Attention: please enable javascript in order to properly view and use this malware analysis service.
malicious
Threat Score: 100/100 AV Detection: 91% Labeled as: Tupym.worm #worm Link E-Mail

Redist.exe

This report is generated from a file or URL submitted to this webservice on July 7th 2018 09:50:54 (CEST)
Guest System: Windows 7 32 bit, Home Premium, 6.1 (build 7601), Service Pack 1
Falcon Sandbox v8.10 © Hybrid Analysis - learn more

Incident Response

Risk Assessment

Spyware
Accesses potentially sensitive information from local browsers
Contains ability to open the clipboard
Contains ability to retrieve keyboard strokes
Persistence
Modifies auto-execute functionality by setting/creating a value in the registry
Schedules a task to be executed at a specific time and date
Spawns a lot of processes
Writes data to a remote process
Fingerprint
Reads the active computer name
Reads the cryptographic machine GUID
Adware
Modifies the default start/search page of Internet Explorer
Spreading
Opens the MountPointManager (often used to detect additional infection locations)
Network Behavior
Contacts 11 domains and 2 hosts. View all details

MITRE ATT&CK™ Techniques Detection

This report has 33 indicators that were mapped to 24 attack techniques and 8 tactics. View all details

Indicators

Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.

  • Malicious Indicators 16

  • Anti-Detection/Stealthyness
  • External Systems
  • General
  • Installation/Persistance
    • Allocates virtual memory in a remote process
      details
      "<Input Sample>" allocated memory in "%USERPROFILE%\Desktop\system3_.exe"
      "<Input Sample>" allocated memory in "%USERPROFILE%\Desktop\autorun.ini"
      source
      API Call
      relevance
      7/10
      ATT&CK ID
      T1055 (Show technique in the MITRE ATT&CK™ matrix)
    • Writes data to a remote process
      details
      "<Input Sample>" wrote 1500 bytes to a remote process "%WINDIR%\System32\rundll32.exe" (Handle: 684)
      "<Input Sample>" wrote 4 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 684)
      "<Input Sample>" wrote 32 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 684)
      "<Input Sample>" wrote 52 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 684)
      "<Input Sample>" wrote 1500 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1096)
      "<Input Sample>" wrote 4 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1096)
      "<Input Sample>" wrote 32 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1096)
      "<Input Sample>" wrote 52 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1096)
      "<Input Sample>" wrote 1500 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1072)
      "<Input Sample>" wrote 4 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1072)
      "<Input Sample>" wrote 32 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1072)
      "<Input Sample>" wrote 52 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1072)
      "<Input Sample>" wrote 1500 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1092)
      "<Input Sample>" wrote 4 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1092)
      "<Input Sample>" wrote 32 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1092)
      "<Input Sample>" wrote 52 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1092)
      "<Input Sample>" wrote 1500 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1088)
      "<Input Sample>" wrote 4 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1088)
      "<Input Sample>" wrote 32 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1088)
      "<Input Sample>" wrote 52 bytes to a remote process "C:\Windows\System32\rundll32.exe" (Handle: 1088)
      source
      API Call
      relevance
      6/10
  • Network Related
    • Malicious artifacts seen in the context of a contacted host
      details
      Found malicious artifacts related to "199.59.242.150": ...
      URL: http://h1.ripway.com/ (AV positives: 4/67 scanned on 07/07/2018 09:01:45)
      URL: http://upvegure.hyperphp.com/discount-patio-furniture-rocking-chairs.html (AV positives: 1/67 scanned on 07/07/2018 08:55:27)
