API tools faq
paste
Advertisement
paladin316

Exes_a627d8d6e3da2421657e0bcc35e7527f_exe_2019-06-24_07_30.json

paladin316
Jun 24th, 2019
1,361
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 74.41 KB | None | 0 0
raw download clone embed print report
  1.  
  2. [*] MalFamily: ""
  3.  
  4. [*] MalScore: 10.0
  5.  
  6. [*] File Name: "Exes_a627d8d6e3da2421657e0bcc35e7527f.exe"
  7. [*] File Size: 561152
  8. [*] File Type: "PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows"
  9. [*] SHA256: "a5aeb90fcd527f8bf9544a9bbeb9cecce804f28cd5b3d36281c258c5b534681d"
  10. [*] MD5: "a627d8d6e3da2421657e0bcc35e7527f"
  11. [*] SHA1: "718ba94cdd34b1ac2f9f9138eaa8b0b7117bd51a"
  12. [*] SHA512: "f82ab554ebb10ee7d9cc1293f93e8648aaf7a059c9110ea8aaaff85c32159c66c0bccc2f75033cce04d97423845239223a01fccbfba0220f9af54306ccfa93a3"
  13. [*] CRC32: "DE2BB65E"
  14. [*] SSDEEP: "6144:To7xXy3JlgwjYxkwMFSizoHkDrnQCrN5WSZbNiUJDQ3lNDqC4R6AI5z:sFeo8+MJbVx5rZcGDolNDqr6Aqz"
  15.  
  16. [*] Process Execution: [
  17. "Exes_a627d8d6e3da2421657e0bcc35e7527f.exe"
  18. ]
  19.  
  20. [*] Signatures Detected: [
  21. {
  22. "Description": "The binary likely contains encrypted or compressed data.",
  23. "Details": [
  24. {
  25. "section": "name: .rsrc, entropy: 7.15, characteristics: IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ, raw_size: 0x00058600, virtual_size: 0x00058440"
  26. }
  27. ]
  28. },
  29. {
  30. "Description": "Anomalous .NET characteristics",
  31. "Details": [
  32. {
  33. "anomalous_version": "Assembly version is set to 0"
  34. }
  35. ]
  36. },
  37. {
  38. "Description": "File has been identified by 28 Antiviruses on VirusTotal as malicious",
  39. "Details": [
  40. {
  41. "Qihoo-360": "Win32/Sorter.AVE.DotNetFile.A"
  42. },
  43. {
  44. "McAfee": "Artemis!A627D8D6E3DA"
  45. },
  46. {
  47. "Alibaba": "Trojan:MSIL/Kryptik.4c9ee46b"
  48. },
  49. {
  50. "ESET-NOD32": "a variant of MSIL/Kryptik.SAE"
  51. },
  52. {
  53. "Avast": "Win32:CrypterX-gen [Trj]"
  54. },
  55. {
  56. "GData": "Win32.Backdoor.Remcos.I1498B"
  57. },
  58. {
  59. "Kaspersky": "HEUR:Trojan.MSIL.Crypt.gen"
  60. },
  61. {
  62. "Paloalto": "generic.ml"
  63. },
  64. {
  65. "AegisLab": "Trojan.Win32.Generic.4!c"
  66. },
  67. {
  68. "Endgame": "malicious (high confidence)"
  69. },
  70. {
  71. "Sophos": "Troj/DownLd-BQ"
  72. },
  73. {
  74. "F-Secure": "Trojan.TR/AD.Remcos.wpzxa"
  75. },
  76. {
  77. "Invincea": "heuristic"
  78. },
  79. {
  80. "McAfee-GW-Edition": "BehavesLike.Win32.Generic.hh"
  81. },
  82. {
  83. "Cyren": "W32/Trojan.WIFA-1401"
  84. },
  85. {
  86. "Webroot": "W32.Trojan.Gen"
  87. },
  88. {
  89. "Avira": "TR/AD.Remcos.wpzxa"
  90. },
  91. {
  92. "ZoneAlarm": "HEUR:Trojan.MSIL.Crypt.gen"
  93. },
  94. {
  95. "Microsoft": "Trojan:Win32/Zpevdo.B"
  96. },
  97. {
  98. "AhnLab-V3": "Trojan/Win32.RL_Kryptik.R276695"
  99. },
  100. {
  101. "Acronis": "suspicious"
  102. },
  103. {
  104. "MAX": "malware (ai score=100)"
  105. },
  106. {
  107. "Malwarebytes": "Trojan.Crypt.XMP"
  108. },
  109. {
  110. "Rising": "Trojan.MSIL/Kryptik!1.B1DC (CLOUD)"
  111. },
  112. {
  113. "Ikarus": "Win32.Outbreak"
  114. },
  115. {
  116. "Fortinet": "MSIL/GenKryptik.DKXI!tr"
  117. },
  118. {
  119. "AVG": "Win32:CrypterX-gen [Trj]"
  120. },
  121. {
  122. "CrowdStrike": "win/malicious_confidence_100% (W)"
  123. }
  124. ]
  125. }
  126. ]
  127.  
  128. [*] Started Service: []
  129.  
  130. [*] Executed Commands: []
  131.  
  132. [*] Mutexes: []
  133.  
  134. [*] Modified Files: []
  135.  
  136. [*] Deleted Files: []
  137.  
  138. [*] Modified Registry Keys: []
  139.  
  140. [*] Deleted Registry Keys: []
  141.  
  142. [*] DNS Communications: []
  143.  
  144. [*] Domains: []
  145.  
  146. [*] Network Communication - ICMP: []
  147.  
  148. [*] Network Communication - HTTP: []
  149.  
  150. [*] Network Communication - SMTP: []
  151.  
  152. [*] Network Communication - Hosts: []
  153.  
  154. [*] Network Communication - IRC: []
  155.  
  156. [*] Static Analysis: {
  157. "dotnet": {
  158. "customattrs": [
  159. {
  160. "type": "TypeDef",
  161. "name": "[mscorlib]System.Reflection.DefaultMemberAttribute",
  162. "value": "It"
  163. },
  164. {
  165. "type": "TypeDef",
  166. "name": "[mscorlib]System.Reflection.DefaultMemberAttribute",
  167. "value": "It"
  168. },
  169. {
  170. "type": "TypeDef",
  171. "name": "[mscorlib]System.Reflection.DefaultMemberAttribute",
  172. "value": "It"
  173. },
  174. {
  175. "type": "TypeDef",
  176. "name": "[mscorlib]System.Diagnostics.DebuggerDisplayAttribute",
  177. "value": "{DebuggerToString("
  178. }
  179. ],
  180. "assemblyinfo": {
  181. "version": "0.0.0.0",
  182. "name": "mjVldNrVlNQdCgXuma"
  183. },
  184. "assemblyrefs": [
  185. {
  186. "version": "4.0.0.0",
  187. "name": "mscorlib"
  188. },
  189. {
  190. "version": "4.0.0.0",
  191. "name": "System"
  192. },
  193. {
  194. "version": "4.0.0.0",
  195. "name": "System.Net.Http"
  196. },
  197. {
  198. "version": "4.0.0.0",
  199. "name": "System.Core"
  200. },
  201. {
  202. "version": "4.0.0.0",
  203. "name": "System.Runtime.Serialization"
  204. },
  205. {
  206. "version": "6.0.0.0",
  207. "name": "Newtonsoft.Json"
  208. },
  209. {
  210. "version": "4.0.0.0",
  211. "name": "System.Xml"
  212. },
  213. {
  214. "version": "4.0.0.0",
  215. "name": "System.Xml.Linq"
  216. }
  217. ],
  218. "typerefs": [
  219. {
  220. "typename": "Newtonsoft.Json.Bson.BsonReader",
  221. "assembly": "Newtonsoft.Json"
  222. },
  223. {
  224. "typename": "Newtonsoft.Json.Bson.BsonWriter",
  225. "assembly": "Newtonsoft.Json"
  226. },
  227. {
  228. "typename": "Newtonsoft.Json.DefaultValueHandling",
  229. "assembly": "Newtonsoft.Json"
  230. },
  231. {
  232. "typename": "Newtonsoft.Json.Formatting",
  233. "assembly": "Newtonsoft.Json"
  234. },
  235. {
  236. "typename": "Newtonsoft.Json.JsonReader",
  237. "assembly": "Newtonsoft.Json"
  238. },
  239. {
  240. "typename": "Newtonsoft.Json.JsonSerializer",
  241. "assembly": "Newtonsoft.Json"
  242. },
  243. {
  244. "typename": "Newtonsoft.Json.JsonSerializerSettings",
  245. "assembly": "Newtonsoft.Json"
  246. },
  247. {
  248. "typename": "Newtonsoft.Json.JsonTextReader",
  249. "assembly": "Newtonsoft.Json"
  250. },
  251. {
  252. "typename": "Newtonsoft.Json.JsonTextWriter",
  253. "assembly": "Newtonsoft.Json"
  254. },
  255. {
  256. "typename": "Newtonsoft.Json.JsonWriter",
  257. "assembly": "Newtonsoft.Json"
  258. },
  259. {
  260. "typename": "Newtonsoft.Json.Linq.JArray",
  261. "assembly": "Newtonsoft.Json"
  262. },
  263. {
  264. "typename": "Newtonsoft.Json.Linq.JContainer",
  265. "assembly": "Newtonsoft.Json"
  266. },
  267. {
  268. "typename": "Newtonsoft.Json.Linq.JObject",
  269. "assembly": "Newtonsoft.Json"
  270. },
  271. {
  272. "typename": "Newtonsoft.Json.Linq.JToken",
  273. "assembly": "Newtonsoft.Json"
  274. },
  275. {
  276. "typename": "Newtonsoft.Json.Linq.JTokenReader",
  277. "assembly": "Newtonsoft.Json"
  278. },
  279. {
  280. "typename": "Newtonsoft.Json.Linq.JTokenType",
  281. "assembly": "Newtonsoft.Json"
  282. },
  283. {
  284. "typename": "Newtonsoft.Json.Linq.JValue",
  285. "assembly": "Newtonsoft.Json"
  286. },
  287. {
  288. "typename": "Newtonsoft.Json.MemberSerialization",
  289. "assembly": "Newtonsoft.Json"
  290. },
  291. {
  292. "typename": "Newtonsoft.Json.MissingMemberHandling",
  293. "assembly": "Newtonsoft.Json"
  294. },
  295. {
  296. "typename": "Newtonsoft.Json.NullValueHandling",
  297. "assembly": "Newtonsoft.Json"
  298. },
  299. {
  300. "typename": "Newtonsoft.Json.Required",
  301. "assembly": "Newtonsoft.Json"
  302. },
  303. {
  304. "typename": "Newtonsoft.Json.Serialization.DefaultContractResolver",
  305. "assembly": "Newtonsoft.Json"
  306. },
  307. {
  308. "typename": "Newtonsoft.Json.Serialization.ErrorContext",
  309. "assembly": "Newtonsoft.Json"
  310. },
  311. {
  312. "typename": "Newtonsoft.Json.Serialization.ErrorEventArgs",
  313. "assembly": "Newtonsoft.Json"
  314. },
  315. {
  316. "typename": "Newtonsoft.Json.Serialization.IContractResolver",
