
QueryInternalConnections
EndOfStream
BeginFlush
EndFlush
NewSegment
tStart
AddFilter
pFilter
RemoveFilter
EnumFilters
FindFilterByName
ppFilter
ConnectDirect
ppinOut
ppinIn
Reconnect
SetDefaultSyncSource
GetClassID
pClassID
dwMilliSecsTimeout
filtState
SetSyncSource
pClock
GetSyncSource
EnumPins
FindPin
QueryFilterInfo
JoinFilterGraph
pGraph
QueryVendorInfo
pVendorInfo
achName
GetCapabilities
pCapabilities
CheckCapabilities
IsFormatSupported
pFormat
QueryPreferredFormat
GetTimeFormat
IsUsingTimeFormat
SetTimeFormat
GetDuration
pDuration
GetStopPosition
GetCurrentPosition
pCurrent
ConvertTimeFormat
pTarget
pTargetFormat
pSourceFormat
SetPositions
dwCurrentFlags
dwStopFlags
GetPositions
GetAvailable
pEarliest
pLatest
SetRate
GetRate
GetPreroll
pllPreroll
CanSeekAbsolute
CanSeekForwards
CanSeekBackwards
CanGetCurrentPos
CanGetStopPos
CanGetDuration
CanPlayBackwards
CanDoSegments
NoPositioning
AbsolutePositioning
RelativePositioning
IncrementalPositioning
PositioningBitsMask
SeekToKeyFrame
ReturnTime
Segment
NoFlush
GetTime
AdviseTime
baseTime
streamTime
pdwAdviseCookie
AdvisePeriodic
startTime
periodTime
hSemaphore
Unadvise
dwAdviseCookie
cFilters
pcFetched
ppPins
majorType
subType
fixedSizeSamples
temporalCompression
sampleSize
formatType
unkPtr
formatSize
formatPtr
ValueType
GetPointer
ppBuffer
GetSize
pTimeStart
pTimeEnd
SetTime
IsSyncPoint
SetSyncPoint
bIsSyncPoint
IsPreroll
SetPreroll
bIsPreroll
GetActualDataLength
SetActualDataLength
GetMediaType
ppMediaType
SetMediaType
pMediaType
IsDiscontinuity
SetDiscontinuity
bDiscontinuity
GetMediaTime
SetMediaTime
System.Collections
ArrayList
GetDevicesOfCat
System.Runtime.InteropServices
UCOMIMoniker
GetFriendlyName
IDisposable
UCOMIEnumMoniker
CreateClassEnumerator
ppEnumMoniker
dwFlags
pszPropName
pErrorLog
SetFiltergraph
GetFiltergraph
SetOutputFileName
lpstrFile
ppSink
FindInterface
pCategory
RenderStream
pSource
pfCompressor
pfRenderer
ControlStream
pstart
wStartCookie
wStopCookie
AllocCapFile
dwlSize
CopyCaptureFile
lpwstrOld
lpwstrNew
fAllowEscAbort
pindir
fUnconnected
Render
lpcwstrFile
lpcwstrPlayList
lpcwstrFileName
lpcwstrFilterName
SetLogFile
ShouldOperationContinue
SetFileName
pszFileName
GetCurFile
SetMode
GetMode
Progress
iProgress
dwFrames
pStepObject
CanStep
bMultiple
CancelStep
SetFormat
GetFormat
GetNumberOfCapabilities
piCount
piSize
GetStreamCaps
iIndex
NoTune
Default
NoSignal
SignalPresent
FMRadio
AMRadio
Changed
put_Channel
lChannel
lVideoSubChannel
lAudioSubChannel
get_Channel
plChannel
plVideoSubChannel
plAudioSubChannel
ChannelMinMax
lChannelMin
lChannelMax
put_CountryCode
lCountryCode
get_CountryCode
plCountryCode
put_TuningSpace
lTuningSpace
get_TuningSpace
plTuningSpace
hCurrentUser
Logout
plSignalStrength
put_Mode
get_Mode
plMode
GetAvailableModes
plModes
RegisterNotificationCallBack
pNotify
lEvents
UnRegisterNotificationCallBack
OnEvent
NTSC_M
NTSC_M_J
NTSC_433
PAL_60
SECAM_B
SECAM_D
SECAM_G
SECAM_H
SECAM_K
SECAM_K1
SECAM_L
SECAM_L1
PAL_N_COMBO
Antenna
get_AvailableTVFormats
lAnalogVideoStandard
get_TVFormat
AutoTune
plFoundSignal
StoreAutoTune
get_NumInputConnections
plNumInputConnections
put_InputType
lIndex
inputType
get_InputType
put_ConnectInput
get_ConnectInput
get_VideoFrequency
get_AudioFrequency
get_PinCounts
OutputPinCount
InputPinCount
CanRoute
OutputPinIndex
InputPinIndex
get_IsRoutedTo
get_CrossbarPinInfo
IsInputPin
PinIndex
PinIndexRelated
PhysicalType
put_Enable
fEnable
get_Enable
pfEnable
put_Mono
get_Mono
pfMono
put_MixLevel
get_MixLevel
pLevel
put_Pan
get_Pan
put_Loudness
fLoudness
get_Loudness
pfLoudness
put_Treble
Treble
get_Treble
pTreble
get_TrebleRange
pRange
put_Bass
get_Bass
get_BassRange
Config
QueryConfig
QueryAbout
ShowDialog
iDialog
pState
pcbState
SetState
cbState
SendDriverMessage
VideoStandard
InputSize
MinCroppingSize
MaxCroppingSize
CropGranularityX
CropGranularityY
CropAlignX
CropAlignY
MinOutputSize
MaxOutputSize
OutputGranularityX
OutputGranularityY
StretchTapsX
StretchTapsY
ShrinkTapsX
ShrinkTapsY
MinFrameInterval
MaxFrameInterval
MinBitsPerSecond
MaxBitsPerSecond
MinimumChannels
MaximumChannels
ChannelsGranularity
MinimumBitsPerSample
MaximumBitsPerSample
BitsPerSampleGranularity
MinimumSampleFrequency
MaximumSampleFrequency
SampleFrequencyGranularity
IsCorrectDirectXVersion
ShowCapPinDialog
ShowTunerPinDialog
GetPin
dirrequired
FreeAMMediaType
mediaType
Bottom
Height
Planes
BitCount
Compression
ImageSize
XPelsPerMeter
YPelsPerMeter
ClrUsed
ClrImportant
AddGraphToRot
cookie
RemoveGraphFromRot
ROTFLAGS_REGISTRATIONKEEPSALIVE
UCOMIRunningObjectTable
GetRunningObjectTable
CreateItemMoniker
GetCurrentProcessId
GetPages
pPages
cElems
pElems
Pointer
.cctor
AudioInputDevice
VideoInputDevice
VideoCompressorCategory
AudioCompressorCategory
LegacyAmFilterCategory
SystemDeviceEnum
FilterGraph
CaptureGraphBuilder2
SampleGrabber
DvdGraphBuilder
StreamBufferSink
StreamBufferSource
VideoMixingRenderer
VideoMixingRenderer9
VideoRendererDefault
AviSplitter
SmartTee
Interleaved
Stream
RGB565
RGB555
VideoInfo
VideoInfo2
WaveEx
MpegVideo
MpegStreams
DvInfo
Preview
UpstreamOnly
DownstreamOnly
Windowed
Windowless
Renderless
LetterBox
SetImageCompositor
lpVMRImgCompositor
SetNumberOfStreams
dwMaxStreams
GetNumberOfStreams
pdwMaxStreams
SetRenderingPrefs
dwRenderFlags
GetRenderingPrefs
pdwRenderFlags
SetRenderingMode
GetRenderingMode
GetNativeVideoSize
lpWidth
lpHeight
lpARWidth
lpARHeight
GetMinIdealVideoSize
GetMaxIdealVideoSize
SetVideoPosition
lpSRCRect
lpDSTRect
GetVideoPosition
GetAspectRatioMode
lpAspectRatioMode
SetAspectRatioMode
AspectRatioMode
SetVideoClippingWindow
RepaintVideo
DisplayModeChanged
SetBorderColor
GetBorderColor
bottom
SetColorKey
GetColorKey
IComparable
MonikerString
monikerString__1
moniker
getMonikerString
monikerString
getAnyMoniker
CompareTo
CollectionBase
category
getFilters
get_Item
VideoInputDevices
AudioInputDevices
VideoCompressors
AudioCompressors
SupportsPersisting
get_State
set_State
videoSources
audioSources
addFromGraph
addIfSupported
SetOneShot
OneShot
GetConnectedMediaType
SetBufferSamples
BufferThem
GetCurrentBuffer
GetCurrentSample
ppSample
SetCallback
pCallback
WhichMethodToCallback
SampleCB
BufferCB
SrcRect
TargetRect
BmiHeader
InterlaceFlags
CopyProtectFlags
PictAspectRatioX
PictAspectRatioY
ControlFlags
Reserved2
wFormatTag
nChannels
nSamplesPerSec
nAvgBytesPerSec
nBlockAlign
wBitsPerSample
cbSize
m_name
get_Name
ToString
deviceFilter
isVideoDevice
get_CurrentSource
set_CurrentSource
findCrossbars
findCrossbarSources
CurrentSource
tvTuner
tuner__1
set_Channel
set_InputType
get_SignalPresent
Channel
InputType
vfwCompressDialogs
compressDialogs
MinFrameSize
MaxFrameSize
FrameSizeGranularityX
FrameSizeGranularityY
MinFrameRate
MaxFrameRate
Exception
Microsoft.VisualBasic.CompilerServices
ProjectData
SetProjectError
ClearProjectError
System.Collections.Generic
List`1
ToArray
System.IO
Exists
Delete
get_CurrentThread
System.Runtime.CompilerServices
AccessedThroughPropertyAttribute
Marshal
FreeCoTaskMem
Conversions
ToLong
Truncate
ToShort
ToInteger
Delegate
Combine
Remove
Collect
GetTypeFromCLSID
Activator
CreateInstance
RuntimeTypeHandle
GetTypeFromHandle
get_GUID
RuntimeHelpers
GetObjectValue
BindToMoniker
PtrToStructure
IntPtr
get_Handle
EventHandler
add_Resize
remove_Resize
ReleaseComObject
Rectangle
get_ClientRectangle
get_Right
get_Bottom
Random
GetTempPath
String
Concat
System.Reflection
FieldInfo
op_Equality
GetType
GetField
GetValue
SetValue
StructureToPtr
System.Diagnostics
GCHandle
GCHandleType
AddrOfPinnedObject
op_Explicit
System.Drawing.Imaging
PixelFormat
WriteLine
op_Inequality
DllImportAttribute
olepro32.dll
MarshalAsAttribute
UnmanagedType
InAttribute
QueryInterface
System.Runtime.Remoting.Services
EnterpriseServicesHelper
WrapIUnknownWithComObject
Release
ole32.dll
FlagsAttribute
InterfaceTypeAttribute
ComInterfaceType
GuidAttribute
ComImportAttribute
ComVisibleAttribute
PreserveSigAttribute
OutAttribute
quartz.dll