      URL: http://ww25.liversity.net/v20014?product_name=welt+am+draht+english+2cd&amp;filesize=60408&amp;product_image_url=http://static.opensubtitles.org/gfx/thumbs/4/0/9/0/0070904.jpg&amp;product_title=welt+am+draht+%281973%29&amp;installer_file_name=welt-am-draht-eng-3709695&amp;product_file_name=welt-am-draht-eng-3709695.zip&amp;product_download_url=http://dl.opensubtitles.org/en/download/sub/3709695&amp;reffer=hxxp%3A%2F%2Fwww.opensubtitles.org%2Faddons%2Flog_product.php%3Fproduct%3Dbundle%26provider%3Dwebpick%26action%3Dinstall%26redir%3Dhttp://www.opensubtitles.org/en/subtitles/3709695/welt-am-draht-en (AV positives: 7/67 scanned on 07/07/2018 08:54:33)
      URL: http://cgiebay_it.byethost3.com/ (AV positives: 3/67 scanned on 07/07/2018 08:50:39)
      URL: http://cgiebay.byethost6.com/ (AV positives: 1/67 scanned on 07/07/2018 08:50:39)
      File SHA256: bcbb12eac1dc177d19e620f4f73939a17bc0ca6b8b3cce0c1e9dd6b668d41cc2 (AV positives: 55/68 scanned on 07/07/2018 08:20:39)
      File SHA256: 04b6b64fd1d70ad9e77c4a8c3ecae1de5f625098862e45296b14fd20b3a4487b (AV positives: 58/68 scanned on 07/07/2018 08:20:27)
      File SHA256: d13d0ea2049e44c4f4522274c798ad918b07ea7342e6aed282620c6750813e30 (AV positives: 58/68 scanned on 07/07/2018 08:20:21)
      File SHA256: d6a919ae98137344d38a744ec87ed11a579f23f0d6969078dba63ce78faab1bf (AV positives: 58/68 scanned on 07/07/2018 08:20:18)
      File SHA256: 7324e12f744448499d812bad1268a7577a61b43d52ddafd5860f9597d7f99319 (AV positives: 58/68 scanned on 07/07/2018 08:20:13)
      File SHA256: aa4120b3b4664f855bc3af7cb94a5c1226e0dfdb3de4c5b2490b0f51b30012d9 (Date: 07/07/2018 09:01:04)
      File SHA256: e36ebc24d37b1db004f085c1ce85f3cdc9d99d360cb1d55cacf8a9e65a0e827b (Date: 07/06/2018 19:33:06)
      File SHA256: bdf24c745f2cb9f40adebdc6dced8e83bd79bb8285e8fcfb8742e0e62f7d6c94 (Date: 07/06/2018 19:11:36)
      File SHA256: 365b4e186837e618edc31572a4690e2e10ecfd268c4a65c544c96f463aaaaa6f (Date: 07/06/2018 18:26:23)
      File SHA256: b9cfe4b0cfa8e32e0e0d9460bd009858a5b39191a9ce2cd938a5d55b45574bb4 (Date: 07/06/2018 17:59:15)
      Found malicious artifacts related to "141.8.230.97": ...
      URL: http://www.balu002.0catch.com/ (AV positives: 2/67 scanned on 07/07/2018 09:01:44)
      URL: http://www.balu005.0catch.com/ (AV positives: 2/67 scanned on 07/07/2018 09:01:39)
      URL: http://www.balu010.0catch.com/ (AV positives: 2/67 scanned on 07/07/2018 09:01:30)
      URL: http://www.balu012.0catch.com/ (AV positives: 2/67 scanned on 07/07/2018 09:01:29)
      URL: http://www.balu014.0catch.com/ (AV positives: 1/67 scanned on 07/07/2018 09:01:18)
      File SHA256: ea39dfce5fedd6ccfa830f6f396145dd34bfc62764cf80b6542218d3a7895c5e (AV positives: 57/68 scanned on 07/07/2018 07:20:17)
      File SHA256: a4b2293395f4bf4e2994f98f4ff5bc93ca387a7436bb10eb64cf2eb951c932f2 (AV positives: 61/68 scanned on 07/07/2018 01:06:30)
      File SHA256: 0e1583b4a2700d7ddfd3b0012c3c35bbe8bba09d1e7efc6c99f61905615e6f19 (AV positives: 58/64 scanned on 07/05/2018 15:27:07)
      File SHA256: 8504f2d9f9eb15d49a525b0623ba26476021c8e07051918eeb9236ea61e39dc7 (AV positives: 57/64 scanned on 07/05/2018 15:13:36)
      File SHA256: 5323b0ce6967bd23bd1369df84259fb86dfd8e7c388fac22d2c1be7610ad20c2 (AV positives: 59/64 scanned on 07/04/2018 14:26:54)
      File SHA256: fd398ea2b8bda30e9225f317b5da75589aab5f019f5d317507def227be07fb89 (Date: 06/11/2018 18:00:34)
      File SHA256: f3778271384abe8f2248b1f14c116a6fa9569ec834ce84c9226b010d989830fc (Date: 06/11/2018 17:51:36)
      File SHA256: 7f8fef371045d10591a1f76ac7751ec58fb8ab2cbaed0b2285c25f919036b6e0 (Date: 05/22/2018 12:53:14)
      File SHA256: 7c2a628c6ddf388c0f6a13b61ce66444e219d4893c2c249a7e695c5807241823 (Date: 05/07/2018 02:54:10)
      File SHA256: d5771d573f27caf7ee0d2deb2d97b633cf6fc845a51d12945a49a0d0bbf75159 (Date: 05/06/2018 03:36:03)
      source
      Network Traffic
      relevance
      10/10
    • Multiple malicious artifacts seen in the context of different hosts
      details
      Found malicious artifacts related to "199.59.242.150": ...
      URL: http://h1.ripway.com/ (AV positives: 4/67 scanned on 07/07/2018 09:01:45)
      URL: http://upvegure.hyperphp.com/discount-patio-furniture-rocking-chairs.html (AV positives: 1/67 scanned on 07/07/2018 08:55:27)
      URL: http://ww25.liversity.net/v20014?product_name=welt+am+draht+english+2cd&amp;filesize=60408&amp;product_image_url=http://static.opensubtitles.org/gfx/thumbs/4/0/9/0/0070904.jpg&amp;product_title=welt+am+draht+%281973%29&amp;installer_file_name=welt-am-draht-eng-3709695&amp;product_file_name=welt-am-draht-eng-3709695.zip&amp;product_download_url=http://dl.opensubtitles.org/en/download/sub/3709695&amp;reffer=hxxp%3A%2F%2Fwww.opensubtitles.org%2Faddons%2Flog_product.php%3Fproduct%3Dbundle%26provider%3Dwebpick%26action%3Dinstall%26redir%3Dhttp://www.opensubtitles.org/en/subtitles/3709695/welt-am-draht-en (AV positives: 7/67 scanned on 07/07/2018 08:54:33)