  317. "assembly": "Newtonsoft.Json"
  318. },
  319. {
  320. "typename": "Newtonsoft.Json.Serialization.JsonProperty",
  321. "assembly": "Newtonsoft.Json"
  322. },
  323. {
  324. "typename": "Newtonsoft.Json.TypeNameHandling",
  325. "assembly": "Newtonsoft.Json"
  326. },
  327. {
  328. "typename": "System.CodeDom.Compiler.GeneratedCodeAttribute",
  329. "assembly": "System"
  330. },
  331. {
  332. "typename": "System.Collections.Specialized.NameObjectCollectionBase",
  333. "assembly": "System"
  334. },
  335. {
  336. "typename": "System.Collections.Specialized.NameValueCollection",
  337. "assembly": "System"
  338. },
  339. {
  340. "typename": "System.ComponentModel.DefaultValueAttribute",
  341. "assembly": "System"
  342. },
  343. {
  344. "typename": "System.ComponentModel.EditorBrowsableAttribute",
  345. "assembly": "System"
  346. },
  347. {
  348. "typename": "System.ComponentModel.EditorBrowsableState",
  349. "assembly": "System"
  350. },
  351. {
  352. "typename": "System.ComponentModel.InvalidEnumArgumentException",
  353. "assembly": "System"
  354. },
  355. {
  356. "typename": "System.ComponentModel.ProgressChangedEventArgs",
  357. "assembly": "System"
  358. },
  359. {
  360. "typename": "System.ComponentModel.TypeConverter",
  361. "assembly": "System"
  362. },
  363. {
  364. "typename": "System.ComponentModel.TypeDescriptor",
  365. "assembly": "System"
  366. },
  367. {
  368. "typename": "System.Net.Cookie",
  369. "assembly": "System"
  370. },
  371. {
  372. "typename": "System.Net.HttpStatusCode",
  373. "assembly": "System"
  374. },
  375. {
  376. "typename": "System.Net.TransportContext",
  377. "assembly": "System"
  378. },
  379. {
  380. "typename": "System.Uri",
  381. "assembly": "System"
  382. },
  383. {
  384. "typename": "System.Collections.Generic.HashSet`1",
  385. "assembly": "System.Core"
  386. },
  387. {
  388. "typename": "System.Linq.Enumerable",
  389. "assembly": "System.Core"
  390. },
  391. {
  392. "typename": "System.Linq.IOrderedEnumerable`1",
  393. "assembly": "System.Core"
  394. },
  395. {
  396. "typename": "System.Linq.IQueryable`1",
  397. "assembly": "System.Core"
  398. },
  399. {
  400. "typename": "System.Net.Http.DelegatingHandler",
  401. "assembly": "System.Net.Http"
  402. },
  403. {
  404. "typename": "System.Net.Http.Headers.ContentDispositionHeaderValue",
  405. "assembly": "System.Net.Http"
  406. },
  407. {
  408. "typename": "System.Net.Http.Headers.ContentRangeHeaderValue",
  409. "assembly": "System.Net.Http"
  410. },
  411. {
  412. "typename": "System.Net.Http.Headers.HttpContentHeaders",
  413. "assembly": "System.Net.Http"
  414. },
  415. {
  416. "typename": "System.Net.Http.Headers.HttpHeaderValueCollection`1",
  417. "assembly": "System.Net.Http"
  418. },
  419. {
  420. "typename": "System.Net.Http.Headers.HttpHeaders",
  421. "assembly": "System.Net.Http"
  422. },
  423. {
  424. "typename": "System.Net.Http.Headers.HttpRequestHeaders",
  425. "assembly": "System.Net.Http"
  426. },
  427. {
  428. "typename": "System.Net.Http.Headers.HttpResponseHeaders",
  429. "assembly": "System.Net.Http"
  430. },
  431. {
  432. "typename": "System.Net.Http.Headers.MediaTypeHeaderValue",
  433. "assembly": "System.Net.Http"
  434. },
  435. {
  436. "typename": "System.Net.Http.Headers.MediaTypeWithQualityHeaderValue",
  437. "assembly": "System.Net.Http"
  438. },
  439. {
  440. "typename": "System.Net.Http.Headers.NameValueHeaderValue",
  441. "assembly": "System.Net.Http"
  442. },
  443. {
  444. "typename": "System.Net.Http.Headers.RangeHeaderValue",
  445. "assembly": "System.Net.Http"
  446. },
  447. {
  448. "typename": "System.Net.Http.Headers.RangeItemHeaderValue",
  449. "assembly": "System.Net.Http"
  450. },
  451. {
  452. "typename": "System.Net.Http.Headers.StringWithQualityHeaderValue",
  453. "assembly": "System.Net.Http"
  454. },
  455. {
  456. "typename": "System.Net.Http.HttpClient",
  457. "assembly": "System.Net.Http"
  458. },
  459. {
  460. "typename": "System.Net.Http.HttpClientHandler",
  461. "assembly": "System.Net.Http"
  462. },
  463. {
  464. "typename": "System.Net.Http.HttpContent",
  465. "assembly": "System.Net.Http"
  466. },
  467. {
  468. "typename": "System.Net.Http.HttpMessageHandler",
  469. "assembly": "System.Net.Http"
  470. },
  471. {
  472. "typename": "System.Net.Http.HttpMethod",
  473. "assembly": "System.Net.Http"
  474. },
  475. {
  476. "typename": "System.Net.Http.HttpRequestMessage",
  477. "assembly": "System.Net.Http"
  478. },
  479. {
  480. "typename": "System.Net.Http.HttpResponseMessage",
  481. "assembly": "System.Net.Http"
  482. },
  483. {
  484. "typename": "System.Net.Http.MultipartContent",
  485. "assembly": "System.Net.Http"
  486. },
  487. {
  488. "typename": "System.Net.Http.StreamContent",
  489. "assembly": "System.Net.Http"
  490. },
  491. {
  492. "typename": "System.Net.Http.StringContent",
  493. "assembly": "System.Net.Http"
  494. },
  495. {
  496. "typename": "System.Runtime.Serialization.DataContractSerializer",
  497. "assembly": "System.Runtime.Serialization"
  498. },
  499. {
  500. "typename": "System.Runtime.Serialization.Json.DataContractJsonSerializer",
  501. "assembly": "System.Runtime.Serialization"
  502. },
  503. {
  504. "typename": "System.Runtime.Serialization.Json.JsonReaderWriterFactory",
  505. "assembly": "System.Runtime.Serialization"
  506. },
  507. {
  508. "typename": "System.Runtime.Serialization.XmlObjectSerializer",
  509. "assembly": "System.Runtime.Serialization"
  510. },
  511. {
  512. "typename": "System.Runtime.Serialization.XsdDataContractExporter",
  513. "assembly": "System.Runtime.Serialization"
  514. },
  515. {
  516. "typename": "System.Xml.OnXmlDictionaryReaderClose",
  517. "assembly": "System.Runtime.Serialization"
  518. },
  519. {
  520. "typename": "System.Xml.XmlDictionaryReader",
  521. "assembly": "System.Runtime.Serialization"
  522. },
  523. {
  524. "typename": "System.Xml.XmlDictionaryReaderQuotas",
  525. "assembly": "System.Runtime.Serialization"
  526. },
  527. {
  528. "typename": "System.Xml.XmlDictionaryWriter",
  529. "assembly": "System.Runtime.Serialization"
  530. },
  531. {
  532. "typename": "System.Xml.Serialization.XmlSerializer",
  533. "assembly": "System.Xml"
  534. },
  535. {
  536. "typename": "System.Xml.XmlNode",
  537. "assembly": "System.Xml"
  538. },
  539. {
  540. "typename": "System.Xml.XmlQualifiedName",
  541. "assembly": "System.Xml"
  542. },
  543. {
  544. "typename": "System.Xml.XmlReader",
  545. "assembly": "System.Xml"
  546. },
  547. {
  548. "typename": "System.Xml.XmlWriter",
  549. "assembly": "System.Xml"
  550. },
  551. {
  552. "typename": "System.Xml.XmlWriterSettings",
  553. "assembly": "System.Xml"
  554. },
  555. {
  556. "typename": "System.Xml.Linq.XObject",
  557. "assembly": "System.Xml.Linq"
  558. },
  559. {
  560. "typename": "System.Action`1",
  561. "assembly": "mscorlib"
  562. },
  563. {
  564. "typename": "System.Action`3",
  565. "assembly": "mscorlib"
  566. },
  567. {
  568. "typename": "System.Activator",
  569. "assembly": "mscorlib"
  570. },
  571. {
  572. "typename": "System.ArgumentException",
  573. "assembly": "mscorlib"
  574. },
  575. {
  576. "typename": "System.ArgumentNullException",
  577. "assembly": "mscorlib"
  578. },
  579. {
  580. "typename": "System.ArgumentOutOfRangeException",
  581. "assembly": "mscorlib"
  582. },
  583. {
  584. "typename": "System.Array",
  585. "assembly": "mscorlib"
  586. },
  587. {
  588. "typename": "System.ArraySegment`1",
  589. "assembly": "mscorlib"
  590. },
  591. {
  592. "typename": "System.AsyncCallback",
  593. "assembly": "mscorlib"
  594. },
  595. {
  596. "typename": "System.Buffer",
  597. "assembly": "mscorlib"
  598. },
  599. {
  600. "typename": "System.Byte",
  601. "assembly": "mscorlib"
  602. },
  603. {
  604. "typename": "System.Char",
  605. "assembly": "mscorlib"
  606. },
  607. {
  608. "typename": "System.Collections.Concurrent.ConcurrentDictionary`2",
  609. "assembly": "mscorlib"
  610. },
  611. {