StructLayoutAttribute
LayoutKind
IEnumerator
GetEnumerator
get_Current
MoveNext
UCOMIBindCtx
BindToStorage
Environment
get_SystemDirectory
get_Message
GetIUnknownForObject
Format
Register
Revoke
kernel32.dll
GetDisplayName
ParseDisplayName
get_InnerList
DefaultMemberAttribute
set_Capacity
Assert
IndexOf
ICollection
AddRange
RemoveAt
SizeOf
AllocCoTaskMem
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
cam.dll
$56a868b1-0ad4-11ce-b03a-0020af0ba770
$56a868b6-0ad4-11ce-b03a-0020af0ba770
$56a868c0-0ad4-11ce-b03a-0020af0ba770
$329bb360-f6ea-11d1-9038-00a0c9697298
$56a868b4-0ad4-11ce-b03a-0020af0ba770
$56a868b2-0ad4-11ce-b03a-0020af0ba770
$56a868b3-0ad4-11ce-b03a-0020af0ba770
$56a868b9-0ad4-11ce-b03a-0020af0ba770
$56a86891-0ad4-11ce-b03a-0020af0ba770
$56a8689f-0ad4-11ce-b03a-0020af0ba770
$0000010c-0000-0000-C000-000000000046
$56a86899-0ad4-11ce-b03a-0020af0ba770
$56a86895-0ad4-11ce-b03a-0020af0ba770
$36b73880-c2c8-11cf-8b46-00805f6cef60
$56a86897-0ad4-11ce-b03a-0020af0ba770
$56a86893-0ad4-11ce-b03a-0020af0ba770
$56a86892-0ad4-11ce-b03a-0020af0ba770
$56a8689a-0ad4-11ce-b03a-0020af0ba770
$29840822-5B84-11D0-BD3B-00A0C911CE86
$55272A00-42CB-11CE-8135-00AA004BB851
$93E5A4E0-2D50-11d2-ABFA-00A0C9C6E38D
$56a868a9-0ad4-11ce-b03a-0020af0ba770
$a2104830-7c70-11cf-8bce-00aa00a3f1a6
$00855B90-CE1B-11d0-BD4F-00A0C911CE86
$670d1d20-a068-11d0-b3f0-00aa003761c5
$e46a9787-2b71-444d-a4b5-1fab7b708d6a
$C6E13340-30AC-11d0-A18C-00A0C9118956
$211A8761-03AC-11d1-8D13-00AA00BD8339
$211A8760-03AC-11d1-8D13-00AA00BD8339
$211A8766-03AC-11d1-8D13-00AA00BD8339
$C6E13380-30AC-11d0-A18C-00A0C9118956
$54C39221-8380-11d0-B3F0-00AA003761C5
$D8D715A3-6E5E-11D0-B3F0-00AA003761C5
$B196B28B-BAB4-101A-B69C-00AA00341D07
$5a804648-4f66-4867-9c43-4f5c822cf1b8
$8f537d09-f85e-4414-b23b-502e54c79927
$0eb1088c-4dcd-46f0-878f-39dae86a51b7
$9e5530c5-7034-48b4-bb46-0b8a6efc8e36
$6B652FFF-11FE-4fce-92AD-0266B5D7C78F
$0579154A-2B53-4994-B0D0-E773148EFF85
WrapNonExceptionThrows
_CorDllMain
mscoree.dll
wwwwwwwwwwwwwwp
DDDDDDDDDDDDDDp
DDDDDDDDDDDDDDp
LLLLLLLLLNItp
DDDDDDDDDDDDD@
wwwwwwwDDDDDDDGOGOGOGOGOGOGOGOGHGLGDDDDDD
L!This program cannot be run in DOS mode.
`.sdata
@.reloc
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v2.0.50727
#Strings
<Module>
mscorlib
Microsoft.VisualBasic
MyApplication
rec.My
MyComputer
MyProject
MyWebServices
ThreadSafeObjectProvider`1
Resources
rec.My.Resources
MySettings
MySettingsProperty
Microsoft.VisualBasic.ApplicationServices
ApplicationBase
Microsoft.VisualBasic.Devices
Computer
System
Object
.cctor
get_Computer
m_ComputerObjectProvider
get_Application
m_AppObjectProvider
get_User
m_UserObjectProvider
get_WebServices
m_MyWebServicesObjectProvider
Application
WebServices
Equals
GetHashCode
GetType
ToString
Create__Instance__
instance
Dispose__Instance__
get_GetInstance
Microsoft.VisualBasic.MyServices.Internal
ContextValue`1
m_Context
GetInstance
System.Resources
ResourceManager
resourceMan
System.Globalization
CultureInfo
resourceCulture
get_ResourceManager
get_Culture
set_Culture
Culture
System.Configuration
ApplicationSettingsBase
defaultInstance
get_Default
Default
get_Settings
Settings
mciSendString
lpstrCommand
lpstrReturnString
uReturnLength
hwndCallback
winmm.dll
mciSendStringA
startrec
stoprec
System.ComponentModel
EditorBrowsableAttribute
EditorBrowsableState
System.CodeDom.Compiler
GeneratedCodeAttribute
System.Diagnostics
DebuggerNonUserCodeAttribute
DebuggerHiddenAttribute
Microsoft.VisualBasic.CompilerServices
StandardModuleAttribute
HideModuleNameAttribute
System.ComponentModel.Design
HelpKeywordAttribute
System.Runtime.CompilerServices
RuntimeHelpers
GetObjectValue
RuntimeTypeHandle
GetTypeFromHandle
Activator
CreateInstance
MyGroupCollectionAttribute
get_Value
set_Value
System.Runtime.InteropServices
ComVisibleAttribute
ReferenceEquals
System.Reflection
Assembly
get_Assembly
CompilerGeneratedAttribute
SettingsBase
Synchronized
ServerComputer
Microsoft.VisualBasic.MyServices
FileSystemProxy
get_FileSystem
System.IO
GetTempPath
Conversions
String
Concat
FileExists
rec.Resources.resources
DebuggableAttribute
DebuggingModes
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
AssemblyFileVersionAttribute
GuidAttribute
AssemblyTrademarkAttribute
AssemblyCopyrightAttribute
AssemblyProductAttribute
AssemblyCompanyAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
rec.dll
N:?!k|
MyTemplate
8.0.0.0
My.User
My.Computer
My.WebServices
My.Application
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
10.0.0.0
My.Settings
WrapNonExceptionThrows
1.0.0.0
$2d501281-7a80-49bb-93f8-75fef7d8bb5f
Copyright
2013
_CorDllMain
mscoree.dll
RSDS9EqNI
C:\Users\Raed\Documents\Visual Studio 2010\Projects\rec\rec\obj\Debug\rec.pdb
wwwwwwwwwwwwwwp
DDDDDDDDDDDDDDp
DDDDDDDDDDDDDDp
LLLLLLLLLNItp
DDDDDDDDDDDDD@
wwwwwwwDDDDDDDGOGOGOGOGOGOGOGOGHGLGDDDDDD
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
fSystem.Drawing.Icon, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3aBj
QSystem.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
System.Drawing.Icon
IconData
IconSize
System.Drawing.Size
System.Drawing.Size
height
lSystem.Resources.ResourceReader, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
PADPADP
v2.0.50727
#Strings
Stub.exe
mscorlib
Microsoft.VisualBasic
System.Windows.Forms
System
System.Drawing
System.Data
System.Management
user32.dll
user32
winmm.dll
avicap32.dll
kernel32.dll
kernel32
wininet.dll
advapi32.dll
crypt32.dll
oleaut32.dll
User32.dll
mozsqlite3
Crypt32.dll
Server.Resources.resources
Server.Chat.resources
Server.Form1.resources
<Module>
MyApplication
Server.My
WindowsFormsApplicationBase
Microsoft.VisualBasic.ApplicationServices
_MyDomain
AppDomain
AccessedThroughPropertyAttribute
System.Runtime.CompilerServices
_MyDomain2
get_UseCompatibleTextRendering
Application
SetCompatibleTextRenderingDefault
EditorBrowsableAttribute
System.ComponentModel
EditorBrowsableState
DebuggerHiddenAttribute
System.Diagnostics
STAThreadAttribute
get_MyDomain
ResolveEventHandler
remove_AssemblyResolve
add_AssemblyResolve
set_MyDomain
WithEventsValue
Assembly
System.Reflection
ResolveEventArgs
get_Name
String
Contains
MyDomain_AssemblyResolve
sender
get_MyDomain2
set_MyDomain2
MyDomain2_AssemblyResolve
AuthenticationMode
get_CurrentDomain
set_IsSingleInstance
set_EnableVisualStyles
set_SaveMySettingsOnExit
set_ShutdownStyle
ShutdownMode
DebuggerStepThroughAttribute
set_MainForm
OnCreateMainForm
MyDomain
MyDomain2
GeneratedCodeAttribute
System.CodeDom.Compiler
MyComputer
Computer
Microsoft.VisualBasic.Devices
MyProject
Object
m_ComputerObjectProvider
m_AppObjectProvider
m_UserObjectProvider
m_MyFormsObjectProvider
m_MyWebServicesObjectProvider
.cctor
get_GetInstance
get_Computer
get_Application
get_User
get_Forms
get_WebServices
HelpKeywordAttribute
System.ComponentModel.Design
WebServices
HideModuleNameAttribute
StandardModuleAttribute
Microsoft.VisualBasic.CompilerServices
MyForms
m_Chat
m_Form1
m_FormBeingCreated
Hashtable
System.Collections
ThreadStaticAttribute
get_Chat
get_Form1
ArgumentException
set_Chat
set_Form1
TargetInvocationException
Control
get_IsDisposed
GetTypeFromHandle
RuntimeTypeHandle
ContainsKey
GetResourceString
InvalidOperationException
Activator
CreateInstance
ProjectData
SetProjectError
Exception
get_InnerException
get_Message
Remove
Create__Instance__
Instance
Component
Dispose
Dispose__Instance__
instance
RuntimeHelpers
GetObjectValue
Equals
GetHashCode
GetType
ToString
MyGroupCollectionAttribute
MyWebServices
ThreadSafeObjectProvider`1
m_ThreadStaticValue
CompilerGeneratedAttribute
GetInstance
ComVisibleAttribute
System.Runtime.InteropServices
Server
components
IContainer
_Button1
Button
_TextBox1
TextBox
_TextBox2
IDisposable
disposing
DebuggerNonUserCodeAttribute
ComponentResourceManager
SuspendLayout
set_Location
set_Name
set_Size
set_TabIndex
ButtonBase
set_Text
set_UseVisualStyleBackColor
set_Multiline
ContainerControl
set_AutoScaleDimensions
set_AutoScaleMode