      URL: http://cgiebay_it.byethost3.com/ (AV positives: 3/67 scanned on 07/07/2018 08:50:39)
      URL: http://cgiebay.byethost6.com/ (AV positives: 1/67 scanned on 07/07/2018 08:50:39)
      File SHA256: bcbb12eac1dc177d19e620f4f73939a17bc0ca6b8b3cce0c1e9dd6b668d41cc2 (AV positives: 55/68 scanned on 07/07/2018 08:20:39)
      File SHA256: 04b6b64fd1d70ad9e77c4a8c3ecae1de5f625098862e45296b14fd20b3a4487b (AV positives: 58/68 scanned on 07/07/2018 08:20:27)
      File SHA256: d13d0ea2049e44c4f4522274c798ad918b07ea7342e6aed282620c6750813e30 (AV positives: 58/68 scanned on 07/07/2018 08:20:21)
      File SHA256: d6a919ae98137344d38a744ec87ed11a579f23f0d6969078dba63ce78faab1bf (AV positives: 58/68 scanned on 07/07/2018 08:20:18)
      File SHA256: 7324e12f744448499d812bad1268a7577a61b43d52ddafd5860f9597d7f99319 (AV positives: 58/68 scanned on 07/07/2018 08:20:13)
      File SHA256: aa4120b3b4664f855bc3af7cb94a5c1226e0dfdb3de4c5b2490b0f51b30012d9 (Date: 07/07/2018 09:01:04)
      File SHA256: e36ebc24d37b1db004f085c1ce85f3cdc9d99d360cb1d55cacf8a9e65a0e827b (Date: 07/06/2018 19:33:06)
      File SHA256: bdf24c745f2cb9f40adebdc6dced8e83bd79bb8285e8fcfb8742e0e62f7d6c94 (Date: 07/06/2018 19:11:36)
      File SHA256: 365b4e186837e618edc31572a4690e2e10ecfd268c4a65c544c96f463aaaaa6f (Date: 07/06/2018 18:26:23)
      File SHA256: b9cfe4b0cfa8e32e0e0d9460bd009858a5b39191a9ce2cd938a5d55b45574bb4 (Date: 07/06/2018 17:59:15)
      Found malicious artifacts related to "141.8.230.97": ...
      URL: http://www.balu002.0catch.com/ (AV positives: 2/67 scanned on 07/07/2018 09:01:44)
      URL: http://www.balu005.0catch.com/ (AV positives: 2/67 scanned on 07/07/2018 09:01:39)
      URL: http://www.balu010.0catch.com/ (AV positives: 2/67 scanned on 07/07/2018 09:01:30)
      URL: http://www.balu012.0catch.com/ (AV positives: 2/67 scanned on 07/07/2018 09:01:29)
      URL: http://www.balu014.0catch.com/ (AV positives: 1/67 scanned on 07/07/2018 09:01:18)
      File SHA256: ea39dfce5fedd6ccfa830f6f396145dd34bfc62764cf80b6542218d3a7895c5e (AV positives: 57/68 scanned on 07/07/2018 07:20:17)
      File SHA256: a4b2293395f4bf4e2994f98f4ff5bc93ca387a7436bb10eb64cf2eb951c932f2 (AV positives: 61/68 scanned on 07/07/2018 01:06:30)
      File SHA256: 0e1583b4a2700d7ddfd3b0012c3c35bbe8bba09d1e7efc6c99f61905615e6f19 (AV positives: 58/64 scanned on 07/05/2018 15:27:07)
      File SHA256: 8504f2d9f9eb15d49a525b0623ba26476021c8e07051918eeb9236ea61e39dc7 (AV positives: 57/64 scanned on 07/05/2018 15:13:36)
      File SHA256: 5323b0ce6967bd23bd1369df84259fb86dfd8e7c388fac22d2c1be7610ad20c2 (AV positives: 59/64 scanned on 07/04/2018 14:26:54)
      File SHA256: fd398ea2b8bda30e9225f317b5da75589aab5f019f5d317507def227be07fb89 (Date: 06/11/2018 18:00:34)
      File SHA256: f3778271384abe8f2248b1f14c116a6fa9569ec834ce84c9226b010d989830fc (Date: 06/11/2018 17:51:36)
      File SHA256: 7f8fef371045d10591a1f76ac7751ec58fb8ab2cbaed0b2285c25f919036b6e0 (Date: 05/22/2018 12:53:14)
      File SHA256: 7c2a628c6ddf388c0f6a13b61ce66444e219d4893c2c249a7e695c5807241823 (Date: 05/07/2018 02:54:10)
      File SHA256: d5771d573f27caf7ee0d2deb2d97b633cf6fc845a51d12945a49a0d0bbf75159 (Date: 05/06/2018 03:36:03)
      source
      Network Traffic
      relevance
      10/10
  • Ransomware/Banking
  • Unusual Characteristics
    • Contains ability to reboot/shutdown the operating system
      details
      ExitWindowsEx@USER32.DLL from 2.exe (PID: 2916) (Show Stream)
      source
      Hybrid Analysis Technology
      relevance
      5/10
    • Spawns a lot of processes
      details
      Spawned process "<Input Sample>" (Show Process)
      Spawned process "cmd.exe" with commandline "/C AT /delete /yes" (Show Process)
      Spawned process "at.exe" with commandline "AT /delete /yes" (Show Process)
      Spawned process "cmd.exe" with commandline "/C AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe" (Show Process)
      Spawned process "at.exe" with commandline "AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      source
      Monitored Target
      relevance
      8/10
  • Hiding 2 Malicious Indicators
    • All indicators are available only in the private webservice or standalone version