  612. "typename": "System.Collections.DictionaryEntry",
  613. "assembly": "mscorlib"
  614. },
  615. {
  616. "typename": "System.Collections.Generic.Dictionary`2",
  617. "assembly": "mscorlib"
  618. },
  619. {
  620. "typename": "System.Collections.Generic.ICollection`1",
  621. "assembly": "mscorlib"
  622. },
  623. {
  624. "typename": "System.Collections.Generic.IComparer`1",
  625. "assembly": "mscorlib"
  626. },
  627. {
  628. "typename": "System.Collections.Generic.IDictionary`2",
  629. "assembly": "mscorlib"
  630. },
  631. {
  632. "typename": "System.Collections.Generic.IEnumerable`1",
  633. "assembly": "mscorlib"
  634. },
  635. {
  636. "typename": "System.Collections.Generic.IEnumerator`1",
  637. "assembly": "mscorlib"
  638. },
  639. {
  640. "typename": "System.Collections.Generic.IEqualityComparer`1",
  641. "assembly": "mscorlib"
  642. },
  643. {
  644. "typename": "System.Collections.Generic.IList`1",
  645. "assembly": "mscorlib"
  646. },
  647. {
  648. "typename": "System.Collections.Generic.KeyNotFoundException",
  649. "assembly": "mscorlib"
  650. },
  651. {
  652. "typename": "System.Collections.Generic.KeyValuePair`2",
  653. "assembly": "mscorlib"
  654. },
  655. {
  656. "typename": "System.Collections.Generic.List`1",
  657. "assembly": "mscorlib"
  658. },
  659. {
  660. "typename": "System.Collections.Generic.List`1/Enumerator",
  661. "assembly": "mscorlib"
  662. },
  663. {
  664. "typename": "System.Collections.ICollection",
  665. "assembly": "mscorlib"
  666. },
  667. {
  668. "typename": "System.Collections.IDictionary",
  669. "assembly": "mscorlib"
  670. },
  671. {
  672. "typename": "System.Collections.IDictionaryEnumerator",
  673. "assembly": "mscorlib"
  674. },
  675. {
  676. "typename": "System.Collections.IEnumerable",
  677. "assembly": "mscorlib"
  678. },
  679. {
  680. "typename": "System.Collections.IEnumerator",
  681. "assembly": "mscorlib"
  682. },
  683. {
  684. "typename": "System.Collections.IEqualityComparer",
  685. "assembly": "mscorlib"
  686. },
  687. {
  688. "typename": "System.Collections.ObjectModel.Collection`1",
  689. "assembly": "mscorlib"
  690. },
  691. {
  692. "typename": "System.Comparison`1",
  693. "assembly": "mscorlib"
  694. },
  695. {
  696. "typename": "System.Convert",
  697. "assembly": "mscorlib"
  698. },
  699. {
  700. "typename": "System.DBNull",
  701. "assembly": "mscorlib"
  702. },
  703. {
  704. "typename": "System.DateTimeOffset",
  705. "assembly": "mscorlib"
  706. },
  707. {
  708. "typename": "System.Delegate",
  709. "assembly": "mscorlib"
  710. },
  711. {
  712. "typename": "System.Diagnostics.DebuggableAttribute",
  713. "assembly": "mscorlib"
  714. },
  715. {
  716. "typename": "System.Diagnostics.DebuggableAttribute/DebuggingModes",
  717. "assembly": "mscorlib"
  718. },
  719. {
  720. "typename": "System.Diagnostics.DebuggerDisplayAttribute",
  721. "assembly": "mscorlib"
  722. },
  723. {
  724. "typename": "System.Diagnostics.DebuggerHiddenAttribute",
  725. "assembly": "mscorlib"
  726. },
  727. {
  728. "typename": "System.Diagnostics.DebuggerNonUserCodeAttribute",
  729. "assembly": "mscorlib"
  730. },
  731. {
  732. "typename": "System.Enum",
  733. "assembly": "mscorlib"
  734. },
  735. {
  736. "typename": "System.Environment",
  737. "assembly": "mscorlib"
  738. },
  739. {
  740. "typename": "System.EventArgs",
  741. "assembly": "mscorlib"
  742. },
  743. {
  744. "typename": "System.EventHandler",
  745. "assembly": "mscorlib"
  746. },
  747. {
  748. "typename": "System.EventHandler`1",
  749. "assembly": "mscorlib"
  750. },
  751. {
  752. "typename": "System.Exception",
  753. "assembly": "mscorlib"
  754. },
  755. {
  756. "typename": "System.FormatException",
  757. "assembly": "mscorlib"
  758. },
  759. {
  760. "typename": "System.Func`1",
  761. "assembly": "mscorlib"
  762. },
  763. {
  764. "typename": "System.Func`2",
  765. "assembly": "mscorlib"
  766. },
  767. {
  768. "typename": "System.Func`3",
  769. "assembly": "mscorlib"
  770. },
  771. {
  772. "typename": "System.Func`4",
  773. "assembly": "mscorlib"
  774. },
  775. {
  776. "typename": "System.GC",
  777. "assembly": "mscorlib"
  778. },
  779. {
  780. "typename": "System.Globalization.CultureInfo",
  781. "assembly": "mscorlib"
  782. },
  783. {
  784. "typename": "System.Globalization.DateTimeFormatInfo",
  785. "assembly": "mscorlib"
  786. },
  787. {
  788. "typename": "System.Globalization.DateTimeStyles",
  789. "assembly": "mscorlib"
  790. },
  791. {
  792. "typename": "System.Globalization.NumberFormatInfo",
  793. "assembly": "mscorlib"
  794. },
  795. {
  796. "typename": "System.Globalization.NumberStyles",
  797. "assembly": "mscorlib"
  798. },
  799. {
  800. "typename": "System.Guid",
  801. "assembly": "mscorlib"
  802. },
  803. {
  804. "typename": "System.IAsyncResult",
  805. "assembly": "mscorlib"
  806. },
  807. {
  808. "typename": "System.ICloneable",
  809. "assembly": "mscorlib"
  810. },
  811. {
  812. "typename": "System.IDisposable",
  813. "assembly": "mscorlib"
  814. },
  815. {
  816. "typename": "System.IFormatProvider",
  817. "assembly": "mscorlib"
  818. },
  819. {
  820. "typename": "System.IO.BinaryReader",
  821. "assembly": "mscorlib"
  822. },
  823. {
  824. "typename": "System.IO.BinaryWriter",
  825. "assembly": "mscorlib"
  826. },
  827. {
  828. "typename": "System.IO.BufferedStream",
  829. "assembly": "mscorlib"
  830. },
  831. {
  832. "typename": "System.IO.File",
  833. "assembly": "mscorlib"
  834. },
  835. {
  836. "typename": "System.IO.FileOptions",
  837. "assembly": "mscorlib"
  838. },
  839. {
  840. "typename": "System.IO.FileStream",
  841. "assembly": "mscorlib"
  842. },
  843. {
  844. "typename": "System.IO.IOException",
  845. "assembly": "mscorlib"
  846. },
  847. {
  848. "typename": "System.IO.MemoryStream",
  849. "assembly": "mscorlib"
  850. },
  851. {
  852. "typename": "System.IO.Path",
  853. "assembly": "mscorlib"
  854. },
  855. {
  856. "typename": "System.IO.SeekOrigin",
  857. "assembly": "mscorlib"
  858. },
  859. {
  860. "typename": "System.IO.Stream",
  861. "assembly": "mscorlib"
  862. },
  863. {
  864. "typename": "System.IO.StreamReader",
  865. "assembly": "mscorlib"
  866. },
  867. {
  868. "typename": "System.IO.StreamWriter",
  869. "assembly": "mscorlib"
  870. },
  871. {
  872. "typename": "System.IO.TextReader",
  873. "assembly": "mscorlib"
  874. },
  875. {
  876. "typename": "System.IO.TextWriter",
  877. "assembly": "mscorlib"
  878. },
  879. {
  880. "typename": "System.Int32",
  881. "assembly": "mscorlib"
  882. },
  883. {
  884. "typename": "System.Int64",
  885. "assembly": "mscorlib"
  886. },
  887. {
  888. "typename": "System.InvalidOperationException",
  889. "assembly": "mscorlib"
  890. },
  891. {
  892. "typename": "System.Lazy`1",
  893. "assembly": "mscorlib"
  894. },
  895. {
  896. "typename": "System.Math",
  897. "assembly": "mscorlib"
  898. },
  899. {
  900. "typename": "System.NotImplementedException",
  901. "assembly": "mscorlib"
  902. },
  903. {
  904. "typename": "System.NotSupportedException",
  905. "assembly": "mscorlib"
  906. },
  907. {
  908. "typename": "System.Nullable`1",
  909. "assembly": "mscorlib"
  910. },
  911. {
  912. "typename": "System.Object",
  913. "assembly": "mscorlib"
  914. },
  915. {
  916. "typename": "System.ObjectDisposedException",
  917. "assembly": "mscorlib"
  918. },
  919. {
  920. "typename": "System.OperationCanceledException",
  921. "assembly": "mscorlib"
  922. },
  923. {
  924. "typename": "System.ParamArrayAttribute",
  925. "assembly": "mscorlib"
  926. },
  927. {
  928. "typename": "System.Reflection.Assembly",
  929. "assembly": "mscorlib"
  930. },
  931. {
  932. "typename": "System.Reflection.ConstructorInfo",
  933. "assembly": "mscorlib"
  934. },
  935. {
  936. "typename": "System.Reflection.DefaultMemberAttribute",
  937. "assembly": "mscorlib"
  938. },
  939. {
  940. "typename": "System.Reflection.MemberInfo",
  941. "assembly": "mscorlib"
  942. },
  943. {
  944. "typename": "System.Reflection.MethodBase",
  945. "assembly": "mscorlib"
  946. },