AutoScaleMode
set_ClientSize
get_Controls
ControlCollection
set_FormBorderStyle
FormBorderStyle
ResourceManager
System.Resources
GetObject
set_Icon
set_MaximizeBox
set_MinimizeBox
set_ShowIcon
set_ShowInTaskbar
set_StartPosition
FormStartPosition
set_TopMost
ResumeLayout
PerformLayout
InitializeComponent
get_Button1
EventHandler
remove_Click
add_Click
set_Button1
get_TextBox1
set_TextBox1
get_TextBox2
set_TextBox2
get_Text
get_Length
Concat
get_Tag
Operators
ConcatenateObject
Conversions
Button1_Click
EventArgs
Button1
TextBox1
TextBox2
DesignerGeneratedAttribute
njLogger
isRunning
MaxLength
Stream
StreamWriter
System.IO
LogsPath
LastAV
LastAS
lastKey
Isdown
WH_KEYBOARD_LL
HC_ACTION
WM_SYSKEYDOWN
WM_SYSKEYUP
KBDLLHookProcDelegate
HHookID
WM_KEYDOWN
WM_KEYUP
ServerComputer
get_Clock
get_LocalTime
DateTime
GetTempPath
get_ExecutablePath
FileInfo
Boolean
IntPtr
Thread
System.Threading
ReadAllText
ClearProjectError
AppendText
set_AutoFlush
GetExecutingAssembly
GetModules
Module
Marshal
GetHINSTANCE
ToInt32
op_Explicit
ThreadStart
Delete
DeleteLogs
Process
GetProcessById
get_MainWindowTitle
CompareString
get_Day
get_Month
get_Year
TextWriter
WriteAllText
ToUnicodeEx
StringBuilder
System.Text
wVirtKey
wScanCode
lpKeyState
pwszBuff
cchBuff
wFlags
GetKeyboardState
MapVirtualKey
uMapType
SetWindowsHookEx
idHook
HookProc
hInstance
wParam
CallNextHookEx
lParam
UnhookWindowsHookEx
GetWindowThreadProcessId
lpdwProcessID
GetKeyboardLayout
dwLayout
GetForegroundWindow
get_Keyboard
Keyboard
get_ShiftKeyDown
get_CapsLock
ToUpper
Strings
ToLower
VKCodeToUnicode
VKCode
op_Equality
PtrToStructure
KeyboardProc
KBDLLHOOKSTRUCT
ValueType
vkCode
scanCode
dwExtraInfo
KBDLLHOOKSTRUCTFlags
value__
LLKHF_EXTENDED
LLKHF_INJECTED
LLKHF_ALTDOWN
LLKHF_UP
FlagsAttribute
KBDLLHookProc
MulticastDelegate
TargetObject
TargetMethod
BeginInvoke
IAsyncResult
AsyncCallback
DelegateCallback
DelegateAsyncState
EndInvoke
DelegateAsyncResult
Invoke
downloder
fileStartup
WinRARReName
Virtulbox
ollydbg
processdownloder
msgfo2
withoutrun
asfasf
servernameshort
shadyservershortcut
serverpathcopy
OKCancel
retrycanel
yesnocanel
retryignore
msgt7t
server
server2
shsreg
el2emashortcut
paths213123hortcut
RenameServConf
DirCopyWinRAR
regsetup
regset
el2ema
install
shadymaadwy
Wireshark
hacker
cports
procexp
vmware
taskmangerlol
CompareMethod
List`1
System.Collections.Generic
Bitmap
Rectangle
Screen
get_PrimaryScreen
get_Bounds
get_Width
get_Height
set_Width
set_Height
ToInteger
Graphics
FromImage
set_CompositingQuality
CompositingQuality
System.Drawing.Drawing2D
CopyFromScreen
CopyPixelOperation
Cursors
get_Default
Cursor
get_Position
GetThumbnailImage
GetThumbnailImageAbort
MD5CryptoServiceProvider
System.Security.Cryptography
HashAlgorithm
ComputeHash
Convert
ToBase64String
ImageCodecInfo
System.Drawing.Imaging
GetImageEncoders
get_MimeType
GetEncoderInfo
EncoderParameters
MemoryStream
Enumerator
get_Size
get_Count
ToArray
AddRange
IEnumerable`1
get_PixelFormat
PixelFormat
ImageFormat
get_Jpeg
get_Item
GetEnumerator
get_Current
DrawImage
MoveNext
get_Param
EncoderParameter
Encoder
Quality
Encoding
GetBytes
NotImplementedException
SizeOfimage
_Timer2
_Timer3
_Timer4
_Timer5
_Timer6
_Timer7
_Timer8
_Timer9
_Timer10
_Timer11
_Timer12
_Timer1
PersistThread
SW_SHOWNORMAL
SW_SHOWMINIMIZED
tictoc
RSocket
TcpClient
System.Net.Sockets
culture
country
streamWebcam
taskBar
SETDESKWALLPAPER
UPDATEINIFILE
RegistryKey
Microsoft.Win32
MaaDawy
rThread
StartupKey
DataEvent
AppPath
AddToStartup
HideFile
AddToTemp
TempHideFile
FormClosingEventHandler
add_FormClosing
add_Load
Environment
get_UserName
get_MachineName
CultureInfo
System.Globalization
get_CurrentCulture
get_EnglishName
IndexOf
LastIndexOf
Substring
GetFolderPath
SpecialFolder
GetFileName
get_FileSystem
FileSystemProxy
Microsoft.VisualBasic.MyServices
GetFileInfo
Container
set_Interval
set_Enabled
set_AutoSizeMode
AutoSizeMode
set_ControlBox
set_Opacity
set_SizeGripStyle
SizeGripStyle
get_Timer2
remove_Tick
add_Tick
set_Timer2
get_Timer3
set_Timer3
get_Timer4
set_Timer4
get_Timer5
set_Timer5
get_Timer6
set_Timer6
get_Timer7
set_Timer7
get_Timer8
set_Timer8
get_Timer9
set_Timer9
get_Timer10
set_Timer10
get_Timer11
set_Timer11
get_Timer12
set_Timer12
get_Timer1
set_Timer1
BlockInput
fBlock
ShowWindow
handle
nCmdShow
apiBlockInput
SwapMouseButton
SendMessage
lparam
SetWindowPos
hWndInsertAfter
FindWindow
lpClassName
lpWindowName
FindWindowA
mciSendString
lpCommandString
lpReturnString
uReturnLength
hwndCallback
mciSendStringA
GetWindowText
lpString
SystemParametersInfo
uAction
uParam
lpvParam
fuWinIni
SystemParametersInfoA
SendCamMessage
SendMessageA
Form1_FormClosing
FormClosingEventArgs
GetPathWinRAR
Interaction
CreateObject
NewLateBinding
LateGet
LateSet
LateCall
CreateProjectError
maaaadawwyhackeeeer
shadymaadawy
m3daawyhacker
WebClient
System.Net
GetEnvironmentVariable
set_Visible
MessageBox
DialogResult
MessageBoxButtons
MessageBoxIcon
Exists
EndApp
Registry
CurrentUser
OpenSubKey
SetValue
RegistryValueKind
Environ
DownloadFile
AppWinStyle
set_IsReadOnly
FileSystemInfo
get_Attributes
FileAttributes
set_Attributes
SetAttributes
Form1_Load
Delegate
Combine
add_Data
remove_Data
get_Client
Socket
SocketFlags
set_ReceiveBufferSize
set_SendBufferSize
set_NoDelay
set_ReceiveTimeout
set_SendTimeout
Connect
get_Connected
SelectMode
get_Available
Receive
LateIndexGet
Disconnect
GetString
StreamReader
IPAddress
UdpClient
ImageConverter
FileAttribute
IEnumerator
DeleteValue
ToBoolean
ReadAllBytes
ReadToEnd
WriteLine
Create
FileStream
CreateDirectory
startrec
FileExists
stoprec
FromBase64String
WriteAllBytes
get_Info
ComputerInfo
get_OSFullName
Replace
get_Registry
RegistryProxy
GetValue
Restart
GetProcesses
get_ProcessName
get_Id
get_SessionId
GetProcessesByName
LateSetComplex
DataReceivedEventHandler
add_OutputDataReceived
add_ErrorDataReceived
add_Exited
ProcessWindowStyle
get_ASCII
TypeConverter
ConvertTo
get_StartupPath
Directory
RenameDirectory
RenameFile
ToDouble
set_Position
IEnumerable
ChangeType
FileSystem
SetAttr
GZipStream
System.IO.Compression
OpenRead
CompressionMode
Console
CompressFile
UncompressFile
OperatingSystem
get_OSVersion
get_ServicePack
LocalMachine
GenerateOperatingSystem
get_LastWriteTime
capGetDriverDescriptionA
wDriver
lpszName
cbName
lpszVer
ProcessThread
get_Threads
ProcessThreadCollection
ReadOnlyCollectionBase
op_Inequality
SuspendProcess
process
OpenThread
dwDesiredAccess
bInheritHandle
dwThreadId
SuspendThread
hThread
ResumeThread
CloseHandle
hHandle
checkcam
get_UTF8
CaptureDesktop
startup
GetVolumeInformation
lpRootPathName
lpVolumeNameBuffer
nVolumeNameSize
lpVolumeSerialNumber
lpMaximumComponentLength
lpFileSystemFlags
lpFileSystemNameBuffer
nFileSystemNameSize
GetVolumeInformationA
Conversion
WinTitle
GetWindowTextA
GetWindowTextLength
GetWindowTextLengthA
DeleteFile
DeleteSubKey
set_Tag
chatappds
LoadDeviceList
ClassesRoot
StartsWith
GetKey
CurrentConfig
GetRootSubs
GetSubKeyNames
GetRootSubKeys
GetData
StrReverse
GetLast
GetValueNames
GetValueKind
GetValues
location
GetSubKeys
Timer2_Tick
Timer3_Tick
Timer4_Tick
Timer5_Tick
Timer6_Tick
Timer7_Tick
Timer8_Tick
Timer9_Tick
Timer10_Tick
Timer11_Tick
get_Capacity
GetCaption
Timer12_Tick
Timer1_Tick
_Lambda$__1
Timer2
Timer3
Timer4
Timer5
Timer6
Timer7
Timer8
Timer9
Timer10
Timer11
Timer12
Timer1
DataEventHandler
ThreadAccess
TERMINATE
SUSPEND_RESUME
GET_CONTEXT
SET_CONTEXT
SET_INFORMATION
QUERY_INFORMATION
SET_THREAD_TOKEN
IMPERSONATE
DIRECT_IMPERSONATION
chatappd
Module1
mouse_event
dwFlags
cButtons
ManagementObject
ManagementObjectCollection
ManagementObjectEnumerator
ManagementObjectSearcher
ManagementBaseObject
GetFirewall
getanti
DriveInfo
IEnumerator`1
DriveType
get_Drives
ReadOnlyCollection`1
System.Collections.ObjectModel
get_DriveType
getDrives
DirectoryInfo
GetDirectories
getFolders
GetFiles
getFiles
opera_salt
key_size
DOutput
CredEnumerateW
filter
pCredentials
ReadIntPtr
PtrToStringBSTR