  • Suspicious Indicators 36

  • Environment Awareness
  • External Systems
    • Found an IP/URL artifact that was identified as malicious by at least one reputation engine
      details
      2/67 reputation engines marked "http://www.balu002.0catch.com" as malicious (2% detection rate)
      2/67 reputation engines marked "http://www.balu005.0catch.com" as malicious (2% detection rate)
      2/67 reputation engines marked "http://www.balu003.0catch.com" as malicious (2% detection rate)
      3/67 reputation engines marked "http://www.balu001.0catch.com" as malicious (4% detection rate)
      1/67 reputation engines marked "http://www.balu008.0catch.com" as malicious (1% detection rate)
      2/67 reputation engines marked "http://www.balu000.0catch.com" as malicious (2% detection rate)
      1/67 reputation engines marked "http://www.balu007.0catch.com" as malicious (1% detection rate)
      2/67 reputation engines marked "http://www.balu009.0catch.com" as malicious (2% detection rate)
      1/67 reputation engines marked "http://www.balu004.0catch.com" as malicious (1% detection rate)
      2/67 reputation engines marked "http://www.balu006.0catch.com" as malicious (2% detection rate)
      source
      External System
      relevance
      10/10
  • General
  • Installation/Persistance
    • Modifies auto-execute functionality by setting/creating a value in the registry
      details
      "<Input Sample>" (Access type: "SETVAL"; Path: "HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON"; Key: "SHELL"; Value: "Explorer.exe system3_.exe")
      "<Input Sample>" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN")
      "<Input Sample>" (Access type: "SETVAL"; Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN"; Key: "YAHOO MESSENGGER"; Value: "%USERPROFILE%\Desktop\system3_.exe")
      "<Input Sample>" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR")
      "<Input Sample>" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER")
      source
      Registry Access
      relevance
      8/10
      ATT&CK ID
      T1060 (Show technique in the MITRE ATT&CK™ matrix)
  • Pattern Matching
  • Spyware/Information Retrieval
  • System Security
    • Modifies proxy settings
      details
      "<Input Sample>" (Access type: "SETVAL"; Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS"; Key: "PROXYENABLE"; Value: "00000000")
      "<Input Sample>" (Access type: "DELETEVAL"; Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS"; Key: "PROXYSERVER")
      "<Input Sample>" (Access type: "DELETEVAL"; Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS"; Key: "PROXYOVERRIDE")
      "<Input Sample>" (Access type: "DELETEVAL"; Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP"; Key: "PROXYBYPASS")
      "<Input Sample>" (Access type: "DELETEVAL"; Path: "HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP"; Key: "PROXYBYPASS")
      source
      Registry Access
      relevance
      10/10
      ATT&CK ID
      T1112 (Show technique in the MITRE ATT&CK™ matrix)
  • Uncategorized Behavior
  • Unusual Characteristics
    • Imports suspicious APIs
      details
      RegCreateKeyExW
      RegCloseKey
      CreateProcessWithLogonW
      RegDeleteKeyW
      SetSecurityDescriptorDacl
      OpenProcessToken
      RegOpenKeyExW
      GetUserNameW
      RegEnumKeyExW
      CreateProcessAsUserW
      RegDeleteValueW
      GetDriveTypeW
      GetFileAttributesW
      UnhandledExceptionFilter
      GetTempPathW
      DeviceIoControl
      CopyFileW
      WriteProcessMemory
      OutputDebugStringW
      GetModuleFileNameW
      IsDebuggerPresent
      GetModuleFileNameA
      LoadLibraryExW
      CreateThread
      ExitThread
      TerminateProcess
      CreateToolhelp32Snapshot
      LoadLibraryW
      GetVersionExW
      GetTickCount
      LoadLibraryA
      GetStartupInfoA
      GetFileSize
      OpenProcess
      GetStartupInfoW
      ReadProcessMemory
      CreateDirectoryW
      DeleteFileW
      GetProcAddress
      GetTempFileNameW
      GetComputerNameW
      WriteFile
      FindNextFileW
      FindFirstFileW
      CreateFileW
      CreateFileA
      VirtualAllocEx
      Process32NextW
      LockResource
      GetCommandLineW
      Process32FirstW
      GetModuleHandleA
      GetModuleHandleW
      FindResourceW
      CreateProcessW
      Sleep
      VirtualAlloc
      EnumProcesses
      ShellExecuteW
      ShellExecuteExW
      SetKeyboardState
      FindWindowExW
      FindWindowW
      GetWindowThreadProcessId
      FtpGetFileSize
      InternetOpenW
      InternetConnectW
      HttpQueryInfoW
      InternetCrackUrlW
      InternetCloseHandle
      HttpSendRequestW
      InternetOpenUrlW
      InternetReadFile
      FtpOpenFileW
      sendto
      socket
      bind
      send
      accept
      WSAStartup
      recv
      connect
      recvfrom
      closesocket
      listen
      source
      Static Parser
      relevance
      1/10
    • Installs hooks/patches the running process
      details
      "<Input Sample>" wrote bytes "77397c7779a88077be728077d62d80771de27b7705a28077c8687f7757d18677bee37b77616f807768417e7700507e7700000000ad37a3768b2da376b641a37600000000" to virtual address "0x75331000" (part of module "WSHIP6.DLL")
      "<Input Sample>" wrote bytes "92e67b7779a88077be728077d62d80771de27b7705a28077bee37b77616f807768417e7700507e7700000000ad37a3768b2da376b641a37600000000" to virtual address "0x74E61000" (part of module "WSHTCPIP.DLL")
      "<Input Sample>" wrote bytes "40537e7758587f77186a7f77653c80770000000000bf93770000000056cc9377000000007cca93770000000037689b756a2c8077d62d80770000000020699b750000000029a6937700000000a48d9b7500000000f70e937700000000" to virtual address "0x779D1000" (part of module "NSI.DLL")
      "rundll3<Input Sample>" wrote bytes "40537e7758587f77186a7f77653c80770000000000bf93770000000056cc9377000000007cca93770000000037689b756a2c8077d62d80770000000020699b750000000029a6937700000000a48d9b7500000000f70e937700000000" to virtual address "0x779D1000" (part of module "NSI.DLL")
      source
      Hook Detection
      relevance
      10/10
      ATT&CK ID
      T1179 (Show technique in the MITRE ATT&CK™ matrix)
    • Reads information about supported languages
      details
      "<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\LOCALE"; Key: "00000409")
      "at.exe" (Path: "HKCU\CONTROL PANEL\INTERNATIONAL"; Key: "STIME")
      "at.exe" (Path: "HKCU\CONTROL PANEL\INTERNATIONAL"; Key: "SDATE")
      "at.exe" (Path: "HKCU\CONTROL PANEL\INTERNATIONAL"; Key: "S1159")
      "at.exe" (Path: "HKCU\CONTROL PANEL\INTERNATIONAL"; Key: "S2359")
      "at.exe" (Path: "HKCU\CONTROL PANEL\INTERNATIONAL"; Key: "SSHORTDATE")
      source
      Registry Access
      relevance
      3/10
      ATT&CK ID
      T1012 (Show technique in the MITRE ATT&CK™ matrix)
  • Hiding 20 Suspicious Indicators
    • All indicators are available only in the private webservice or standalone version