  947. {
  948. "typename": "System.Reflection.MethodInfo",
  949. "assembly": "mscorlib"
  950. },
  951. {
  952. "typename": "System.Resources.ResourceManager",
  953. "assembly": "mscorlib"
  954. },
  955. {
  956. "typename": "System.Runtime.CompilerServices.AsyncStateMachineAttribute",
  957. "assembly": "mscorlib"
  958. },
  959. {
  960. "typename": "System.Runtime.CompilerServices.AsyncTaskMethodBuilder",
  961. "assembly": "mscorlib"
  962. },
  963. {
  964. "typename": "System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1",
  965. "assembly": "mscorlib"
  966. },
  967. {
  968. "typename": "System.Runtime.CompilerServices.CompilationRelaxationsAttribute",
  969. "assembly": "mscorlib"
  970. },
  971. {
  972. "typename": "System.Runtime.CompilerServices.CompilerGeneratedAttribute",
  973. "assembly": "mscorlib"
  974. },
  975. {
  976. "typename": "System.Runtime.CompilerServices.ExtensionAttribute",
  977. "assembly": "mscorlib"
  978. },
  979. {
  980. "typename": "System.Runtime.CompilerServices.IAsyncStateMachine",
  981. "assembly": "mscorlib"
  982. },
  983. {
  984. "typename": "System.Runtime.CompilerServices.IteratorStateMachineAttribute",
  985. "assembly": "mscorlib"
  986. },
  987. {
  988. "typename": "System.Runtime.CompilerServices.RuntimeCompatibilityAttribute",
  989. "assembly": "mscorlib"
  990. },
  991. {
  992. "typename": "System.Runtime.CompilerServices.TaskAwaiter",
  993. "assembly": "mscorlib"
  994. },
  995. {
  996. "typename": "System.Runtime.CompilerServices.TaskAwaiter`1",
  997. "assembly": "mscorlib"
  998. },
  999. {
  1000. "typename": "System.Runtime.Serialization.SerializationInfo",
  1001. "assembly": "mscorlib"
  1002. },
  1003. {
  1004. "typename": "System.Runtime.Serialization.StreamingContext",
  1005. "assembly": "mscorlib"
  1006. },
  1007. {
  1008. "typename": "System.RuntimeTypeHandle",
  1009. "assembly": "mscorlib"
  1010. },
  1011. {
  1012. "typename": "System.String",
  1013. "assembly": "mscorlib"
  1014. },
  1015. {
  1016. "typename": "System.StringComparer",
  1017. "assembly": "mscorlib"
  1018. },
  1019. {
  1020. "typename": "System.StringComparison",
  1021. "assembly": "mscorlib"
  1022. },
  1023. {
  1024. "typename": "System.Text.Encoding",
  1025. "assembly": "mscorlib"
  1026. },
  1027. {
  1028. "typename": "System.Text.StringBuilder",
  1029. "assembly": "mscorlib"
  1030. },
  1031. {
  1032. "typename": "System.Text.UTF8Encoding",
  1033. "assembly": "mscorlib"
  1034. },
  1035. {
  1036. "typename": "System.Text.UnicodeEncoding",
  1037. "assembly": "mscorlib"
  1038. },
  1039. {
  1040. "typename": "System.Threading.CancellationToken",
  1041. "assembly": "mscorlib"
  1042. },
  1043. {
  1044. "typename": "System.Threading.Interlocked",
  1045. "assembly": "mscorlib"
  1046. },
  1047. {
  1048. "typename": "System.Threading.Tasks.Task",
  1049. "assembly": "mscorlib"
  1050. },
  1051. {
  1052. "typename": "System.Threading.Tasks.TaskCompletionSource`1",
  1053. "assembly": "mscorlib"
  1054. },
  1055. {
  1056. "typename": "System.Threading.Tasks.TaskStatus",
  1057. "assembly": "mscorlib"
  1058. },
  1059. {
  1060. "typename": "System.Threading.Tasks.Task`1",
  1061. "assembly": "mscorlib"
  1062. },
  1063. {
  1064. "typename": "System.Threading.WaitHandle",
  1065. "assembly": "mscorlib"
  1066. },
  1067. {
  1068. "typename": "System.TimeSpan",
  1069. "assembly": "mscorlib"
  1070. },
  1071. {
  1072. "typename": "System.Type",
  1073. "assembly": "mscorlib"
  1074. },
  1075. {
  1076. "typename": "System.ValueType",
  1077. "assembly": "mscorlib"
  1078. },
  1079. {
  1080. "typename": "System.Version",
  1081. "assembly": "mscorlib"
  1082. }
  1083. ]
  1084. },
  1085. "pe": {
  1086. "peid_signatures": null,
  1087. "imports": [
  1088. {
  1089. "imports": [
  1090. {
  1091. "name": "_CorExeMain",
  1092. "address": "0x402000"
  1093. }
  1094. ],
  1095. "dll": "mscoree.dll"
  1096. }
  1097. ],
  1098. "digital_signers": null,
  1099. "exported_dll_name": null,
  1100. "actual_checksum": "0x0008f37b",
  1101. "overlay": null,
  1102. "imagebase": "0x00400000",
  1103. "reported_checksum": "0x0008f37b",
  1104. "icon_hash": null,
  1105. "entrypoint": "0x0043241e",
  1106. "timestamp": "2019-05-15 12:33:59",
  1107. "osversion": "4.0",
  1108. "sections": [
  1109. {
  1110. "name": ".text",
  1111. "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
  1112. "virtual_address": "0x00002000",
  1113. "size_of_data": "0x00030600",
  1114. "entropy": "6.05",
  1115. "raw_address": "0x00000200",
  1116. "virtual_size": "0x00030424",
  1117. "characteristics_raw": "0x60000020"
  1118. },
  1119. {
  1120. "name": ".rsrc",
  1121. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
  1122. "virtual_address": "0x00034000",
  1123. "size_of_data": "0x00058600",
  1124. "entropy": "7.15",
  1125. "raw_address": "0x00030800",
  1126. "virtual_size": "0x00058440",
  1127. "characteristics_raw": "0x40000040"
  1128. },
  1129. {
  1130. "name": ".reloc",
  1131. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ",
  1132. "virtual_address": "0x0008e000",
  1133. "size_of_data": "0x00000200",
  1134. "entropy": "0.10",
  1135. "raw_address": "0x00088e00",
  1136. "virtual_size": "0x0000000c",
  1137. "characteristics_raw": "0x42000040"
  1138. }
  1139. ],
  1140. "resources": [],
  1141. "dirents": [
  1142. {
  1143. "virtual_address": "0x00000000",
  1144. "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
  1145. "size": "0x00000000"
  1146. },
  1147. {
  1148. "virtual_address": "0x000323c8",
  1149. "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
  1150. "size": "0x00000053"
  1151. },
  1152. {
  1153. "virtual_address": "0x00034000",
  1154. "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
  1155. "size": "0x00058440"
  1156. },
  1157. {
  1158. "virtual_address": "0x00000000",
  1159. "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
  1160. "size": "0x00000000"
  1161. },
  1162. {
  1163. "virtual_address": "0x00000000",
  1164. "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
  1165. "size": "0x00000000"
  1166. },
  1167. {
  1168. "virtual_address": "0x0008e000",
  1169. "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
  1170. "size": "0x0000000c"
  1171. },
  1172. {
  1173. "virtual_address": "0x0003233c",
  1174. "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
  1175. "size": "0x0000001c"
  1176. },
  1177. {
  1178. "virtual_address": "0x00000000",
  1179. "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
  1180. "size": "0x00000000"
  1181. },
  1182. {
  1183. "virtual_address": "0x00000000",
  1184. "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
  1185. "size": "0x00000000"
  1186. },
  1187. {
  1188. "virtual_address": "0x00000000",
  1189. "name": "IMAGE_DIRECTORY_ENTRY_TLS",
  1190. "size": "0x00000000"
  1191. },
  1192. {
  1193. "virtual_address": "0x00000000",
  1194. "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
  1195. "size": "0x00000000"
  1196. },
  1197. {
  1198. "virtual_address": "0x00000000",
  1199. "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
  1200. "size": "0x00000000"
  1201. },
  1202. {
  1203. "virtual_address": "0x00002000",
  1204. "name": "IMAGE_DIRECTORY_ENTRY_IAT",
  1205. "size": "0x00000008"
  1206. },
  1207. {
  1208. "virtual_address": "0x00000000",
  1209. "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
  1210. "size": "0x00000000"
  1211. },
  1212. {
  1213. "virtual_address": "0x00002008",
  1214. "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
  1215. "size": "0x00000048"
  1216. },
  1217. {
  1218. "virtual_address": "0x00000000",
  1219. "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
  1220. "size": "0x00000000"
  1221. }
  1222. ],
  1223. "exports": [],
  1224. "guest_signers": {},
  1225. "imphash": "f34d5f2d4577ed6d9ceec516c1f5a744",
  1226. "icon_fuzzy": null,
  1227. "icon": null,
  1228. "pdbpath": "C:\\xampp\\htdocs\\Aspire\\files\\darklorddyagi07_mjVldNrVlNQdCgXu\\mjVldNrVlNQdCgXuma.pdb",
  1229. "imported_dll_count": 1,
  1230. "versioninfo": []
  1231. }
  1232. }
  1233.  