ToCharArray
Information
UBound
get_Chars
paltalk
ReadAllLines
StringType
MidStmtStr
AddObject
GetOpera
ICryptoTransform
TripleDESCryptoServiceProvider
Initialize
SymmetricAlgorithm
set_Mode
CipherMode
set_Padding
PaddingMode
TripleDES
set_Key
set_IV
CreateDecryptor
TransformFinalBlock
get_Unicode
decrypt2_method
encrypt_data
CREDENTIAL
TargetName
Comment
LastWritten
CredentialBlobSize
CredentialBlob
Persist
AttributeCount
Attributes
TargetAlias
UserName
firefox5
signon
DataTable
DataRow
System.Text.RegularExpressions
IsMatch
get_Rows
DataRowCollection
GetFire
LoadLibrary
dllFilePath
GetProcAddress
hModule
procName
GetDelegateForFunctionPointer
NSS_Init
configdir
PK11_GetInternalKeySlot
PK11_Authenticate
loadCerts
NSSBase64_DecodeBuffer
arenaOpt
outItemOpt
PK11SDR_Decrypt
result
SHITEMID
TSECItem
SECItemType
SECItemData
SECItemLen
DLLFunctionDelegate
UnmanagedFunctionPointerAttribute
CallingConvention
DLLFunctionDelegate2
DLLFunctionDelegate3
DLLFunctionDelegate4
DLLFunctionDelegate5
SQLiteBase5
SQL_OK
SQL_ROW
SQL_DONE
database
HeapAlloc
GetProcessHeap
lstrlen
sqlite3_open
fileName
sqlite3_close
sqlite3_exec
callback
arguments
sqlite3_errmsg
sqlite3_prepare_v2
length
statement
sqlite3_step
sqlite3_column_count
sqlite3_column_name
columnNumber
sqlite3_column_type
sqlite3_column_int
sqlite3_column_double
sqlite3_column_text
sqlite3_column_blob
sqlite3_column_table_name
sqlite3_finalize
baseName
OpenDatabase
CloseDatabase
ArrayList
get_ItemArray
GetTables
ExecuteNonQuery
ExecuteQuery
get_Columns
DataColumnCollection
DataColumn
Double
ReadFirstRow
ReadNextRow
WriteByte
StringToPointer
PointerToString
GetPointerLenght
SQLiteDataTypes
Chrome
Gchrome
CryptUnprotectData
pDataIn
szDataDescr
pOptionalEntropy
pvReserved
pPromptStruct
pDataOut
GCHandle
GCHandleType
AddrOfPinnedObject
Decrypt
CryptProtectPromptFlags
CRYPTPROTECT_PROMPT_ON_UNPROTECT
CRYPTPROTECT_PROMPT_ON_PROTECT
CRYPTPROTECT_PROMPTSTRUCT
cbSize
dwPromptFlags
hwndApp
szPrompt
DATA_BLOB
cbData
pbData
SQLiteHandler
db_bytes
page_size
encoding
master_table_entries
SQLDataTypeSize
table_entries
field_names
ToBigEndian16Bit
ToBigEndian32Bit
ToBigEndian64Bit
startIndex
BitConverter
ToInt64
endIndex
ConvertToInteger
Decimal
ToUInt16
CopyArray
Compare
Subtract
ToUInt64
get_BigEndianUnicode
Multiply
ReadMasterTable
Offset
ReadTableFromOffset
CompareTo
ReadTable
TableName
GetRowCount
row_num
GetTableNames
FileOpen
OpenMode
OpenAccess
OpenShare
FileGet
FileClose
record_header_field
table_entry
row_id
content
sqlite_master_entry
item_type
item_name
astable_name
root_num
sql_statement
CIE7Passwords
ERROR_CACHE_FIND_FAIL
ERROR_CACHE_FIND_SUCCESS
MAX_PATH
MAX_CACHE_ENTRY_INFO_SIZE
NORMAL_CACHE_ENTRY
URLHISTORY_CACHE_ENTRY
PROV_RSA_FULL
ALG_CLASS_HASH
ALG_TYPE_ANY
ALG_SID_SHA
CALG_SHA
AT_SIGNATURE
HP_HASHVAL
READ_CONTROL
STANDARD_RIGHTS_READ
KEY_QUERY_VALUE
KEY_ENUMERATE_SUB_KEYS
KEY_NOTIFY
SYNCHRONIZE
STANDARD_RIGHTS_WRITE
KEY_SET_VALUE
KEY_CREATE_SUB_KEY
KEY_READ
KEY_WRITE
HKEY_CURRENT_USER
FindFirstUrlCacheEntry
lpszUrlSearchPattern
lpFirstCacheEntryInfo
lpdwFirstCacheEntryInfoBufferSize
FindFirstUrlCacheEntryA
FindNextUrlCacheEntry
FindNextUrlCacheEntryA
FindCloseUrlCache
hEnumHandle
lstrlenA
lstrcpyA
RetVal
CryptAcquireContext
phProv
pszContainer
pszProvider
dwProvType
CryptAcquireContextA
CryptCreateHash
phHash
CryptHashData
dwDataLen
CryptGetHashParam
dwParam
pdwDataLen
CryptSignHash
dwKeySpec
sDescription
pbSignature
pdwSigLen
CryptSignHashA
CryptDestroyHash
CryptReleaseContext
RegOpenKeyEx
lpSubKey
ulOptions
samDesired
phkResult
RegOpenKeyExA
RegQueryValueEx
lpValueName
lpReserved
lpType
lpData
lpcbData
RegQueryValueExA
RegDeleteValue
RegDeleteValueA
LocalFree
RegCloseKey
ppszDataDescr
CredEnumerate
lpszFilter
lFlags
pCount
lppCredentials
CredDelete
lpwstrTargetName
dwType
CredDeleteW
CredFree
pBuffer
SysAllocString
pOlechar
PtrToStringAnsi
GetStrFromPtrA
CheckSum
GetSHA1Hash
ReadByte
PtrToStringUni
ProcessIEPass
strURL
strHash
dataOut
AllocHGlobal
StringToHGlobalUni
FreeHGlobal
AddPasswdInfo
strRess
CopyString
RegexOptions
WriteInt32
IsNullOrEmpty
Matches
MatchCollection
get_Groups
GroupCollection
Capture
get_Value
WriteInt16
Format
Refresh
SYSTEMTIME
wMonth
wDayOfWeek
wMinute
wSecond
wMilliseconds
INTERNET_CACHE_ENTRY_INFO
dwStructSize
lpszSourceUrlName
lpszLocalFileName
CacheEntryType
dwUseCount
dwHitRate
dwSizeLow
dwSizeHigh
LastModifiedTime
FILETIME
ExpireTime
LastAccessTime
LastSyncTime
lpHeaderInfo
dwHeaderInfoSize
lpszFileExtension
dwExemptDelta
StringIndexHeader
dwWICK
dwEntriesCount
dwUnkId
StringIndexEntry
dwDataOffset
ftInsertDateTime
dwDataSize
CRED_TYPE
GENERIC
DOMAIN_PASSWORD
DOMAIN_CERTIFICATE
DOMAIN_VISIBLE_PASSWORD
MAXIMUM
CREDENTIAL_ATTRIBUTE
lpstrKeyword
dwValueSize
lpbValue
lpstrTargetName
lpstrComment
ftLastWritten
dwCredentialBlobSize
lpbCredentialBlob
dwPersist
dwAttributeCount
lpAttributes
lpstrTargetAlias
lpUserName
Resources
Server.My.Resources
resourceMan
resourceCulture
ReferenceEquals
get_Assembly
get_ResourceManager
get_Culture
set_Culture
get_cam
get_rec
Culture
MySettings
ApplicationSettingsBase
System.Configuration
defaultInstance
addedHandler
addedHandlerLockObject
SettingsBase
Synchronized
get_SaveMySettingsOnExit
AutoSaveSettings
ObjectFlowControl
CheckForSyncLockOnValueType
Monitor
ShutdownEventHandler
add_Shutdown
Default
MySettingsProperty
get_Settings
Settings
AssemblyProductAttribute
AssemblyCopyrightAttribute
AssemblyCompanyAttribute
AssemblyDescriptionAttribute
AssemblyTitleAttribute
RuntimeCompatibilityAttribute
DebuggableAttribute
DebuggingModes
CompilationRelaxationsAttribute
GuidAttribute
AssemblyTrademarkAttribute
AssemblyFileVersionAttribute
MyDomain
MyDomain2
MyTemplate
8.0.0.0
My.Computer
My.Application
My.User
My.Forms
My.WebServices
System.Windows.Forms.Form
Create__Instance__
Dispose__Instance__
My.MyProject.Forms
4System.Web.Services.Protocols.SoapHttpClientProtocol
Create__Instance__
Dispose__Instance__
Button1
TextBox1
TextBox2
Timer2
Timer3
Timer4
Timer5
Timer6
Timer7
Timer8
Timer9
Timer10
Timer11
Timer12
Timer1
3System.Resources.Tools.StronglyTypedResourceBuilder
4.0.0.0
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
10.0.0.0
My.Settings
Server
Copyright
2012
WrapNonExceptionThrows
$8c0a0be4-c2d9-43fd-8362-d331a08ed069
1.0.0.0
_CorExeMain
mscoree.dll
wwwwwwwwwwwwwwp
DDDDDDDDDDDDDDp
DDDDDDDDDDDDDDp
LLLLLLLLLNItp
DDDDDDDDDDDDD@
wwwwwwwDDDDDDDGOGOGOGOGOGOGOGOGHGLGDDDDDD
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<!-- UAC Manifest Options
If you want to change the Windows User Account Control level replace the
requestedExecutionLevel node with one of the following.
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
<requestedExecutionLevel level="highestAvailable" uiAccess="false" />
Specifying requestedExecutionLevel node will disable file and registry virtualization.
If you want to utilize File and Registry Virtualization for backward
compatibility then delete the requestedExecutionLevel node.
-->
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
<application>
<!-- A list of all Windows versions that this application is designed to work with. Windows will automatically select the most compatible environment.-->
<!-- If your application is designed to work with Windows 7, uncomment the following supportedOS node-->
<!--<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>-->
</application>
</compatibility>
<!-- Enable themes for Windows common controls and dialogs (Windows XP and later) -->
<!-- <dependency>
<dependentAssembly>
<assemblyIdentity
type="win32"
name="Microsoft.Windows.Common-Controls"
version="6.0.0.0"
processorArchitecture="*"
publicKeyToken="6595b64144ccf1df"
language="*"
/>
</dependentAssembly>
</dependency>-->
</asmv1:assembly>
555CCC
zzz>>>
lIDATxw8
I|Agwr?
8%#K'J5
>W#Hp*
0bTWE<X{gYi|)ge^
pRf]N20
hnYgReI#b
w)b\Lv)
x 8,r%+x'.
DL)F"5E},>B
HY""`X:t
m[FH,"c
u*K#KH
w"E"NX"
8,sC9+De1
\:Yrpe
E,reP3
v)s,Cd
,]+OQ/K?^
Y@Wf~pif
AsK3K?