  • Informative 23

  • Anti-Reverse Engineering
  • Environment Awareness
  • General
    • Contacts domains
      details
      "h1.ripway.com"
      "www.balu000.0catch.com"
      "www.balu001.0catch.com"
      "www.balu002.0catch.com"
      "www.balu003.0catch.com"
      "www.balu004.0catch.com"
      "www.balu005.0catch.com"
      "www.balu006.0catch.com"
      "www.balu007.0catch.com"
      "www.balu008.0catch.com"
      "www.balu009.0catch.com"
      source
      Network Traffic
      relevance
      1/10
    • Contacts server
      details
      "199.59.242.150:80"
      "141.8.230.97:80"
      source
      Network Traffic
      relevance
      1/10
    • Contains ability to register hotkeys
      details
      UnregisterHotKey@USER32.DLL from 2.exe (PID: 2916) (Show Stream)
      RegisterHotKey@USER32.DLL from 2.exe (PID: 2916) (Show Stream)
      UnregisterHotKey@USER32.DLL from 2.exe (PID: 2916) (Show Stream)
      source
      Hybrid Analysis Technology
      relevance
      5/10
    • Creates mutants
      details
      "\Sessions\1\BaseNamedObjects\Local\_!MSFTHISTORY!_"
      "\Sessions\1\BaseNamedObjects\Local\c:!users!mzboyr9!appdata!local!microsoft!windows!temporary internet files!content.ie5!"
      "\Sessions\1\BaseNamedObjects\Local\c:!users!mzboyr9!appdata!roaming!microsoft!windows!cookies!"
      "\Sessions\1\BaseNamedObjects\Local\c:!users!mzboyr9!appdata!local!microsoft!windows!history!history.ie5!"
      "\Sessions\1\BaseNamedObjects\Local\WininetStartupMutex"
      "\Sessions\1\BaseNamedObjects\Local\WininetConnectionMutex"
      "\Sessions\1\BaseNamedObjects\Local\WininetProxyRegistryMutex"
      "\Sessions\1\BaseNamedObjects\RasPbFile"
      "\Sessions\1\BaseNamedObjects\Local\ZonesCounterMutex"
      "\Sessions\1\BaseNamedObjects\Local\ZoneAttributeCacheCounterMutex"
      "\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex"
      "\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex"
      "\Sessions\1\BaseNamedObjects\Local\!IETld!Mutex"
      "\Sessions\1\BaseNamedObjects\Local\c:!users!mzboyr9!appdata!roaming!microsoft!windows!ietldcache!"
      "Local\c:!users!mzboyr9!appdata!local!microsoft!windows!history!history.ie5!"
      "Local\!IETld!Mutex"
      "Local\ZonesCacheCounterMutex"
      "Local\ZoneAttributeCacheCounterMutex"
      "Local\WininetConnectionMutex"
      "Local\ZonesCounterMutex"
      source
      Created Mutant
      relevance
      3/10
    • GETs files from a webserver
      details
      "GET /asdb000/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache"
      "GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu000.0catch.comCache-Control: no-cache"
      "GET /asdb002/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache"
      "GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu001.0catch.comCache-Control: no-cache"
      "GET /asdb004/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache"
      "GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu002.0catch.comCache-Control: no-cache"
      "GET /asdb006/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache"
      "GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu003.0catch.comCache-Control: no-cache"
      "GET /asdb008/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache"
      "GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu004.0catch.comCache-Control: no-cache"
      "GET /asdb010/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache"
      "GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu005.0catch.comCache-Control: no-cache"
      "GET /asdb012/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache"
      "GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu006.0catch.comCache-Control: no-cache"
      "GET /asdb014/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache"
      "GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu007.0catch.comCache-Control: no-cache"
      "GET /asdb016/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache"
      "GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu008.0catch.comCache-Control: no-cache"
      "GET /asdb018/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache"
      "GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu009.0catch.comCache-Control: no-cache"
      source
      Network Traffic
      relevance
      5/10
    • Runs shell commands
      details
      "/C AT /delete /yes" on 2018-7-7.09:51:46.627
      "/C AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe" on 2018-7-7.09:51:46.747
      source
      Monitored Target
      relevance
      5/10
    • Spawns new processes
      details
      Spawned process "cmd.exe" with commandline "/C AT /delete /yes" (Show Process)
      Spawned process "at.exe" with commandline "AT /delete /yes" (Show Process)
      Spawned process "cmd.exe" with commandline "/C AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\De ..." (Show Process)
      Spawned process "at.exe" with commandline "AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desk ..." (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      source
      Monitored Target
      relevance
      3/10
  • Installation/Persistance
    • Connects to LPC ports
      details
      "<Input Sample>" connecting to "\ThemeApiPort"
      "rundll3<Input Sample>" connecting to "\ThemeApiPort"
      source
      API Call
      relevance
      1/10
    • Contains ability to lookup the windows account name
      details
      GetUserNameW@ADVAPI32.DLL from 2.exe (PID: 2916) (Show Stream)
      source
      Hybrid Analysis Technology
      relevance
      5/10
    • Dropped files
      details
      "system3_.exe" has type "empty"
      "autorun.ini" has type "data"
      "autorun.ini" has type "empty"
      source
      Extracted File
      relevance
      3/10
    • Touches files in the Windows directory
      details
      "<Input Sample>" touched file "C:\Windows\Globalization\Sorting\SortDefault.nls"
      "<Input Sample>" touched file "C:\Windows\System32\en-US\setupapi.dll.mui"
      "<Input Sample>" touched file "C:\Windows\System32\tzres.dll"
      "<Input Sample>" touched file "C:\Windows\System32\en-US\tzres.dll.mui"
      "<Input Sample>" touched file "%LOCALAPPDATA%\Microsoft\Windows\Temporary Internet Files"
      "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Cookies"
      "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History"
      "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat"
      "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Cookies\index.dat"
      "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat"
      "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low"
      "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Temporary Internet Files"
      "<Input Sample>" touched file "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Cookies\Low"
      source
      API Call
      relevance
      7/10
  • Network Related
    • Found potential URL in binary/memory
      details
      Pattern match: "www.balu000.0catch.com"
      Pattern match: "www.balu001.0catch.com"
      Pattern match: "www.balu002.0catch.com"
      Pattern match: "www.balu003.0catch.com"
      Pattern match: "www.balu004.0catch.com"
      Pattern match: "www.balu005.0catch.com"
      Pattern match: "www.balu006.0catch.com"
      Pattern match: "www.balu007.0catch.com"
      Pattern match: "www.balu008.0catch.com"
      Pattern match: "www.balu009.0catch.com"
      Heuristic match: "h1.ripway.com"
      Pattern match: "http://www.mydreamworld.50webs.com"
      source
      String
      relevance
      10/10
  • System Security
  • Uncategorized Behavior
    • Spawns new processes that are not known child processes
      details
      Spawned process "cmd.exe" with commandline "/C AT /delete /yes" (Show Process)
      Spawned process "at.exe" with commandline "AT /delete /yes" (Show Process)
      Spawned process "cmd.exe" with commandline "/C AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\De ..." (Show Process)
      Spawned process "at.exe" with commandline "AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desk ..." (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      Spawned process "rundll3<Input Sample>" with commandline ""%WINDIR%\system32\WININET.dll",DispatchAPICall 1" (Show Process)
      source
      Monitored Target
      relevance
      3/10
  • Unusual Characteristics