  1234. [*] Resolved APIs: [
  1235. "advapi32.dll.RegOpenKeyExW",
  1236. "advapi32.dll.RegQueryInfoKeyW",
  1237. "advapi32.dll.RegEnumKeyExW",
  1238. "advapi32.dll.RegEnumValueW",
  1239. "advapi32.dll.RegCloseKey",
  1240. "advapi32.dll.RegQueryValueExW",
  1241. "kernel32.dll.QueryActCtxW",
  1242. "shlwapi.dll.UrlIsW"
  1243. ]
  1244.  
  1245. [*] Static Analysis: {
  1246. "dotnet": {
  1247. "customattrs": [
  1248. {
  1249. "type": "TypeDef",
  1250. "name": "[mscorlib]System.Reflection.DefaultMemberAttribute",
  1251. "value": "It"
  1252. },
  1253. {
  1254. "type": "TypeDef",
  1255. "name": "[mscorlib]System.Reflection.DefaultMemberAttribute",
  1256. "value": "It"
  1257. },
  1258. {
  1259. "type": "TypeDef",
  1260. "name": "[mscorlib]System.Reflection.DefaultMemberAttribute",
  1261. "value": "It"
  1262. },
  1263. {
  1264. "type": "TypeDef",
  1265. "name": "[mscorlib]System.Diagnostics.DebuggerDisplayAttribute",
  1266. "value": "{DebuggerToString("
  1267. }
  1268. ],
  1269. "assemblyinfo": {
  1270. "version": "0.0.0.0",
  1271. "name": "mjVldNrVlNQdCgXuma"
  1272. },
  1273. "assemblyrefs": [
  1274. {
  1275. "version": "4.0.0.0",
  1276. "name": "mscorlib"
  1277. },
  1278. {
  1279. "version": "4.0.0.0",
  1280. "name": "System"
  1281. },
  1282. {
  1283. "version": "4.0.0.0",
  1284. "name": "System.Net.Http"
  1285. },
  1286. {
  1287. "version": "4.0.0.0",
  1288. "name": "System.Core"
  1289. },
  1290. {
  1291. "version": "4.0.0.0",
  1292. "name": "System.Runtime.Serialization"
  1293. },
  1294. {
  1295. "version": "6.0.0.0",
  1296. "name": "Newtonsoft.Json"
  1297. },
  1298. {
  1299. "version": "4.0.0.0",
  1300. "name": "System.Xml"
  1301. },
  1302. {
  1303. "version": "4.0.0.0",
  1304. "name": "System.Xml.Linq"
  1305. }
  1306. ],
  1307. "typerefs": [
  1308. {
  1309. "typename": "Newtonsoft.Json.Bson.BsonReader",
  1310. "assembly": "Newtonsoft.Json"
  1311. },
  1312. {
  1313. "typename": "Newtonsoft.Json.Bson.BsonWriter",
  1314. "assembly": "Newtonsoft.Json"
  1315. },
  1316. {
  1317. "typename": "Newtonsoft.Json.DefaultValueHandling",
  1318. "assembly": "Newtonsoft.Json"
  1319. },
  1320. {
  1321. "typename": "Newtonsoft.Json.Formatting",
  1322. "assembly": "Newtonsoft.Json"
  1323. },
  1324. {
  1325. "typename": "Newtonsoft.Json.JsonReader",
  1326. "assembly": "Newtonsoft.Json"
  1327. },
  1328. {
  1329. "typename": "Newtonsoft.Json.JsonSerializer",
  1330. "assembly": "Newtonsoft.Json"
  1331. },
  1332. {
  1333. "typename": "Newtonsoft.Json.JsonSerializerSettings",
  1334. "assembly": "Newtonsoft.Json"
  1335. },
  1336. {
  1337. "typename": "Newtonsoft.Json.JsonTextReader",
  1338. "assembly": "Newtonsoft.Json"
  1339. },
  1340. {
  1341. "typename": "Newtonsoft.Json.JsonTextWriter",
  1342. "assembly": "Newtonsoft.Json"
  1343. },
  1344. {
  1345. "typename": "Newtonsoft.Json.JsonWriter",
  1346. "assembly": "Newtonsoft.Json"
  1347. },
  1348. {
  1349. "typename": "Newtonsoft.Json.Linq.JArray",
  1350. "assembly": "Newtonsoft.Json"
  1351. },
  1352. {
  1353. "typename": "Newtonsoft.Json.Linq.JContainer",
  1354. "assembly": "Newtonsoft.Json"
  1355. },
  1356. {
  1357. "typename": "Newtonsoft.Json.Linq.JObject",
  1358. "assembly": "Newtonsoft.Json"
  1359. },
  1360. {
  1361. "typename": "Newtonsoft.Json.Linq.JToken",
  1362. "assembly": "Newtonsoft.Json"
  1363. },
  1364. {
  1365. "typename": "Newtonsoft.Json.Linq.JTokenReader",
  1366. "assembly": "Newtonsoft.Json"
  1367. },
  1368. {
  1369. "typename": "Newtonsoft.Json.Linq.JTokenType",
  1370. "assembly": "Newtonsoft.Json"
  1371. },
  1372. {
  1373. "typename": "Newtonsoft.Json.Linq.JValue",
  1374. "assembly": "Newtonsoft.Json"
  1375. },
  1376. {
  1377. "typename": "Newtonsoft.Json.MemberSerialization",
  1378. "assembly": "Newtonsoft.Json"
  1379. },
  1380. {
  1381. "typename": "Newtonsoft.Json.MissingMemberHandling",
  1382. "assembly": "Newtonsoft.Json"
  1383. },
  1384. {
  1385. "typename": "Newtonsoft.Json.NullValueHandling",
  1386. "assembly": "Newtonsoft.Json"
  1387. },
  1388. {
  1389. "typename": "Newtonsoft.Json.Required",
  1390. "assembly": "Newtonsoft.Json"
  1391. },
  1392. {
  1393. "typename": "Newtonsoft.Json.Serialization.DefaultContractResolver",
  1394. "assembly": "Newtonsoft.Json"
  1395. },
  1396. {
  1397. "typename": "Newtonsoft.Json.Serialization.ErrorContext",
  1398. "assembly": "Newtonsoft.Json"
  1399. },
  1400. {
  1401. "typename": "Newtonsoft.Json.Serialization.ErrorEventArgs",
  1402. "assembly": "Newtonsoft.Json"
  1403. },
  1404. {
  1405. "typename": "Newtonsoft.Json.Serialization.IContractResolver",
  1406. "assembly": "Newtonsoft.Json"
  1407. },
  1408. {
  1409. "typename": "Newtonsoft.Json.Serialization.JsonProperty",
  1410. "assembly": "Newtonsoft.Json"
  1411. },
  1412. {
  1413. "typename": "Newtonsoft.Json.TypeNameHandling",
  1414. "assembly": "Newtonsoft.Json"
  1415. },
  1416. {
  1417. "typename": "System.CodeDom.Compiler.GeneratedCodeAttribute",
  1418. "assembly": "System"
  1419. },
  1420. {
  1421. "typename": "System.Collections.Specialized.NameObjectCollectionBase",
  1422. "assembly": "System"
  1423. },
  1424. {
  1425. "typename": "System.Collections.Specialized.NameValueCollection",
  1426. "assembly": "System"
  1427. },
  1428. {
  1429. "typename": "System.ComponentModel.DefaultValueAttribute",
  1430. "assembly": "System"
  1431. },
  1432. {
  1433. "typename": "System.ComponentModel.EditorBrowsableAttribute",
  1434. "assembly": "System"
  1435. },
  1436. {
  1437. "typename": "System.ComponentModel.EditorBrowsableState",
  1438. "assembly": "System"
  1439. },
  1440. {
  1441. "typename": "System.ComponentModel.InvalidEnumArgumentException",
  1442. "assembly": "System"
  1443. },
  1444. {
  1445. "typename": "System.ComponentModel.ProgressChangedEventArgs",
  1446. "assembly": "System"
  1447. },
  1448. {
  1449. "typename": "System.ComponentModel.TypeConverter",
  1450. "assembly": "System"
  1451. },
  1452. {
  1453. "typename": "System.ComponentModel.TypeDescriptor",
  1454. "assembly": "System"
  1455. },
  1456. {
  1457. "typename": "System.Net.Cookie",
  1458. "assembly": "System"
  1459. },
  1460. {
  1461. "typename": "System.Net.HttpStatusCode",
  1462. "assembly": "System"
  1463. },
  1464. {
  1465. "typename": "System.Net.TransportContext",
  1466. "assembly": "System"
  1467. },
  1468. {
  1469. "typename": "System.Uri",
  1470. "assembly": "System"
  1471. },
  1472. {
  1473. "typename": "System.Collections.Generic.HashSet`1",
  1474. "assembly": "System.Core"
  1475. },
  1476. {
  1477. "typename": "System.Linq.Enumerable",
  1478. "assembly": "System.Core"
  1479. },
  1480. {
  1481. "typename": "System.Linq.IOrderedEnumerable`1",
  1482. "assembly": "System.Core"
  1483. },
  1484. {
  1485. "typename": "System.Linq.IQueryable`1",
  1486. "assembly": "System.Core"
  1487. },
  1488. {
  1489. "typename": "System.Net.Http.DelegatingHandler",
  1490. "assembly": "System.Net.Http"
  1491. },
  1492. {
  1493. "typename": "System.Net.Http.Headers.ContentDispositionHeaderValue",
  1494. "assembly": "System.Net.Http"
  1495. },
  1496. {
  1497. "typename": "System.Net.Http.Headers.ContentRangeHeaderValue",
  1498. "assembly": "System.Net.Http"
  1499. },
  1500. {
  1501. "typename": "System.Net.Http.Headers.HttpContentHeaders",
  1502. "assembly": "System.Net.Http"
  1503. },
  1504. {