\H^Xfu
&B)FbAe
x^A2>f
#x `EV-
&^{}n_-Fi~]
}=f.so=e}W*
\*5z_9
{cxbUs>
IENDB`
v2.0.50727
#Strings
<Module>
jj.Scr
mscorlib
System
Object
System.Runtime.CompilerServices
CompilationRelaxationsAttribute
RuntimeCompatibilityAttribute
System.Reflection
Assembly
GetExecutingAssembly
System.Resources
ResourceManager
Environment
SpecialFolder
GetFolderPath
String
Concat
GetObject
System.IO
WriteAllBytes
System.Diagnostics
Process
Exception
get_Message
Console
WriteLine
files.resources
v_:IcMV,.[8/
WrapNonExceptionThrows
_CorExeMain
mscoree.dll
(17::71(
U:0...//////000001111122222333334444455555666667777788888999999::::;;=G`
?@(06999:::::;;;;;<<<<<<=====>>>>>?????@@@@@AAAAABBBBBBCCCCCDDDDDEEEEEFFEC>8N
(3;97778888899999::::::;;;;;<<<<<=====>>>>>?????@@@@@AAAAAABBBBBCCCCCDDDDDFHB7
O&9877778888899999::::::;;;;;<<<<<=====>>>>>?????@@@@@AAAAAABBBBBCCCCCDDDDDEEEFH7
17877778888899999::::::;;;;;<<<<<=====>>>>>?????@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEGGB
Nk+:77778888899999::::::;;;;;<<<<<=====>>>>>?????@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFI<wO
6777778888899999::::::;;;;;<<<<<=====>>>>>?????@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFG
:*:7778888899999::::::;;;;;<<<<<=====>>>>>?????@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFI<
*:778888899999::::::;;;;;<<<<<=====>>>>>?????@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGJ;
x+:78888899999::::::;;;;;<<<<<=====>>>>>?????@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGI<
gw+:8888899999::::::;;;;;<<<<<=====>>>>>?????@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGI<g
w+:888899999::::::;;;;;<<<<<=====>>>>>?????@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGI=
%w,;88899999::::::;;;;;<<<<<====?>?@>>?????@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGJ>%
jw-;8899999::::::;;;;;<<<<<====>6;95A@????@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGJ
w-;899999::::::;;;;;<<<<<====?6mk1>B??@@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHJ~>
w-;99999::::::;;;;;<<<<<=====><
B4BA@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHJ}=
Iw,;9999::::::;;;;;<<<<<=====><Dq2>C@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHJ}>H
w-<999::::::;;;;;<<<<<=====>?=C
F5CBAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHK|?
x.<99::::::;;;;;<<<<<=====>>?=Cv4>DAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHK{?
x.<9::::::;;;;;<<<<<=====>>>?=D
K5CCBBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIKz?
0x.<::::::;;;;;<<<<<=====>>>>?=D}6>EBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIKy?/
Wx.<:::::;;;;;<<<<<=====>>>>>?>D
O6DDCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIKx?V
x.=::::;;;;;<<<<<=====>>>>>?@>D8>FCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIILw@
y/=:::;;;;;<<<<<=====>>>>>??@>DT6EEDDDDDEEEEEFFFFFGGGGGGHHHHHIIIIILv@
y/=::;;;;;<<<<<=====>>>>>???@=E:>GDDDEEEEEFFFFFGGGGGGHHHHHIIIII
y/<:;;;;;<<<<<=====>>>>>????@>EY7EFEEEEEFFFFFGGGGGGHHHHHIIIII
y/=;;;;;<<<<<=====>>>>>?????@?E=>HEEEFFFFFGGGGGGHHHHHIIIII
J~J}J~Lt@
y/>;;;;<<<<<=====>>>>>?????@A?E^8FGFFFFFGGGGGGHHHHHIIIII
J~J}J|J}LsA
(y0>;;;<<<<<=====>>>>>?????@@A?E
@?IFFFGGGGGGHHHHHIIIII
J~J}J|J{J|MrA'
1y0>;;<<<<<=====>>>>>?????@@@A?Ec:GFGGGGGGHHHHHIIIII
J~J}J|J{J{K|MqA1
7y0=;<<<<<=====>>>>>?????@@@@A?F?HGGGGGHHHHHIIIII
J~J}J|J{J{KzK{MpA7
:y0><<<<<=====>>>>>?????@@@@@A@Fe@IGGGHHHHHIIIII
J~J}J|J{J{KzKyKzMpA:
:y0?<<<<=====>>>>>?????@@@@@AB@Fe@IGGHHHHHIIIII
J~J}J|J{J{KzKyKxKyMoB:
7z1?<<<=====>>>>>?????@@@@@AAB@F@IGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKxNnB7
1z1?<<=====>>>>>?????@@@@@AAAB?Fd<HGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLxNmB1
(z1><=====>>>>>?????@@@@@AAAAA@GB@JGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLwNlB(
z1?=====>>>>>?????@@@@@AAAAABAG_:HIGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLvNkB
z1?====>>>>>?????@@@@@AAAAAACAG?AJGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLuNkB
z2@===>>>>>?????@@@@@AAAAAABCAGZ:HIGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLtOjC
{2@==>>>>>?????@@@@@AAAAAABBCAG=AJGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMtOiC
{2?=>>>>>?????@@@@@AAAAAABBBBAHW9HIGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMsOhC
{2@>>>>>?????@@@@@AAAAAABBBBCBH<AJGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMrOgC
W{2@>>>>?????@@@@@AAAAAABBBBBDBH
S:HHGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMqOfCV
0{3A>>>?????@@@@@AAAAAABBBBBCDBH;BIGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMpPeD/
{3@>>?????@@@@@AAAAAABBBBBCCDBH
P:IGFGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNpPdD
{3@>?????@@@@@AAAAAABBBBBCCCCBI{:CIFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNoPdD
{3A?????@@@@@AAAAAABBBBBCCCCDCI
L;IGFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNnPcD
J{3A????@@@@@AAAAAABBBBBCCCCCEBJu9DIFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNmPbDH
{4B???@@@@@AAAAAABBBBBCCCCCDDDB
H;IGFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNlQaE
|4A??@@@@@AAAAAABBBBBCCCCCDDDF=rp7DIFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNlQ`E
l|4A?@@@@@AAAAAABBBBBCCCCCDDDDDF>B@<IGFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOkQ_Ek
&|4A@@@@@AAAAAABBBBBCCCCCDDDDDEEGEFHFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOjQ^E&
|4B@@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOhOiQ^E
i|5C@@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOhOgOhR]Fh
~5B@@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOhOgOfOhR\F