File Details

All Details:

Redist.exe

Filename
Redist.exe
Size
1.8MiB (1861632 bytes)
Type
peexe executable
Description
PE32 executable (GUI) Intel 80386, for MS Windows
Architecture
WINDOWS
SHA256
1a891a43dc2049b7684b98c6f941e9e90282b355b5e250d1dd3ae84f06eedb30Copy SHA256 to clipboard
MD5
da223421188b22114fb7f0c624745c68Copy MD5 to clipboard
SHA1
e8eb9c36c1f327326d71f900fa793579a7f1782fCopy SHA1 to clipboard
ssdeep
6144:Kpqoa8aLiC/2OLSAN7gNVpNleQUohBfGPOtQciXeL/XYqGlebojSP2pjNhcAYnCw:KpqiC/2OGAtkCP4cejGSOpRK3CGY Copy ssdeep to clipboard
imphash
573f38808dce8a07fef775b4484aae4c Copy imphash to clipboard
authentihash
a6344b0fdc8e867deb320e5e0b92006446a0c0b821ccd2d02db15abe4fd524e7 Copy authentihash to clipboard
Compiler/Packer
VC8 -> Microsoft Corporation

Resources

Language
ENGLISH
Icon
Sample Icon

Visualization

Input File (PortEx)
PE Visualization

Version Info

FileVersion
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Company
Microsoft Corporation
Product Name
Microsoft Windows Operating System
Product Version
6.00.2900.2180
Original File name
System32.exe
Internal Name
System32
Translation
0x0809 0x04b0

Classification (TrID)

  • 52.9% (.EXE) Win32 Executable (generic)
  • 23.5% (.EXE) Generic Win/DOS Executable
  • 23.4% (.EXE) DOS Executable Generic
  • 0.0% (.CEL) Autodesk FLIC Image File (extensions: flc, fli, cel)

File Metadata


  • 1 .OBJ Files (COFF) linked with LINK.EXE 9.00 (Visual Studio 2008) (build: 30729)
  • 1 .RES Files linked with CVTRES.EXE 9.00 (Visual Studio 2008) (build: 21022)
  • 1 .ASM Files assembled with MASM 9.00 (Visual Studio 2008) (build: 21022)
  • 31 .ASM Files assembled with MASM 9.00 (Visual Studio 2008) (build: 30729)
  • 71 .CPP Files (with POGO Optimization) compiled with CL.EXE 15.00 (Visual Studio 2008) (build: 30729)
  • 33 .LIB Files generated with LIB.EXE 8.00 (Visual Studio 2005) (build: 50727)
  • 10 .C Files compiled with CL.EXE 14.00 (Visual Studio 2005) (build: 50727)
  • 181 .C Files compiled with CL.EXE 15.00 (Visual Studio 2008) (build: 30729)
  • 52 .CPP Files compiled with CL.EXE 15.00 (Visual Studio 2008) (build: 30729)
  • 2 .OBJ Files linked with ALIASOBJ.EXE 9.00 (Internal OLDNAMES.LIB Tool) (build: 20413)
  • File contains C++ code
  • File contains assembly code
  • File appears to contain raw COFF/OMF content
  • File was optimized using LTCG and/or POGO
  • File is the product of a large codebase (103 files)