  1505. "typename": "System.Net.Http.Headers.HttpHeaderValueCollection`1",
  1506. "assembly": "System.Net.Http"
  1507. },
  1508. {
  1509. "typename": "System.Net.Http.Headers.HttpHeaders",
  1510. "assembly": "System.Net.Http"
  1511. },
  1512. {
  1513. "typename": "System.Net.Http.Headers.HttpRequestHeaders",
  1514. "assembly": "System.Net.Http"
  1515. },
  1516. {
  1517. "typename": "System.Net.Http.Headers.HttpResponseHeaders",
  1518. "assembly": "System.Net.Http"
  1519. },
  1520. {
  1521. "typename": "System.Net.Http.Headers.MediaTypeHeaderValue",
  1522. "assembly": "System.Net.Http"
  1523. },
  1524. {
  1525. "typename": "System.Net.Http.Headers.MediaTypeWithQualityHeaderValue",
  1526. "assembly": "System.Net.Http"
  1527. },
  1528. {
  1529. "typename": "System.Net.Http.Headers.NameValueHeaderValue",
  1530. "assembly": "System.Net.Http"
  1531. },
  1532. {
  1533. "typename": "System.Net.Http.Headers.RangeHeaderValue",
  1534. "assembly": "System.Net.Http"
  1535. },
  1536. {
  1537. "typename": "System.Net.Http.Headers.RangeItemHeaderValue",
  1538. "assembly": "System.Net.Http"
  1539. },
  1540. {
  1541. "typename": "System.Net.Http.Headers.StringWithQualityHeaderValue",
  1542. "assembly": "System.Net.Http"
  1543. },
  1544. {
  1545. "typename": "System.Net.Http.HttpClient",
  1546. "assembly": "System.Net.Http"
  1547. },
  1548. {
  1549. "typename": "System.Net.Http.HttpClientHandler",
  1550. "assembly": "System.Net.Http"
  1551. },
  1552. {
  1553. "typename": "System.Net.Http.HttpContent",
  1554. "assembly": "System.Net.Http"
  1555. },
  1556. {
  1557. "typename": "System.Net.Http.HttpMessageHandler",
  1558. "assembly": "System.Net.Http"
  1559. },
  1560. {
  1561. "typename": "System.Net.Http.HttpMethod",
  1562. "assembly": "System.Net.Http"
  1563. },
  1564. {
  1565. "typename": "System.Net.Http.HttpRequestMessage",
  1566. "assembly": "System.Net.Http"
  1567. },
  1568. {
  1569. "typename": "System.Net.Http.HttpResponseMessage",
  1570. "assembly": "System.Net.Http"
  1571. },
  1572. {
  1573. "typename": "System.Net.Http.MultipartContent",
  1574. "assembly": "System.Net.Http"
  1575. },
  1576. {
  1577. "typename": "System.Net.Http.StreamContent",
  1578. "assembly": "System.Net.Http"
  1579. },
  1580. {
  1581. "typename": "System.Net.Http.StringContent",
  1582. "assembly": "System.Net.Http"
  1583. },
  1584. {
  1585. "typename": "System.Runtime.Serialization.DataContractSerializer",
  1586. "assembly": "System.Runtime.Serialization"
  1587. },
  1588. {
  1589. "typename": "System.Runtime.Serialization.Json.DataContractJsonSerializer",
  1590. "assembly": "System.Runtime.Serialization"
  1591. },
  1592. {
  1593. "typename": "System.Runtime.Serialization.Json.JsonReaderWriterFactory",
  1594. "assembly": "System.Runtime.Serialization"
  1595. },
  1596. {
  1597. "typename": "System.Runtime.Serialization.XmlObjectSerializer",
  1598. "assembly": "System.Runtime.Serialization"
  1599. },
  1600. {
  1601. "typename": "System.Runtime.Serialization.XsdDataContractExporter",
  1602. "assembly": "System.Runtime.Serialization"
  1603. },
  1604. {
  1605. "typename": "System.Xml.OnXmlDictionaryReaderClose",
  1606. "assembly": "System.Runtime.Serialization"
  1607. },
  1608. {
  1609. "typename": "System.Xml.XmlDictionaryReader",
  1610. "assembly": "System.Runtime.Serialization"
  1611. },
  1612. {
  1613. "typename": "System.Xml.XmlDictionaryReaderQuotas",
  1614. "assembly": "System.Runtime.Serialization"
  1615. },
  1616. {
  1617. "typename": "System.Xml.XmlDictionaryWriter",
  1618. "assembly": "System.Runtime.Serialization"
  1619. },
  1620. {
  1621. "typename": "System.Xml.Serialization.XmlSerializer",
  1622. "assembly": "System.Xml"
  1623. },
  1624. {
  1625. "typename": "System.Xml.XmlNode",
  1626. "assembly": "System.Xml"
  1627. },
  1628. {
  1629. "typename": "System.Xml.XmlQualifiedName",
  1630. "assembly": "System.Xml"
  1631. },
  1632. {
  1633. "typename": "System.Xml.XmlReader",
  1634. "assembly": "System.Xml"
  1635. },
  1636. {
  1637. "typename": "System.Xml.XmlWriter",
  1638. "assembly": "System.Xml"
  1639. },
  1640. {
  1641. "typename": "System.Xml.XmlWriterSettings",
  1642. "assembly": "System.Xml"
  1643. },
  1644. {
  1645. "typename": "System.Xml.Linq.XObject",
  1646. "assembly": "System.Xml.Linq"
  1647. },
  1648. {
  1649. "typename": "System.Action`1",
  1650. "assembly": "mscorlib"
  1651. },
  1652. {
  1653. "typename": "System.Action`3",
  1654. "assembly": "mscorlib"
  1655. },
  1656. {
  1657. "typename": "System.Activator",
  1658. "assembly": "mscorlib"
  1659. },
  1660. {
  1661. "typename": "System.ArgumentException",
  1662. "assembly": "mscorlib"
  1663. },
  1664. {
  1665. "typename": "System.ArgumentNullException",
  1666. "assembly": "mscorlib"
  1667. },
  1668. {
  1669. "typename": "System.ArgumentOutOfRangeException",
  1670. "assembly": "mscorlib"
  1671. },
  1672. {
  1673. "typename": "System.Array",
  1674. "assembly": "mscorlib"
  1675. },
  1676. {
  1677. "typename": "System.ArraySegment`1",
  1678. "assembly": "mscorlib"
  1679. },
  1680. {
  1681. "typename": "System.AsyncCallback",
  1682. "assembly": "mscorlib"
  1683. },
  1684. {
  1685. "typename": "System.Buffer",
  1686. "assembly": "mscorlib"
  1687. },
  1688. {
  1689. "typename": "System.Byte",
  1690. "assembly": "mscorlib"
  1691. },
  1692. {
  1693. "typename": "System.Char",
  1694. "assembly": "mscorlib"
  1695. },
  1696. {
  1697. "typename": "System.Collections.Concurrent.ConcurrentDictionary`2",
  1698. "assembly": "mscorlib"
  1699. },
  1700. {
  1701. "typename": "System.Collections.DictionaryEntry",
  1702. "assembly": "mscorlib"
  1703. },
  1704. {
  1705. "typename": "System.Collections.Generic.Dictionary`2",
  1706. "assembly": "mscorlib"
  1707. },
  1708. {
  1709. "typename": "System.Collections.Generic.ICollection`1",
  1710. "assembly": "mscorlib"
  1711. },
  1712. {
  1713. "typename": "System.Collections.Generic.IComparer`1",
  1714. "assembly": "mscorlib"
  1715. },
  1716. {
  1717. "typename": "System.Collections.Generic.IDictionary`2",
  1718. "assembly": "mscorlib"
  1719. },
  1720. {
  1721. "typename": "System.Collections.Generic.IEnumerable`1",
  1722. "assembly": "mscorlib"
  1723. },
  1724. {
  1725. "typename": "System.Collections.Generic.IEnumerator`1",
  1726. "assembly": "mscorlib"
  1727. },
  1728. {
  1729. "typename": "System.Collections.Generic.IEqualityComparer`1",
  1730. "assembly": "mscorlib"
  1731. },
  1732. {
  1733. "typename": "System.Collections.Generic.IList`1",
  1734. "assembly": "mscorlib"
  1735. },
  1736. {
  1737. "typename": "System.Collections.Generic.KeyNotFoundException",
  1738. "assembly": "mscorlib"
  1739. },
  1740. {
  1741. "typename": "System.Collections.Generic.KeyValuePair`2",
  1742. "assembly": "mscorlib"
  1743. },
  1744. {
  1745. "typename": "System.Collections.Generic.List`1",
  1746. "assembly": "mscorlib"
  1747. },
  1748. {
  1749. "typename": "System.Collections.Generic.List`1/Enumerator",
  1750. "assembly": "mscorlib"
  1751. },
  1752. {
  1753. "typename": "System.Collections.ICollection",
  1754. "assembly": "mscorlib"
  1755. },
  1756. {
  1757. "typename": "System.Collections.IDictionary",
  1758. "assembly": "mscorlib"
  1759. },
  1760. {
  1761. "typename": "System.Collections.IDictionaryEnumerator",
  1762. "assembly": "mscorlib"
  1763. },
  1764. {
  1765. "typename": "System.Collections.IEnumerable",