4C@AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOhOgOfOfPgSZE
4CAAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOhOgOfOfPePfSYE<
?AAAAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOhOgOfOfPePdPcPbP
Pp7DAAABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOhOgOfOfPePdPeRZG|P
;BBABBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOhOgOfOfPePdPdQcQ]L
1ECBBBBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOhOgOfOfPePdPdQeSTCQ
4@ECBCCCCCDDDDDEEEEEFFFFFGGGGGGHHHHHIIIII
J~J}J|J{J{KzKyKxKwKwLvLuLtLsLsMrMqMpMoMoNnNmNlNkNjNjOiOhOgOfOfPePeQfSaOUD
G5=CEEEEFFFFFGGGGGHHHHHIIIIIIJJJJJKKKKKL
L~L~L}L|M{MzMzMyMxNwNwNvNuNtOsOsOrOqOpPoPnPnPmPlPkQjQjQiQhQgRfRdP_KXDfUA
ZC;::;;;;;<<<<<======>>>>>??
?~?}?}@|@{@z@y@xAwAwAvAuAtBsBrBqBqBpCoCnCmClClDkDjDiDhDgEfEeEeEdEcFbFaF`F`F_G^G]G]HcPvf
(17::71(
K�O�N�j�E�t�s�v�Y�m�
Q�m�U�G�F�X�z�V�A�A�
'�E�X�Q�[�E�\�E�b�E�c�E�e�E�
A�v�g�T�i�m�e�P�e�r�F�r�a�m�e�
B�m�i�H�e�a�d�e�r�
n�C�h�a�n�n�e�l�s�
n�S�a�m�p�l�e�s�P�e�r�S�e�c�
w�B�i�t�s�P�e�r�S�a�m�p�l�e�
V�i�d�e�o� �C�a�p�t�u�r�e� �D�e�v�i�c�e�
D�s�.�N�E�T� �G�r�a�b�b�e�r�
A�u�d�i�o� �C�a�p�t�u�r�e� �D�e�v�i�c�e�
V�i�d�e�o� �C�o�m�p�r�e�s�s�o�r�
A�u�d�i�o� �C�o�m�p�r�e�s�s�o�r�
e�m�p�.�a�v�i�
S�a�m�p�l�e�
!�!�D�L�G�:� �O�n�C�a�p�t�u�r�e�D�o�n�e�
V�i�d�e�o� �T�u�n�e�r�
V�i�d�e�o� �C�o�m�p�o�s�i�t�e�
V�i�d�e�o� �S�-�V�i�d�e�o�
V�i�d�e�o� �R�G�B�
V�i�d�e�o� �Y�R�Y�B�Y�
V�i�d�e�o� �S�e�r�i�a�l� �D�i�g�i�t�a�l�
V�i�d�e�o� �P�a�r�a�l�l�e�l� �D�i�g�i�t�a�l�
V�i�d�e�o� �S�C�S�I�
V�i�d�e�o� �A�U�X�
V�i�d�e�o� �F�i�r�e�w�i�r�e�
V�i�d�e�o� �U�S�B�
V�i�d�e�o� �D�e�c�o�d�e�r�
V�i�d�e�o� �E�n�c�o�d�e�r�
V�i�d�e�o� �S�C�A�R�T�
A�u�d�i�o� �T�u�n�e�r�
A�u�d�i�o� �L�i�n�e� �I�n�
A�u�d�i�o� �M�i�c�
A�u�d�i�o� �A�E�S� �D�i�g�i�t�a�l�
A�u�d�i�o� �S�P�D�I�F� �D�i�g�i�t�a�l�
A�u�d�i�o� �S�C�S�I�
A�u�d�i�o� �A�U�X�
A�u�d�i�o� �F�i�r�e�w�i�r�e�
A�u�d�i�o� �U�S�B�
A�u�d�i�o� �D�e�c�o�d�e�r�
U�n�k�n�o�w�n� �C�o�n�n�e�c�t�o�r�
0�0�0�0�0�0�0�0�-�0�0�0�0�-�0�0�0�0�-�C�0�0�0�-�0�0�0�0�0�0�0�0�0�0�4�6�
F�r�i�e�n�d�l�y�N�a�m�e�
d�p�n�h�p�a�s�t�.�d�l�l�
!�D�s�.�N�E�T�:� �S�h�o�w�C�a�p�P�i�n�D�i�a�l�o�g� �
F�i�l�t�e�r�G�r�a�p�h� �{�0�}� �p�i�d� �{�1�}�
2�d�b�4�7�a�e�5�-�c�f�3�9�-�4�3�c�2�-�b�4�d�6�-�0�c�d�8�d�9�0�9�4�6�f�4�
c�9�f�5�f�e�0�2�-�f�8�5�1�-�4�e�b�5�-�9�9�e�e�-�a�d�6�0�2�a�f�1�e�6�1�9�
V�i�d�e�o� �C�a�p�t�u�r�e� �P�i�n�
V�i�d�e�o� �P�r�e�v�i�e�w� �P�i�n�
V�i�d�e�o� �C�r�o�s�s�b�a�r� �
T�V� �T�u�n�e�r�
A�u�d�i�o� �C�a�p�t�u�r�e� �P�i�n�
A�u�d�i�o� �P�r�e�v�i�e�w� �P�i�n�
A�u�d�i�o� �C�r�o�s�s�b�a�r� �
V�S�_�V�E�R�S�I�O�N�_�I�N�F�O�
V�a�r�F�i�l�e�I�n�f�o�
T�r�a�n�s�l�a�t�i�o�n�
S�t�r�i�n�g�F�i�l�e�I�n�f�o�
0�0�0�0�0�4�b�0�
F�i�l�e�D�e�s�c�r�i�p�t�i�o�n�
F�i�l�e�V�e�r�s�i�o�n�
0�.�0�.�0�.�0�
I�n�t�e�r�n�a�l�N�a�m�e�
c�a�m�.�d�l�l�
L�e�g�a�l�C�o�p�y�r�i�g�h�t�
O�r�i�g�i�n�a�l�F�i�l�e�n�a�m�e�
c�a�m�.�d�l�l�
P�r�o�d�u�c�t�V�e�r�s�i�o�n�
0�.�0�.�0�.�0�
A�s�s�e�m�b�l�y� �V�e�r�s�i�o�n�
0�.�0�.�0�.�0�
r�e�c�.�R�e�s�o�u�r�c�e�s�
s�o�u�n�d�r�e�c�
o�p�e�n� �n�e�w� �T�y�p�e� �w�a�v�e�a�u�d�i�o� �A�l�i�a�s� �r�e�c�s�o�u�n�d�
r�e�c�o�r�d� �r�e�c�s�o�u�n�d�
s�a�v�e� �r�e�c�s�o�u�n�d� �
c�l�o�s�e� �r�e�c�s�o�u�n�d�
V�S�_�V�E�R�S�I�O�N�_�I�N�F�O�
V�a�r�F�i�l�e�I�n�f�o�
T�r�a�n�s�l�a�t�i�o�n�
S�t�r�i�n�g�F�i�l�e�I�n�f�o�
0�0�0�0�0�4�b�0�
F�i�l�e�D�e�s�c�r�i�p�t�i�o�n�
F�i�l�e�V�e�r�s�i�o�n�
1�.�0�.�0�.�0�
I�n�t�e�r�n�a�l�N�a�m�e�
r�e�c�.�d�l�l�
L�e�g�a�l�C�o�p�y�r�i�g�h�t�
C�o�p�y�r�i�g�h�t� �
� �2�0�1�3�
O�r�i�g�i�n�a�l�F�i�l�e�n�a�m�e�
r�e�c�.�d�l�l�
P�r�o�d�u�c�t�N�a�m�e�
P�r�o�d�u�c�t�V�e�r�s�i�o�n�
1�.�0�.�0�.�0�
A�s�s�e�m�b�l�y� �V�e�r�s�i�o�n�
1�.�0�.�0�.�0�
$�t�h�i�s�.�I�c�o�n�
�+�T� �3�a� �;�a�!�
!� �#�"�$�"�%�"�'�&�(�&�)�&�+�*�,�*�-�*�.�*�/�*�0�*�1�*�2�*�
P�r�o�p�e�r�t�y� �c�a�n� �o�n�l�y� �b�e� �s�e�t� �t�o� �N�o�t�h�i�n�g�
W�i�n�F�o�r�m�s�_�R�e�c�u�r�s�i�v�e�F�o�r�m�C�r�e�a�t�e�
W�i�n�F�o�r�m�s�_�S�e�e�I�n�n�e�r�E�x�c�e�p�t�i�o�n�
B�u�t�t�o�n�1�
T�e�x�t�B�o�x�1�
T�e�x�t�B�o�x�2�
$�t�h�i�s�.�I�c�o�n�
C�h�a�t� �W�i�t�h� �H�a�c�k�e�r�
c�h�a�t�b�a�c�k�|�|�
�s�a�i�d� �:� �
[�E�N�T�E�R�]�
d�e�r�r�o�n�-�5�1�6�1�7�.�p�o�r�t�m�a�p�.�i�o�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�R�u�n�
i�m�a�g�e�/�j�p�e�g�
S�h�e�l�l�_�t�r�a�y�w�n�d�
S�e�r�v�e�r�.�e�x�e�
W�S�c�r�i�p�t�.�S�h�e�l�l�
S�p�e�c�i�a�l�F�o�l�d�e�r�s�
S�t�a�r�t�u�p�
C�r�e�a�t�e�S�h�o�r�t�c�u�t�
T�a�r�g�e�t�P�a�t�h�
E�x�p�a�n�d�E�n�v�i�r�o�n�m�e�n�t�S�t�r�i�n�g�s�
W�o�r�k�i�n�g�D�i�r�e�c�t�o�r�y�
W�i�n�d�o�w�S�t�y�l�e�
I�c�o�n�L�o�c�a�t�i�o�n�
%�S�y�s�t�e�m�R�o�o�t�%�\�s�y�s�t�e�m�3�2�\�S�H�E�L�L�3�2�.�d�l�l�,�0�
%�T�e�m�p�%�
%�A�p�p�D�a�t�a�%�
A�P�P�D�A�T�A�
%�D�e�s�k�t�o�p�%�
%�R�e�c�e�n�t�%�
%�M�y�D�o�c�u�m�e�n�t�s�%�
%�S�t�a�r�t�M�e�n�u�%�
%�s�e�r�v�e�r�p�a�t�h�c�o�p�y�%�
%�H�i�s�t�o�r�y�%�
%�C�o�o�k�i�e�s�%�
%�M�y�M�u�s�i�c�%�
%�M�y�P�i�c�t�u�r�e�s�%�
%�S�e�n�d�T�o�%�
%�F�a�v�o�r�i�t�e�s�%�
\�M�i�c�r�o�s�o�f�t�\�s�v�c�h�o�s�t�.�e�x�e�
m�e�l�t�.�t�x�t�
s�o�f�t�w�a�r�e�\�m�i�c�r�o�s�o�f�t�\�w�i�n�d�o�w�s�\�c�u�r�r�e�n�t�v�e�r�s�i�o�n�\�r�u�n�
s�o�f�t�w�a�r�e�\�m�i�c�r�o�s�o�f�t�\�w�i�n�d�o�w�s�\�c�u�r�r�e�n�t�v�e�r�s�i�o�n�\�R�u�n�O�n�c�e�
S�O�F�T�W�A�R�E�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�R�u�n�O�n�c�e�
S�O�F�T�W�A�R�E�\�M�i�c�r�o�s�o�f�t�\�W�i�n�d�o�w�s�\�C�u�r�r�e�n�t�V�e�r�s�i�o�n�\�R�u�n�
l�e�n�g�t�h�
U�n�i�n�s�t�a�l�l�
d�o�w�n�l�o�a�d�
d�o�w�n�l�o�a�d�|�|�
d�o�w�n�l�o�a�d�f�i�l�e�
d�o�w�n�l�o�a�d�e�d�f�i�l�e�|�|�
c�r�y�p�t�e�d�e�c�r�y�p�t�e�t�e�x�t�f�i�l�e�
s�a�v�e�t�e�x�t�f�i�l�e�
c�r�e�a�t�n�e�w�t�e�x�t�f�i�l�e�
m�s�g�b�o�x�
I�n�f�o�r�m�a�t�i�o�n�
F�i�l�e� �N�a�m�e� �A�l�r�e�a�d�y� �E�x�i�s�t�s�
c�r�e�a�t�n�e�w�f�o�l�d�e�r�
s�t�a�r�t�r�e�c�
s�o�u�n�d�r�e�c�
s�t�o�p�r�e�c�
d�o�w�n�l�o�a�d�t�h�e�r�e�c�
r�e�q�u�e�s�t�r�e�c�o�r�d�s�
p�i�n�g� �-�t�
s�e�n�d�f�i�l�e�
o�p�e�n�k�l�
g�e�t�l�o�g�s�
l�o�g�s�|�|�
o�p�e�n�k�l�o�n�
g�e�t�l�o�g�s�o�n�
l�o�g�s�o�n�|�|�
M�i�c�r�o�s�o�f�t�
W�i�n�d�o�w�s�
H�K�E�Y�_�L�O�C�A�L�_�M�A�C�H�I�N�E�\�H�A�R�D�W�A�R�E�\�D�E�S�C�R�I�P�T�I�O�N�\�S�Y�S�T�E�M�\�C�E�N�T�R�A�L�P�R�O�C�E�S�S�O�R�\�0�
P�r�o�c�e�s�s�o�r�N�a�m�e�S�t�r�i�n�g�
i�n�f�o�|�|�
s�e�n�d�f�i�l�e�t�o�
c�l�o�s�e�s�e�r�v�e�r�
r�e�s�t�a�r�t�s�e�r�v�e�r�
G�e�t�P�r�o�c�e�s�s�e�s�
P�r�o�c�e�s�s�S�p�l�i�t�
P�r�o�c�e�s�s�M�a�n�a�g�e�r�
K�i�l�l�P�r�o�c�e�s�s�
S�P�r�o�c�e�s�s�
S�S�P�r�o�c�e�s�s�
S�S�S�P�r�o�c�e�s�s�
o�p�e�n�s�h�e�l�l�
S�t�a�r�t�I�n�f�o�
R�e�d�i�r�e�c�t�S�t�a�n�d�a�r�d�O�u�t�p�u�t�
R�e�d�i�r�e�c�t�S�t�a�n�d�a�r�d�I�n�p�u�t�
R�e�d�i�r�e�c�t�S�t�a�n�d�a�r�d�E�r�r�o�r�
F�i�l�e�N�a�m�e�
c�m�d�.�e�x�e�
U�s�e�S�h�e�l�l�E�x�e�c�u�t�e�
C�r�e�a�t�e�N�o�W�i�n�d�o�w�
E�n�a�b�l�e�R�a�i�s�i�n�g�E�v�e�n�t�s�
B�e�g�i�n�E�r�r�o�r�R�e�a�d�L�i�n�e�
B�e�g�i�n�O�u�t�p�u�t�R�e�a�d�L�i�n�e�
S�t�a�n�d�a�r�d�I�n�p�u�t�
W�r�i�t�e�L�i�n�e�
O�p�e�n�P�r�o�
c�o�r�r�u�p�t�
w�A�y�q�s�W�4�e�E�9�C�s�d�0�d�n�d�Y�1�r�L�n�u�f�P�t�O�4�V�j�p�9�c�R�v�X�z�0�g�3�8�R�a�W�j�e�o�o�1�O�B�X�T�0�C�N�p�4�w�W�7�v�Y�4�T�i�6�S�m�6�4�z�h�n�E�n�0�Q�W�H�c�V�T�G�Z�r�n�N�H�c�c�9�J�F�D�N�G�A�P�Y�C�z�P�W�w�y�D�P�I�D�B�s�d�g�0�6�7�E�8�n�e�w�V�o�W�R�j�7�T�O�N�9�r�o�e�b�C�3�m�0�i�W�9�o�G�J�7�3�C�M�4�U�e�l�T�t�j�c�t�Q�v�x�t�2�Q�q�p�X�A�T�V�V�v�A�K�p�i�b�p�7�q�c�o�i�R�V�9�V�m�v�e�s�4�2�m�Y�U�I�4�2�
G�e�t�D�r�i�v�e�s�
F�i�l�e�M�a�n�a�g�e�r�|�|�
F�i�l�e�M�a�n�a�g�e�r�
F�i�l�e�M�a�n�a�g�e�r�|�|�E�r�r�o�r�
B�L�A�A�A�A�A�A�A�A�A�A�A�A�A�A�A�!�/�a�s�l�d�i�f�r�h�X�G�J�R�C�V�K�J�J�E�A�W�T�B�R�H�G�M�G�G�a�s�l�k�d�f�h�a�s�e�o�i�r�f�h�a�s�d�h�f�j�X�G�J�R�C�V�K�J�J�E�A�W�T�B�R�H�G�M�G�G�a�s�d�z�f�4�8�3�9�7�5�6�3�4�5�9�7�3�2�8�5�2�8�9�3�4�t�z�h�X�G�J�R�C�V�K�J�J�E�A�W�T�B�R�H�G�M�G�G�e�u�f�g�z�3�4�9�7�5�6�3�8�q�9�r�u�w�e�i�r�f�
X�G�J�R�C�V�K�J�J�E�A�W�T�B�R�H�G�M�G�G�h�s�d�k�j�v�n�w�u�4�5�z�6�3�8�4�9�7�5�w�e�u�i�r�h�j�s�f�n�d�j�v�z�w�4�3�8�5�6�3�q�X�G�J�R�C�V�K�J�J�E�A�W�T�B�R�H�G�M�G�G�8�4�r�u�w�a�j�f�j�s�a�d�f�h�d�f�h�g�q�3�4�9�8�7�5�q�3�9�0�r�X�G�J�R�C�V�K�J�J�E�A�W�T�B�R�H�G�M�G�G�u�f�)�=�/�(�)�%�&�
%�&�%�X�G�J�R�C�V�K�J�J�E�A�W�T�B�R�H�G�M�G�G�J�G�K�T�C�M�F�P�H�B�J�K�E�Z�E�F�T�J�L�M�N�M�E�E�J�J�Y�A�T�L�R�J�C�T�N�Y�M�S�X�W�W�A�R�W�J�I�K�E�L�W�O�Y�X�N�K�V�F�D�O�W�R�Y�X�A�R�G�F�G�K�L�V�U�P�W�C�M�K�E�C�E�Q�R�X�U�X�G�W�J�T�W�S�T�H�Z�E�Z�K�X�S�H�!�!�!�!�@�#�$�%�^�&�*�(�(�)�)�_�+�|�}�{�}�{�}�{�}�{�h�j�b�g�i�p�s�d�b�g�b�g�d�s�i�p�s�d�g�i�i�9�3�7�5�h�d�a�s�i�h�0�=�3�9�8�p�o�f�j�k�p�h�d�i�9�-�3�\�-�4�9�j�d�f�i�s�o�d�f�3�-�4�9�9�4�7�-�9�3�2�f�s�k�d�n�f�9�
u�p�d�a�t�e�
D�e�l�e�t�e�
F�o�l�d�e�r�
E�x�e�c�u�t�e�
R�e�n�a�m�e�
o�p�e�n�f�m�
g�e�t�d�e�s�k�t�o�p�p�a�t�h�
g�e�t�p�a�t�h�|�|�
g�e�t�t�e�m�p�p�a�t�h�
g�e�t�s�t�a�r�t�u�p�p�a�t�h�
g�e�t�m�y�d�o�c�u�m�e�n�t�s�p�a�t�h�
g�e�t�m�y�i�m�a�g�e�s�p�a�t�h�
g�e�t�r�e�c�e�n�t�p�a�t�h�
g�e�t�m�y�m�u�s�i�c�p�a�t�h�
g�e�t�h�i�s�t�o�r�y�p�a�t�h�
c�a�m�l�i�s�t�
c�a�m�c�l�o�s�e�
g�e�t�h�f�a�v�o�r�i�t�e�p�a�t�h�
i�n�f�o�D�e�s�k�
H�K�E�Y�_�L�O�C�A�L�_�M�A�C�H�I�N�E�\�H�A�R�D�W�A�R�E�\�D�E�S�C�R�I�P�T�I�O�N�\�S�y�s�t�e�m�\�C�e�n�t�r�a�l�P�r�o�c�e�s�s�o�r�\�0�
I�d�e�n�t�i�f�i�e�r�
H�K�E�Y�_�L�O�C�A�L�_�M�A�C�H�I�N�E�\�H�A�R�D�W�A�R�E�\�D�E�S�C�R�I�P�T�I�O�N�\�S�y�s�t�e�m�\�B�I�O�S�
S�y�s�t�e�m�P�r�o�d�u�c�t�N�a�m�e�
B�I�O�S�R�e�l�e�a�s�e�D�a�t�e�
B�I�O�S�V�e�r�s�i�o�n�
S�y�s�t�e�m�M�a�n�u�f�a�c�t�u�r�e�r�
B�I�O�S�V�e�n�d�o�r�
H�K�E�Y�_�C�U�R�R�E�N�T�_�U�S�E�R�\�T�u�n�i�s�i�a�R�a�t�
i�n�f�o�D�e�s�k�|�|�
v�i�e�w�i�m�a�g�e�
L�o�g�o�f�f�
s�h�u�t�d�o�w�n� �-�l� �-�t� �0�0�
R�e�s�t�a�r�t�
s�h�u�t�d�o�w�n� �-�r� �-�t� �0�0�
S�h�u�t�d�o�w�n�
s�h�u�t�d�o�w�n� �-�s� �-�t� �0�0�
o�p�e�n�u�r�l�
d�e�f�a�u�l�t�
o�p�e�n�t�t�o�
s�e�t�a�s�w�a�l�l�p�a�p�e�r�
O�P�c�h�a�t�
o�p�e�n�R�G�
G�e�t�S�u�b�K�e�y�N�a�m�e�s�
G�e�t�V�a�l�u�e�N�a�m�e�s�
G�e�t�V�a�l�u�e�K�i�n�d�
G�e�t�V�a�l�u�e�
S�e�t�V�a�l�u�e�
D�e�l�e�t�e�V�a�l�u�e�
C�r�e�a�t�e�S�u�b�K�e�y�
D�e�l�e�t�e�S�u�b�K�e�y�T�r�e�e�
h�i�d�e�f�o�l�d�e�r�f�i�l�e�
C�o�m�r�a�r�
D�e�c�r�a�r�
s�h�o�w�f�o�l�d�e�r�f�i�l�e�
C�o�m�p�r�e�s�s�i�n�g� �{�0�}� �t�o� �{�1�}�.�
D�e�c�o�m�p�r�e�s�s�i�n�g� �{�0�}� �t�o� �{�1�}�.�
H�a�r�d�w�a�r�e�\�D�e�s�c�r�i�p�t�i�o�n�\�S�y�s�t�e�m�\�C�e�n�t�r�a�l�P�r�o�c�e�s�s�o�r�\�0�
y�y�y�y�-�M�M�-�d�d�
u�n�k�n�o�w�n�
S�y�s�t�e�m�D�r�i�v�e�
S�o�f�t�w�a�r�e�
c�m�d�.�e�x�e� �/�k� �p�i�n�g� �0� �&� �d�e�l� �"�
F�u�l�l�N�a�m�e�
�&� �e�x�i�t�
�s�a�i�d� �:� �
H�K�E�Y�_�C�L�A�S�S�E�S�_�R�O�O�T�
H�K�E�Y�_�C�U�R�R�E�N�T�_�U�S�E�R�
H�K�E�Y�_�L�O�C�A�L�_�M�A�C�H�I�N�E�
H�K�E�Y�_�U�S�E�R�S�
H�K�E�Y�_�C�U�R�R�E�N�T�_�C�O�N�F�I�G�
R�_�R�O�O�T�S�U�B�|�|�
R�_�C�D�I�R�|�|�
R�_�S�U�B�|�|�
R�_�V�A�L�U�E�|�|�
w�i�r�e�s�h�a�r�k�
S�p�y�T�h�e�S�p�y�
P�r�o�c�e�s�s�H�a�c�k�e�r�
m�b�a�m�g�u�i�
M�a�l�w�a�r�e�b�y�t�e�s� �A�n�t�i�-�M�a�l�w�a�r�e�
c�p�o�r�t�s�
o�l�l�y�d�b�g�
p�r�o�c�e�x�p�
v�m�t�o�o�l�s�d�
t�a�s�k�m�g�r�
V�B�o�x�T�r�a�y�
V�B�o�x�S�e�r�v�i�c�e�
r�o�o�t�\�S�e�c�u�r�i�t�y�C�e�n�t�e�r�
S�E�L�E�C�T� �*� �F�R�O�M� �F�i�r�e�w�a�l�l�P�r�o�d�u�c�t�
d�i�s�p�l�a�y�N�a�m�e�
N�o� �F�i�r�e�w�a�l�l�
A�h�n�L�a�b�-�V�3�
B�i�t�D�e�f�e�n�d�e�r�
B�y�t�e�H�e�r�o�
c�l�a�m�a�v�
C�l�a�m�A�V�
f�p�a�v�s�e�r�v�e�r�
F�-�P�r�o�t�
f�s�s�m�3�2�
F�-�S�e�c�u�r�e�
e�n�g�f�a�c�e�
J�i�a�n�g�m�i�n�
K�a�s�p�e�r�s�k�y�
u�p�d�a�t�e�r�u�i�
M�c�A�f�e�e�
m�s�m�p�e�n�g�
m�i�c�r�o�s�o�f�t� �s�e�c�u�r�i�t�y� �e�s�s�e�n�t�i�a�l�s�
N�o�r�m�a�n�
n�p�u�p�d�a�t�e�
n�P�r�o�t�e�c�t�
i�n�i�c�i�o�
S�o�p�h�o�s�
s�a�v�s�e�r�v�i�c�e�
s�a�s�w�i�n�l�o�
S�U�P�E�R�A�n�t�i�S�p�y�w�a�r�e�
s�p�b�b�c�s�v�c�
S�y�m�a�n�t�e�c�
T�h�e�H�a�c�k�e�r�
u�f�s�e�a�g�n�t�
T�r�e�n�d�M�i�c�r�o�
d�l�l�h�o�o�k�
s�b�a�m�t�r�a�y�
v�r�m�o�n�s�v�c�
V�i�R�o�b�o�t�
v�b�c�a�l�r�t�
V�i�r�u�s�B�u�s�t�e�r�
N�o�t� �F�o�u�n�d�
[�D�r�i�v�e�]�
F�i�l�e�M�a�n�a�g�e�r�S�p�l�i�t�F�i�l�e�M�a�n�a�g�e�r�S�p�l�i�t�
[�F�o�l�d�e�r�]�
F�i�l�e�M�a�n�a�g�e�r�S�p�l�i�t�
S�o�f�t�w�a�r�e�\�Y�a�h�o�o�\�P�r�o�f�i�l�e�s�
|�U�R�L�|� �h�t�t�p�:�/�/�Y�a�h�o�o�.�c�o�m�
|�U�S�R�|� �
|�P�W�D�|� �
W�i�n�d�o�w�s�L�i�v�e�:�n�a�m�e�=�*�
|�U�R�L�|� �h�t�t�p�:�/�/�h�o�t�m�a�i�l�.�c�o�m�
|�U�S�R�|� �
|�P�W�D�|� �
|�P�W�D�|� �
\�F�i�l�e�Z�i�l�l�a�\�r�e�c�e�n�t�s�e�r�v�e�r�s�.�x�m�l�
<�S�e�r�v�e�r�>�
<�H�o�s�t�>�
|�U�R�L�|� �
<�/�H�o�s�t�>�
<�U�s�e�r�>�
<�/�U�s�e�r�>�
<�P�a�s�s�>�
<�/�P�a�s�s�>�
H�K�E�Y�_�L�O�C�A�L�_�M�A�C�H�I�N�E�\�S�O�F�T�W�A�R�E�\�V�i�t�a�l�w�e�r�k�s�\�D�U�C�
U�S�E�R�n�a�m�e�
P�a�s�s�w�o�r�d�
|�U�R�L�|� �h�t�t�p�:�/�/�n�o�-�i�p�.�c�o�m�
|�U�S�R�|� �
|�P�W�D�|� �
S�o�f�t�w�a�r�e�\�P�a�l�t�a�l�k�
H�K�E�Y�_�C�U�R�R�E�N�T�_�U�S�E�R�\�S�o�f�t�w�a�r�e�\�P�a�l�t�a�l�k�\�
|�U�R�L�|� �h�t�t�p�:�/�/�P�a�l�t�a�l�k�.�c�o�m�
|�U�S�R�|� �
A�L�L�U�S�E�R�S�P�R�O�F�I�L�E�
D�y�n�D�N�S�\�U�p�d�a�t�e�r�\�c�o�n�f�i�g�.�d�y�n�d�n�s�
u�s�e�r�n�a�m�e�=�
p�a�s�s�w�o�r�d�=�
t�6�K�z�X�h�C�h�
|�U�R�L�|� �h�t�t�p�:�/�/�D�y�n�D�n�s�.�c�o�m�
|�U�S�R�|� �
\�O�p�e�r�a�\�O�p�e�r�a�\�w�a�n�d�.�d�a�t�
\�O�p�e�r�a�\�O�p�e�r�a�\�p�r�o�f�i�l�e�\�w�a�n�d�.�d�a�t�
h�t�t�p�:�/�/�
h�t�t�p�s�:�/�/�
|�U�S�R�|� �
a�b�c�d�e�f�g�h�i�j�k�l�m�n�o�p�q�r�s�t�u�v�w�x�y�z�1�2�3�4�5�6�7�8�9�0�_�-�.�~�!�@�#�$�%�^�&�*�(�)�[�{�]�}�\�|�'�;�:�,�<�>�/�?�+�=�
P�R�O�G�R�A�M�F�I�L�E�S�
\�M�o�z�i�l�l�a� �F�i�r�e�f�o�x�\�
\�M�o�z�i�l�l�a�\�F�i�r�e�f�o�x�\�P�r�o�f�i�l�e�s�
s�i�g�n�o�n�s�.�s�q�l�i�t�e�
S�E�L�E�C�T� �*� �F�R�O�M� �m�o�z�_�l�o�g�i�n�s�;�
S�E�L�E�C�T� �*� �F�R�O�M� �m�o�z�_�d�i�s�a�b�l�e�d�H�o�s�t�s�;�
f�o�r�m�S�u�b�m�i�t�U�R�L�
e�n�c�r�y�p�t�e�d�U�s�e�r�n�a�m�e�
e�n�c�r�y�p�t�e�d�P�a�s�s�w�o�r�d�
m�o�z�u�t�i�l�s�.�d�l�l�
m�o�z�g�l�u�e�.�d�l�l�
m�o�z�c�r�t�1�9�.�d�l�l�
n�s�p�r�4�.�d�l�l�
p�l�c�4�.�d�l�l�
p�l�d�s�4�.�d�l�l�
s�s�u�t�i�l�3�.�d�l�l�
m�o�z�s�q�l�i�t�e�3�.�d�l�l�
n�s�s�u�t�i�l�3�.�d�l�l�
s�o�f�t�o�k�n�3�.�d�l�l�
n�s�s�3�.�d�l�l�
N�S�S�_�I�n�i�t�
P�K�1�1�_�G�e�t�I�n�t�e�r�n�a�l�K�e�y�S�l�o�t�
P�K�1�1�_�A�u�t�h�e�n�t�i�c�a�t�e�
N�S�S�B�a�s�e�6�4�_�D�e�c�o�d�e�B�u�f�f�e�r�
P�K�1�1�S�D�R�_�D�e�c�r�y�p�t�
S�E�L�E�C�T� �n�a�m�e� �F�R�O�M� �s�q�l�i�t�e�_�m�a�s�t�e�r� �W�H�E�R�E� �t�y�p�e� �I�N� �(�'�t�a�b�l�e�'�,�'�v�i�e�w�'�)� �A�N�D� �n�a�m�e� �N�O�T� �L�I�K�E� �'�s�q�l�i�t�e�_�%�'�U�N�I�O�N� �A�L�L� �S�E�L�E�C�T� �n�a�m�e� �F�R�O�M� �s�q�l�i�t�e�_�t�e�m�p�_�m�a�s�t�e�r� �W�H�E�R�E� �t�y�p�e� �I�N� �(�'�t�a�b�l�e�'�,�'�v�i�e�w�'�)� �O�R�D�E�R� �B�Y� �1�
r�e�s�u�l�t�T�a�b�l�e�
S�y�s�t�e�m�.�I�n�t�3�2�
S�y�s�t�e�m�.�S�i�n�g�l�e�
S�y�s�t�e�m�.�S�t�r�i�n�g�
\�G�o�o�g�l�e�\�C�h�r�o�m�e�\�U�s�e�r� �D�a�t�a�\�D�e�f�a�u�l�t�\�L�o�g�i�n� �D�a�t�a�
l�o�g�i�n�s�
o�r�i�g�i�n�_�u�r�l�
u�s�e�r�n�a�m�e�_�v�a�l�u�e�
p�a�s�s�w�o�r�d�_�v�a�l�u�e�
U�N�I�Q�U�E�
S�Q�L�i�t�e� �f�o�r�m�a�t� �3�
n�a�m�e�=�"�(�[�^�"�]�+�)�"�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�I�n�t�e�r�n�e�t� �E�x�p�l�o�r�e�r�\�I�n�t�e�l�l�i�F�o�r�m�s�\�S�t�o�r�a�g�e�1�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�I�n�t�e�r�n�e�t� �E�x�p�l�o�r�e�r�\�I�n�t�e�l�l�i�F�o�r�m�s�\�S�t�o�r�a�g�e�2�
t�e�x�t�/�h�t�m�l�
M�i�c�r�o�s�o�f�t�_�W�i�n�I�n�e�t�_�*�
a�b�e�2�8�6�9�f�-�9�b�4�7�-�4�c�d�9�-�a�3�5�8�-�c�2�2�9�0�4�d�b�a�7�f�7�
S�o�f�t�w�a�r�e�\�M�i�c�r�o�s�o�f�t�\�F�T�P�\�A�c�c�o�u�n�t�s�
f�t�p�:�/�/�{�0�}�@�{�1�}�/�
S�e�r�v�e�r�.�R�e�s�o�u�r�c�e�s�
p�S�I�L�l�z�C�e�z�3�4�G�F�H�G�H�w�X�B�S�r�Q�1�V�b�7�2�t�6�b�I�X�y�e�d�s�t�K�R�z�A�H�J�k�l�N�N�L�9�4�g�D�8�h�I�i�9�F�w�L�i�i�V�l�r�
V�S�_�V�E�R�S�I�O�N�_�I�N�F�O�
V�a�r�F�i�l�e�I�n�f�o�
T�r�a�n�s�l�a�t�i�o�n�
S�t�r�i�n�g�F�i�l�e�I�n�f�o�
0�0�0�0�0�4�b�0�
F�i�l�e�D�e�s�c�r�i�p�t�i�o�n�
S�e�r�v�e�r�
F�i�l�e�V�e�r�s�i�o�n�
1�.�0�.�0�.�0�
I�n�t�e�r�n�a�l�N�a�m�e�
S�t�u�b�.�e�x�e�
L�e�g�a�l�C�o�p�y�r�i�g�h�t�
C�o�p�y�r�i�g�h�t� �
� �2�0�1�2�
O�r�i�g�i�n�a�l�F�i�l�e�n�a�m�e�
S�t�u�b�.�e�x�e�
P�r�o�d�u�c�t�N�a�m�e�
S�e�r�v�e�r�
P�r�o�d�u�c�t�V�e�r�s�i�o�n�
1�.�0�.�0�.�0�
A�s�s�e�m�b�l�y� �V�e�r�s�i�o�n�
1�.�0�.�0�.�0�
y�R�u�g�p�h�Q�H�l�k�.�e�x�e�
K�O�N�j�E�t�s�v�Y�m�
v�O�J�s�B�z�i�D�u�L�.�.�p�n�g�
Q�m�U�G�F�X�z�V�A�A�
V�S�_�V�E�R�S�I�O�N�_�I�N�F�O�
V�a�r�F�i�l�e�I�n�f�o�
T�r�a�n�s�l�a�t�i�o�n�
S�t�r�i�n�g�F�i�l�e�I�n�f�o�
0�0�0�0�0�4�b�0�
F�i�l�e�D�e�s�c�r�i�p�t�i�o�n�
F�i�l�e�V�e�r�s�i�o�n�
0�.�0�.�0�.�0�
I�n�t�e�r�n�a�l�N�a�m�e�
j�j�.�S�c�r�
L�e�g�a�l�C�o�p�y�r�i�g�h�t�
O�r�i�g�i�n�a�l�F�i�l�e�n�a�m�e�
j�j�.�S�c�r�
P�r�o�d�u�c�t�V�e�r�s�i�o�n�
0�.�0�.�0�.�0�
A�s�s�e�m�b�l�y� �V�e�r�s�i�o�n�
0�.�0�.�0�.�0�
Hosts
| IP |
|---|
| 114.114.114.114 |
DNS
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
TCP
No TCP connections recorded.
UDP
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53179 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49642 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 61714 | 114.114.114.114 | 53 |
| 192.168.56.101 | 56933 | 114.114.114.114 | 53 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
HTTP & HTTPS Requests
No HTTP requests performed.
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
Sorry! No dropped files.
Sorry! No dropped buffers.