File Sections

File Imports

AddAce
AdjustTokenPrivileges
CloseServiceHandle
CopySid
CreateProcessAsUserW
CreateProcessWithLogonW
GetAce
GetAclInformation
GetLengthSid
GetSecurityDescriptorDacl
GetTokenInformation
GetUserNameW
InitializeAcl
InitializeSecurityDescriptor
LockServiceDatabase
LogonUserW
LookupPrivilegeValueW
OpenProcessToken
OpenSCManagerW
OpenThreadToken
RegCloseKey
RegConnectRegistryW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
SetSecurityDescriptorDacl
UnlockServiceDatabase
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_EndDrag
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
InitCommonControlsEx
GetOpenFileNameW
GetSaveFileNameW
AngleArc
BeginPath
BitBlt
CloseFigure
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontW
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
EndPath
ExtCreatePen
GetDeviceCaps
GetDIBits
GetObjectW
GetPixel
GetStockObject
GetTextExtentPoint32W
GetTextFaceW
LineTo
MoveToEx
PolyDraw
Rectangle
RoundRect
SelectObject
SetBkColor
SetBkMode
SetPixel
SetTextColor
SetViewportOrgEx
StrokeAndFillPath
StrokePath
Beep
CloseHandle
CompareStringA
CompareStringW
CopyFileW
CreateDirectoryW
CreateFileA
CreateFileW
CreateHardLinkW
CreatePipe
CreateProcessW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EnumResourceNamesW
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineW
GetComputerNameW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCPInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetProcessIoCounters
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalFileTimeToFileTime
LockResource
lstrcmpiW
MoveFileW
MultiByteToWideChar
OpenProcess
OutputDebugStringW
Process32FirstW
Process32NextW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
RemoveDirectoryW
ResumeThread
RtlUnwind
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetStdHandle
SetSystemPowerState
SetUnhandledExceptionFilter
SetVolumeLabelW
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileSectionW
WritePrivateProfileStringW
WriteProcessMemory
WNetAddConnection2W
WNetCancelConnection2W
WNetGetConnectionW
WNetUseConnectionW
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoCreateInstanceEx
CoInitialize
CoInitializeSecurity
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateBindCtx
CreateStreamOnHGlobal
IIDFromString
MkParseDisplayName
OleInitialize
OleSetContainedObject
OleSetMenuDescriptor
OleUninitialize
StringFromCLSID
StringFromIID
GetActiveObject
LoadRegTypeLib
OleLoadPicture
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetVartype
SafeArrayUnaccessData
SysAllocString
VariantClear
VariantCopy
VariantInit
VariantTimeToSystemTime
VarR8FromDec
EnumProcesses
EnumProcessModules
GetModuleBaseNameW
GetProcessMemoryInfo
DragFinish
DragQueryFileW
DragQueryPoint
ExtractIconExW
SHBrowseForFolderW
Shell_NotifyIconW
ShellExecuteExW
ShellExecuteW
SHEmptyRecycleBinW
SHFileOperationW
SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListW
AdjustWindowRectEx
AttachThreadInput
BeginPaint
BlockInput
CharLowerBuffW
CharNextW
CharUpperBuffW
CharUpperW
CheckMenuRadioItem
ClientToScreen
CloseClipboard
CloseDesktop
CloseWindowStation
CopyImage
CopyRect
CountClipboardFormats
CreateAcceleratorTableW
CreateIconFromResourceEx
CreateMenu
CreatePopupMenu
CreateWindowExW
DefDlgProcW
DefWindowProcW
DeleteMenu
DestroyAcceleratorTable
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawFocusRect
DrawFrameControl
DrawMenuBar
DrawTextW
EmptyClipboard
EnableWindow
EndDialog
EndPaint
EnumChildWindows
EnumThreadWindows
EnumWindows
ExitWindowsEx
FillRect
FindWindowExW
FindWindowW
FlashWindow
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCaretPos
GetClassNameW
GetClientRect
GetClipboardData
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyboardLayoutNameA
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyState
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuStringW
GetMessageW
GetMonitorInfoW
GetParent
GetProcessWindowStation
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetUserObjectSecurity
GetWindowDC
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuItemW
InvalidateRect
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerW
IsCharUpperW
IsClipboardFormatAvailable
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
keybd_event
KillTimer
LoadCursorW
LoadIconW
LoadImageW
LoadStringW
LockWindowUpdate
MapVirtualKeyW
MessageBeep
MessageBoxA
MessageBoxW
MonitorFromPoint
mouse_event
MoveWindow
OpenClipboard
OpenDesktopW
OpenWindowStationW
PeekMessageW
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassExW
RegisterHotKey
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetLayeredWindowAttributes
SetMenu
SetMenuDefaultItem
SetMenuItemInfoW
SetProcessWindowStation
SetRect
SetTimer
SetUserObjectSecurity
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMessage
UnregisterHotKey
VkKeyScanA
WindowFromPoint
wsprintfW
CreateEnvironmentBlock
DestroyEnvironmentBlock
LoadUserProfileW
UnloadUserProfile
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
FtpGetFileSize
FtpOpenFileW
HttpOpenRequestW
HttpQueryInfoW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetCrackUrlW
InternetOpenUrlW
InternetOpenW
InternetReadFile
InternetSetOptionW
mciSendStringW
timeGetTime
waveOutSetVolume
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyname
gethostname
htons
inet_addr
inet_ntoa
listen
ntohs
recv
recvfrom
select
send
sendto
socket
WSACleanup
WSAGetLastError
WSAStartup

Screenshots

Loading content, please wait...

Hybrid Analysis

Tip: Click an analysed process below to view more details.

Analysed 26 processes in total.

  • 2.exe (PID: 2916) 48/66
    • cmd.exe /C AT /delete /yes (PID: 3308)
    • cmd.exe /C AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe (PID: 2384)
      • at.exe AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe (PID: 3320)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 3836)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2824)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2068)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 3296)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2856)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2876)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 3224)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 3468)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2808)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 3992)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2640)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2664)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2140)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 3728)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 3316)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 3528)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 3876)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2924)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2224)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2588)
    • rundll32.exe "%WINDIR%\system32\WININET.dll",DispatchAPICall 1 (PID: 2684)

Network Analysis

DNS Requests

Login to Download DNS Requests (CSV)
Domain Address Registrar Country
www.balu009.0catch.com
OSINT 		141.8.230.97
TTL: 11461 		FastDomain Inc.
Organization: HOSTING SOLUTIONS
Name Server: NS1.0CATCH.COM
Creation Date: Mon, 04 Dec 2000 00:00:00 GMT 		Flag of Switzerland Switzerland
www.balu008.0catch.com
OSINT 		141.8.230.97
TTL: 19051 		FastDomain Inc.
Organization: HOSTING SOLUTIONS
Name Server: NS1.0CATCH.COM
Creation Date: Mon, 04 Dec 2000 00:00:00 GMT 		Flag of Switzerland Switzerland
www.balu007.0catch.com
OSINT 		141.8.230.97
TTL: 4517 		FastDomain Inc.
Organization: HOSTING SOLUTIONS
Name Server: NS1.0CATCH.COM
Creation Date: Mon, 04 Dec 2000 00:00:00 GMT 		Flag of Switzerland Switzerland
www.balu006.0catch.com
OSINT 		141.8.230.97
TTL: 6184 		FastDomain Inc.
Organization: HOSTING SOLUTIONS
Name Server: NS1.0CATCH.COM
Creation Date: Mon, 04 Dec 2000 00:00:00 GMT 		Flag of Switzerland Switzerland
www.balu005.0catch.com
OSINT 		141.8.230.97
TTL: 17032 		FastDomain Inc.
Organization: HOSTING SOLUTIONS
Name Server: NS1.0CATCH.COM
Creation Date: Mon, 04 Dec 2000 00:00:00 GMT 		Flag of Switzerland Switzerland
www.balu004.0catch.com
OSINT 		141.8.230.97
TTL: 16940 		FastDomain Inc.
Organization: HOSTING SOLUTIONS
Name Server: NS1.0CATCH.COM
Creation Date: Mon, 04 Dec 2000 00:00:00 GMT 		Flag of Switzerland Switzerland
www.balu003.0catch.com
OSINT 		141.8.230.97
TTL: 8032 		FastDomain Inc.
Organization: HOSTING SOLUTIONS
Name Server: NS1.0CATCH.COM
Creation Date: Mon, 04 Dec 2000 00:00:00 GMT 		Flag of Switzerland Switzerland
www.balu002.0catch.com
OSINT 		141.8.230.97
TTL: 5788 		FastDomain Inc.
Organization: HOSTING SOLUTIONS
Name Server: NS1.0CATCH.COM
Creation Date: Mon, 04 Dec 2000 00:00:00 GMT 		Flag of Switzerland Switzerland
www.balu001.0catch.com
OSINT 		141.8.230.97
TTL: 6732 		FastDomain Inc.
Organization: HOSTING SOLUTIONS
Name Server: NS1.0CATCH.COM
Creation Date: Mon, 04 Dec 2000 00:00:00 GMT 		Flag of Switzerland Switzerland
www.balu000.0catch.com 141.8.230.97
TTL: 6990 		- Flag of Switzerland Switzerland
h1.ripway.com 199.59.242.150
TTL: 3148 		- Flag of United States United States