  1766. "assembly": "mscorlib"
  1767. },
  1768. {
  1769. "typename": "System.Collections.IEnumerator",
  1770. "assembly": "mscorlib"
  1771. },
  1772. {
  1773. "typename": "System.Collections.IEqualityComparer",
  1774. "assembly": "mscorlib"
  1775. },
  1776. {
  1777. "typename": "System.Collections.ObjectModel.Collection`1",
  1778. "assembly": "mscorlib"
  1779. },
  1780. {
  1781. "typename": "System.Comparison`1",
  1782. "assembly": "mscorlib"
  1783. },
  1784. {
  1785. "typename": "System.Convert",
  1786. "assembly": "mscorlib"
  1787. },
  1788. {
  1789. "typename": "System.DBNull",
  1790. "assembly": "mscorlib"
  1791. },
  1792. {
  1793. "typename": "System.DateTimeOffset",
  1794. "assembly": "mscorlib"
  1795. },
  1796. {
  1797. "typename": "System.Delegate",
  1798. "assembly": "mscorlib"
  1799. },
  1800. {
  1801. "typename": "System.Diagnostics.DebuggableAttribute",
  1802. "assembly": "mscorlib"
  1803. },
  1804. {
  1805. "typename": "System.Diagnostics.DebuggableAttribute/DebuggingModes",
  1806. "assembly": "mscorlib"
  1807. },
  1808. {
  1809. "typename": "System.Diagnostics.DebuggerDisplayAttribute",
  1810. "assembly": "mscorlib"
  1811. },
  1812. {
  1813. "typename": "System.Diagnostics.DebuggerHiddenAttribute",
  1814. "assembly": "mscorlib"
  1815. },
  1816. {
  1817. "typename": "System.Diagnostics.DebuggerNonUserCodeAttribute",
  1818. "assembly": "mscorlib"
  1819. },
  1820. {
  1821. "typename": "System.Enum",
  1822. "assembly": "mscorlib"
  1823. },
  1824. {
  1825. "typename": "System.Environment",
  1826. "assembly": "mscorlib"
  1827. },
  1828. {
  1829. "typename": "System.EventArgs",
  1830. "assembly": "mscorlib"
  1831. },
  1832. {
  1833. "typename": "System.EventHandler",
  1834. "assembly": "mscorlib"
  1835. },
  1836. {
  1837. "typename": "System.EventHandler`1",
  1838. "assembly": "mscorlib"
  1839. },
  1840. {
  1841. "typename": "System.Exception",
  1842. "assembly": "mscorlib"
  1843. },
  1844. {
  1845. "typename": "System.FormatException",
  1846. "assembly": "mscorlib"
  1847. },
  1848. {
  1849. "typename": "System.Func`1",
  1850. "assembly": "mscorlib"
  1851. },
  1852. {
  1853. "typename": "System.Func`2",
  1854. "assembly": "mscorlib"
  1855. },
  1856. {
  1857. "typename": "System.Func`3",
  1858. "assembly": "mscorlib"
  1859. },
  1860. {
  1861. "typename": "System.Func`4",
  1862. "assembly": "mscorlib"
  1863. },
  1864. {
  1865. "typename": "System.GC",
  1866. "assembly": "mscorlib"
  1867. },
  1868. {
  1869. "typename": "System.Globalization.CultureInfo",
  1870. "assembly": "mscorlib"
  1871. },
  1872. {
  1873. "typename": "System.Globalization.DateTimeFormatInfo",
  1874. "assembly": "mscorlib"
  1875. },
  1876. {
  1877. "typename": "System.Globalization.DateTimeStyles",
  1878. "assembly": "mscorlib"
  1879. },
  1880. {
  1881. "typename": "System.Globalization.NumberFormatInfo",
  1882. "assembly": "mscorlib"
  1883. },
  1884. {
  1885. "typename": "System.Globalization.NumberStyles",
  1886. "assembly": "mscorlib"
  1887. },
  1888. {
  1889. "typename": "System.Guid",
  1890. "assembly": "mscorlib"
  1891. },
  1892. {
  1893. "typename": "System.IAsyncResult",
  1894. "assembly": "mscorlib"
  1895. },
  1896. {
  1897. "typename": "System.ICloneable",
  1898. "assembly": "mscorlib"
  1899. },
  1900. {
  1901. "typename": "System.IDisposable",
  1902. "assembly": "mscorlib"
  1903. },
  1904. {
  1905. "typename": "System.IFormatProvider",
  1906. "assembly": "mscorlib"
  1907. },
  1908. {
  1909. "typename": "System.IO.BinaryReader",
  1910. "assembly": "mscorlib"
  1911. },
  1912. {
  1913. "typename": "System.IO.BinaryWriter",
  1914. "assembly": "mscorlib"
  1915. },
  1916. {
  1917. "typename": "System.IO.BufferedStream",
  1918. "assembly": "mscorlib"
  1919. },
  1920. {
  1921. "typename": "System.IO.File",
  1922. "assembly": "mscorlib"
  1923. },
  1924. {
  1925. "typename": "System.IO.FileOptions",
  1926. "assembly": "mscorlib"
  1927. },
  1928. {
  1929. "typename": "System.IO.FileStream",
  1930. "assembly": "mscorlib"
  1931. },
  1932. {
  1933. "typename": "System.IO.IOException",
  1934. "assembly": "mscorlib"
  1935. },
  1936. {
  1937. "typename": "System.IO.MemoryStream",
  1938. "assembly": "mscorlib"
  1939. },
  1940. {
  1941. "typename": "System.IO.Path",
  1942. "assembly": "mscorlib"
  1943. },
  1944. {
  1945. "typename": "System.IO.SeekOrigin",
  1946. "assembly": "mscorlib"
  1947. },
  1948. {
  1949. "typename": "System.IO.Stream",
  1950. "assembly": "mscorlib"
  1951. },
  1952. {
  1953. "typename": "System.IO.StreamReader",
  1954. "assembly": "mscorlib"
  1955. },
  1956. {
  1957. "typename": "System.IO.StreamWriter",
  1958. "assembly": "mscorlib"
  1959. },
  1960. {
  1961. "typename": "System.IO.TextReader",
  1962. "assembly": "mscorlib"
  1963. },
  1964. {
  1965. "typename": "System.IO.TextWriter",
  1966. "assembly": "mscorlib"
  1967. },
  1968. {
  1969. "typename": "System.Int32",
  1970. "assembly": "mscorlib"
  1971. },
  1972. {
  1973. "typename": "System.Int64",
  1974. "assembly": "mscorlib"
  1975. },
  1976. {
  1977. "typename": "System.InvalidOperationException",
  1978. "assembly": "mscorlib"
  1979. },
  1980. {
  1981. "typename": "System.Lazy`1",
  1982. "assembly": "mscorlib"
  1983. },
  1984. {
  1985. "typename": "System.Math",
  1986. "assembly": "mscorlib"
  1987. },
  1988. {
  1989. "typename": "System.NotImplementedException",
  1990. "assembly": "mscorlib"
  1991. },
  1992. {
  1993. "typename": "System.NotSupportedException",
  1994. "assembly": "mscorlib"
  1995. },
  1996. {
  1997. "typename": "System.Nullable`1",
  1998. "assembly": "mscorlib"
  1999. },
  2000. {
  2001. "typename": "System.Object",
  2002. "assembly": "mscorlib"
  2003. },
  2004. {
  2005. "typename": "System.ObjectDisposedException",
  2006. "assembly": "mscorlib"
  2007. },
  2008. {
  2009. "typename": "System.OperationCanceledException",
  2010. "assembly": "mscorlib"
  2011. },
  2012. {
  2013. "typename": "System.ParamArrayAttribute",
  2014. "assembly": "mscorlib"
  2015. },
  2016. {
  2017. "typename": "System.Reflection.Assembly",
  2018. "assembly": "mscorlib"
  2019. },
  2020. {
  2021. "typename": "System.Reflection.ConstructorInfo",
  2022. "assembly": "mscorlib"
  2023. },
  2024. {
  2025. "typename": "System.Reflection.DefaultMemberAttribute",
  2026. "assembly": "mscorlib"
  2027. },
  2028. {
  2029. "typename": "System.Reflection.MemberInfo",
  2030. "assembly": "mscorlib"
  2031. },
  2032. {
  2033. "typename": "System.Reflection.MethodBase",
  2034. "assembly": "mscorlib"
  2035. },
  2036. {
  2037. "typename": "System.Reflection.MethodInfo",
  2038. "assembly": "mscorlib"
  2039. },
  2040. {
  2041. "typename": "System.Resources.ResourceManager",
  2042. "assembly": "mscorlib"
  2043. },
  2044. {
  2045. "typename": "System.Runtime.CompilerServices.AsyncStateMachineAttribute",
  2046. "assembly": "mscorlib"
  2047. },
  2048. {
  2049. "typename": "System.Runtime.CompilerServices.AsyncTaskMethodBuilder",
  2050. "assembly": "mscorlib"
  2051. },
  2052. {
  2053. "typename": "System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1",
  2054. "assembly": "mscorlib"
  2055. },
  2056. {
  2057. "typename": "System.Runtime.CompilerServices.CompilationRelaxationsAttribute",
  2058. "assembly": "mscorlib"
  2059. },
  2060. {
  2061. "typename": "System.Runtime.CompilerServices.CompilerGeneratedAttribute",
