Extracted

• Desktop.rar

  .rar

  Password: 312

• XClient.exe

  .exe windows:4 windows x86 arch:x86

  Password: 312

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 30KB - Virtual size: 29KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• pasted.exe

  .exe windows:6 windows x64 arch:x64

  Password: 312

  86f18e907c11237039947d40547983c8

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  FillConsoleOutputCharacterW

  GetVersion

  LocalAlloc

  LocalFree

  GetModuleFileNameW

  ExitProcess

  LoadLibraryA

  GetModuleHandleA

  GetProcAddress

  user32

  SetProcessDPIAware

  CharUpperBuffW

  advapi32

  GetUserNameW

  oleaut32

  VariantClear

  shlwapi

  PathFileExistsA

  wininet

  InternetOpenW

  Exports

  Exports

  -r$�#a
  c\�'���_
  yKm��
  ����R�� F ;_���w��8���s�*)u����(�\��>|F'��M�]�K�2Z���ݗ���_C�@�jO�6�?����6�N��)�#�!�z�1��m�:�X����n[68�J��H�:[��sVKq�T��*�?����aC}Q�Tz��+H��H�!�BS���J��#�U� 6�t@Zۻ���ߏ��)��ãrۂ��R]���m�+Q����8��ק��1��U�:,H[���j$2���_�z�Pp�7�o�c���oI4��!�����9'���;%*���<3����A
  �G@-�_&?-M̨M��2���s�Hoe�Ku�B��ṛ/'�J�^�ǖ�W���k݄W�\h����3+�f}5���������V;;���$��_�"w�6�r<��qNE�`la�Y}S2�;��Em�e��ÝY�_�X�Z.�7&n2o��WZ�G#�V�W=J�2 ��=c�8ӷֈ);4�/a�PW��5���`���]*G_`m6���|}�����>��X j��\A�`�9��[�!��8R�v�ͧ��Z�+�T��Ǵ����"2uN3ێ�3gvg�{y���Ǭ3+`�*�F�%�0�júկ�=�m�JDb���Ű��G��3���F�Q�p�qŠ펠����Q�/�q-�Ù{�Q8#ͧv����1��X�x� � ++hF�p��k����T.�m��_V��!:���T�);*����=�svF�W6˨Zə����:"����m�'ּ��«@MΈ��A��A�ʮ�i!���?;��H����Y8���di�4W�Kxl�4%��hr�������L+���RQ 2/́��>�!�4�x�֌�
  ���-E� C���d�Ea�@�}Wo�ܝ�m�r�X�(��[rE�e� �|��P�&��f�'
  @�H��^,᫅0��v�r�������͝�^�f(0X[�u�� *��(�r;�L4�^�AQ9j��R��`������=ؒ���F��癅]i� ɝ
  'u�q@�����������Ș��TO����=ư�0�fФ�D~q�'�CF]Sd��N�\&�Q��2��Q�`�"]�9Ur��]�ıB5�dȱ<yn��讄-���]RX�2���H5��#~�nwN|le��o��L�l�Sj2[ͯΚ����&O�u����P��m 3U�\�8�V�B�䕻2+/u��h�^*'j-ZZE�qЖ��RX�Zx���$��Q�����(V/�)�}̺R���<�@��؊>���c�wj�#7�2�d�����li��<��E>�©�f���gdž�PS�ǰ��T{.��AI"7�3%Z�=�Z�r��٩}���\����ɳī�:'�NF–��L�]�P�.�,&Rm�� e z�Z��$��Do�srK�X����@��_*�r�KxVtc�Σ��u��h2����j�F���ul��J� ��y�+�<gU��#�wm� �i�n%�jh]��ڜ�p��B?�j�'&�����igs3�ag�f� }��LV=�l�kX����)$��p@,���
  u0��"��C78�Z�4��FFu�y��V���5��_�N�����+f�J<e��q�+u��{q�xc��K��?0��0��~R����!<(Ū_q�b�����"}�7��&RVT�/[�M �K�/��]>�M6"�g����#�F=_"��:���9�V\��8~�!
  F�8���F�ԅ�0�]E*�>�[� V�̌��!��|Dԭu�Yp+d���5��?�R,���:)/,Bޕ�|� �H��Dmm4�M���y��|Hr����Y}4A��? !G�® 'p\� ���߶�"C��־% ������1�[�a�_O_��P���i&4�CN� w?42�
  � _13�sm#˙�qu����u�(��,��t�U. y>�k/���G��H���G��5���t��>�S;�9bj!����ӣ��hBL\���~Ǿ-�Km��8�;R����3RM�a�^�3=��n^x��O�I-����j���=�0�(��r:�
  �ɧ��
  �&\Uҩ��;@� 5*o�'�=[e˭'��T�K�Y܋1Z�da3��?�AҮ�ޓe� �M�Q�2R2�nK��t
  \=�5���<6�O�O՟4K��g]�����Ox��Ɛ58�5��!-ݛ�͌X(���g�����y��Ǥh��6߻�s�po�>�˞"R�y.x��W�E���0���m�HZ
  �Hy�5���d�"���� \���W�\T� �'%�Wrz�W������O�3bO��~�U�LL�,c�T$1ne*�^�aa�*+(�1B�s�������tE|d�DeL&�াv^����B&*��}h�6�#TV\�@�r����4�-����R��pa=F �6g��D�kY�0G |��ea�di��u��O��,� �N�K*�)�2�25�-��SR(���V&�����e5��OB�0�eT������\vo�;���G���q����"�JϘ) �@d��Ђ�?1�����N� �l����+�Q���r��*��Ol���׏����N��9�$&)��w^s@�Vݕ��Ҽ�`��LuG խ<��NvT)D��Z'�.=@`-����a-k�l����)�
  m�b{��2xY�Xq3Y0t�nc&8к�/��o��z^���/�)�� ���c%'�K�q�?t$N~�"?}B��mI���\��DY'�$z�=�2�<��[Ҕ,�����q����A���e+�9�T��`?9u�����K�9
  r'�(��ۿ ���a���7��!G���M��> ��Yp�O�e2y�E�5�����f�fj�+�[���L�; S��\��>7�8$Ù)�)��G�Z�t�T��̰���=+���>`��+Y��+:�n;�l!D%F{-����ML�<�?J̋9z�&��LE#��q�'y�7�շ�)���Z�hf_�ן��\L:�2 3��wL� �Ly ���@$
  �F��(�+z^É �h|gy��,Q�������G��!��5ES����_����T�

  Sections

  .text

  Size: - Virtual size: 417KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 137KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 27KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  _RDATA

  Size: - Virtual size: 244B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .dead0

  Size: - Virtual size: 5.2MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .dead1

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .dead2

  Size: 7.6MB - Virtual size: 7.6MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 17KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