  2062. "assembly": "mscorlib"
  2063. },
  2064. {
  2065. "typename": "System.Runtime.CompilerServices.ExtensionAttribute",
  2066. "assembly": "mscorlib"
  2067. },
  2068. {
  2069. "typename": "System.Runtime.CompilerServices.IAsyncStateMachine",
  2070. "assembly": "mscorlib"
  2071. },
  2072. {
  2073. "typename": "System.Runtime.CompilerServices.IteratorStateMachineAttribute",
  2074. "assembly": "mscorlib"
  2075. },
  2076. {
  2077. "typename": "System.Runtime.CompilerServices.RuntimeCompatibilityAttribute",
  2078. "assembly": "mscorlib"
  2079. },
  2080. {
  2081. "typename": "System.Runtime.CompilerServices.TaskAwaiter",
  2082. "assembly": "mscorlib"
  2083. },
  2084. {
  2085. "typename": "System.Runtime.CompilerServices.TaskAwaiter`1",
  2086. "assembly": "mscorlib"
  2087. },
  2088. {
  2089. "typename": "System.Runtime.Serialization.SerializationInfo",
  2090. "assembly": "mscorlib"
  2091. },
  2092. {
  2093. "typename": "System.Runtime.Serialization.StreamingContext",
  2094. "assembly": "mscorlib"
  2095. },
  2096. {
  2097. "typename": "System.RuntimeTypeHandle",
  2098. "assembly": "mscorlib"
  2099. },
  2100. {
  2101. "typename": "System.String",
  2102. "assembly": "mscorlib"
  2103. },
  2104. {
  2105. "typename": "System.StringComparer",
  2106. "assembly": "mscorlib"
  2107. },
  2108. {
  2109. "typename": "System.StringComparison",
  2110. "assembly": "mscorlib"
  2111. },
  2112. {
  2113. "typename": "System.Text.Encoding",
  2114. "assembly": "mscorlib"
  2115. },
  2116. {
  2117. "typename": "System.Text.StringBuilder",
  2118. "assembly": "mscorlib"
  2119. },
  2120. {
  2121. "typename": "System.Text.UTF8Encoding",
  2122. "assembly": "mscorlib"
  2123. },
  2124. {
  2125. "typename": "System.Text.UnicodeEncoding",
  2126. "assembly": "mscorlib"
  2127. },
  2128. {
  2129. "typename": "System.Threading.CancellationToken",
  2130. "assembly": "mscorlib"
  2131. },
  2132. {
  2133. "typename": "System.Threading.Interlocked",
  2134. "assembly": "mscorlib"
  2135. },
  2136. {
  2137. "typename": "System.Threading.Tasks.Task",
  2138. "assembly": "mscorlib"
  2139. },
  2140. {
  2141. "typename": "System.Threading.Tasks.TaskCompletionSource`1",
  2142. "assembly": "mscorlib"
  2143. },
  2144. {
  2145. "typename": "System.Threading.Tasks.TaskStatus",
  2146. "assembly": "mscorlib"
  2147. },
  2148. {
  2149. "typename": "System.Threading.Tasks.Task`1",
  2150. "assembly": "mscorlib"
  2151. },
  2152. {
  2153. "typename": "System.Threading.WaitHandle",
  2154. "assembly": "mscorlib"
  2155. },
  2156. {
  2157. "typename": "System.TimeSpan",
  2158. "assembly": "mscorlib"
  2159. },
  2160. {
  2161. "typename": "System.Type",
  2162. "assembly": "mscorlib"
  2163. },
  2164. {
  2165. "typename": "System.ValueType",
  2166. "assembly": "mscorlib"
  2167. },
  2168. {
  2169. "typename": "System.Version",
  2170. "assembly": "mscorlib"
  2171. }
  2172. ]
  2173. },
  2174. "pe": {
  2175. "peid_signatures": null,
  2176. "imports": [
  2177. {
  2178. "imports": [
  2179. {
  2180. "name": "_CorExeMain",
  2181. "address": "0x402000"
  2182. }
  2183. ],
  2184. "dll": "mscoree.dll"
  2185. }
  2186. ],
  2187. "digital_signers": null,
  2188. "exported_dll_name": null,
  2189. "actual_checksum": "0x0008f37b",
  2190. "overlay": null,
  2191. "imagebase": "0x00400000",
  2192. "reported_checksum": "0x0008f37b",
  2193. "icon_hash": null,
  2194. "entrypoint": "0x0043241e",
  2195. "timestamp": "2019-05-15 12:33:59",
  2196. "osversion": "4.0",
  2197. "sections": [
  2198. {
  2199. "name": ".text",
  2200. "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
  2201. "virtual_address": "0x00002000",
  2202. "size_of_data": "0x00030600",
  2203. "entropy": "6.05",
  2204. "raw_address": "0x00000200",
  2205. "virtual_size": "0x00030424",
  2206. "characteristics_raw": "0x60000020"
  2207. },
  2208. {
  2209. "name": ".rsrc",
  2210. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
  2211. "virtual_address": "0x00034000",
  2212. "size_of_data": "0x00058600",
  2213. "entropy": "7.15",
  2214. "raw_address": "0x00030800",
  2215. "virtual_size": "0x00058440",
  2216. "characteristics_raw": "0x40000040"
  2217. },
  2218. {
  2219. "name": ".reloc",
  2220. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ",
  2221. "virtual_address": "0x0008e000",
  2222. "size_of_data": "0x00000200",
  2223. "entropy": "0.10",
  2224. "raw_address": "0x00088e00",
  2225. "virtual_size": "0x0000000c",
  2226. "characteristics_raw": "0x42000040"
  2227. }
  2228. ],
  2229. "resources": [],
  2230. "dirents": [
  2231. {
  2232. "virtual_address": "0x00000000",
  2233. "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
  2234. "size": "0x00000000"
  2235. },
  2236. {
  2237. "virtual_address": "0x000323c8",
  2238. "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
  2239. "size": "0x00000053"
  2240. },
  2241. {
  2242. "virtual_address": "0x00034000",
  2243. "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
  2244. "size": "0x00058440"
  2245. },
  2246. {
  2247. "virtual_address": "0x00000000",
  2248. "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
  2249. "size": "0x00000000"
  2250. },
  2251. {
  2252. "virtual_address": "0x00000000",
  2253. "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
  2254. "size": "0x00000000"
  2255. },
  2256. {
  2257. "virtual_address": "0x0008e000",
  2258. "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
  2259. "size": "0x0000000c"
  2260. },
  2261. {
  2262. "virtual_address": "0x0003233c",
  2263. "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
  2264. "size": "0x0000001c"
  2265. },
  2266. {
  2267. "virtual_address": "0x00000000",
  2268. "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
  2269. "size": "0x00000000"
  2270. },
  2271. {
  2272. "virtual_address": "0x00000000",
  2273. "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
  2274. "size": "0x00000000"
  2275. },
  2276. {
  2277. "virtual_address": "0x00000000",
  2278. "name": "IMAGE_DIRECTORY_ENTRY_TLS",
  2279. "size": "0x00000000"
  2280. },
  2281. {
  2282. "virtual_address": "0x00000000",
  2283. "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
  2284. "size": "0x00000000"
  2285. },
  2286. {
  2287. "virtual_address": "0x00000000",
  2288. "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
  2289. "size": "0x00000000"
  2290. },
  2291. {
  2292. "virtual_address": "0x00002000",
  2293. "name": "IMAGE_DIRECTORY_ENTRY_IAT",
  2294. "size": "0x00000008"
  2295. },
  2296. {
  2297. "virtual_address": "0x00000000",
  2298. "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
  2299. "size": "0x00000000"
  2300. },
  2301. {
  2302. "virtual_address": "0x00002008",
  2303. "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
  2304. "size": "0x00000048"
  2305. },
  2306. {
  2307. "virtual_address": "0x00000000",
  2308. "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
  2309. "size": "0x00000000"
  2310. }
  2311. ],
  2312. "exports": [],
  2313. "guest_signers": {},
  2314. "imphash": "f34d5f2d4577ed6d9ceec516c1f5a744",
  2315. "icon_fuzzy": null,
  2316. "icon": null,
  2317. "pdbpath": "C:\\xampp\\htdocs\\Aspire\\files\\darklorddyagi07_mjVldNrVlNQdCgXu\\mjVldNrVlNQdCgXuma.pdb",
  2318. "imported_dll_count": 1,
  2319. "versioninfo": []
  2320. }
  2321. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!