Contacted Hosts

Login to Download Contacted Hosts (CSV)
IP Address Port/Protocol Associated Process Details
199.59.242.150
80
TCP 		2.exe
PID: 2916		 Flag of United States United States
141.8.230.97
80
TCP 		2.exe
PID: 2916		 Flag of Switzerland Switzerland

Contacted Countries

HTTP Traffic

Endpoint Request URL
199.59.242.150:80 (h1.ripway.com) GET /asdb000/setting.ini
141.8.230.97:80 (www.balu000.0catch.com) GET /set/setting.ini
199.59.242.150:80 (h1.ripway.com) GET /asdb002/setting.ini
141.8.230.97:80 (www.balu001.0catch.com) GET /set/setting.ini
199.59.242.150:80 (h1.ripway.com) GET /asdb004/setting.ini
141.8.230.97:80 (www.balu002.0catch.com) GET /set/setting.ini
199.59.242.150:80 (h1.ripway.com) GET /asdb006/setting.ini
141.8.230.97:80 (www.balu003.0catch.com) GET /set/setting.ini
199.59.242.150:80 (h1.ripway.com) GET /asdb008/setting.ini
141.8.230.97:80 (www.balu004.0catch.com) GET /set/setting.ini
199.59.242.150:80 (h1.ripway.com) GET /asdb010/setting.ini
141.8.230.97:80 (www.balu005.0catch.com) GET /set/setting.ini
199.59.242.150:80 (h1.ripway.com) GET /asdb012/setting.ini
141.8.230.97:80 (www.balu006.0catch.com) GET /set/setting.ini
199.59.242.150:80 (h1.ripway.com) GET /asdb014/setting.ini
141.8.230.97:80 (www.balu007.0catch.com) GET /set/setting.ini
199.59.242.150:80 (h1.ripway.com) GET /asdb016/setting.ini
141.8.230.97:80 (www.balu008.0catch.com) GET /set/setting.ini
199.59.242.150:80 (h1.ripway.com) GET /asdb018/setting.ini
141.8.230.97:80 (www.balu009.0catch.com) GET /set/setting.ini
199.59.242.150:80 (h1.ripway.com) GET /asdb020/setting.ini

Memory Forensics

String Context Stream UID
autoitscript.com Domain/IP reference 29106-71-0040E940

Suricata Alerts

Event Category Description SID
199.59.242.150:80 (TCP) Potential Corporate Privacy Violation ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile 2008350
199.59.242.150:80 (TCP) A Network Trojan was detected ET TROJAN Possible Worm W32.Svich or Other Infection Request for setting.ini 2012198
199.59.242.150:80 (TCP) Potential Corporate Privacy Violation ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile 2008350
199.59.242.150:80 (TCP) Hidden Category Additional ETPro rules are available in the private webservice or standalone version Hidden SID
199.59.242.150:80 (TCP) A Network Trojan was detected ET TROJAN Possible Worm W32.Svich or Other Infection Request for setting.ini 2012198
199.59.242.150:80 (TCP) Potential Corporate Privacy Violation ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile 2008350
199.59.242.150:80 (TCP) Hidden Category Additional ETPro rules are available in the private webservice or standalone version Hidden SID
199.59.242.150:80 (TCP) A Network Trojan was detected ET TROJAN Possible Worm W32.Svich or Other Infection Request for setting.ini 2012198
199.59.242.150:80 (TCP) Hidden Category Additional ETPro rules are available in the private webservice or standalone version Hidden SID
199.59.242.150:80 (TCP) Potential Corporate Privacy Violation ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile 2008350
199.59.242.150:80 (TCP) A Network Trojan was detected ET TROJAN Possible Worm W32.Svich or Other Infection Request for setting.ini 2012198
199.59.242.150:80 (TCP) Potential Corporate Privacy Violation ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile 2008350
199.59.242.150:80 (TCP) Hidden Category Additional ETPro rules are available in the private webservice or standalone version Hidden SID
199.59.242.150:80 (TCP) A Network Trojan was detected ET TROJAN Possible Worm W32.Svich or Other Infection Request for setting.ini 2012198
199.59.242.150:80 (TCP) Potential Corporate Privacy Violation ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile 2008350
199.59.242.150:80 (TCP) Hidden Category Additional ETPro rules are available in the private webservice or standalone version Hidden SID
199.59.242.150:80 (TCP) Potential Corporate Privacy Violation ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile 2008350
199.59.242.150:80 (TCP) Potential Corporate Privacy Violation ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile 2008350
199.59.242.150:80 (TCP) Potential Corporate Privacy Violation ET POLICY Autoit Windows Automation tool User-Agent in HTTP Request - Possibly Hostile 2008350
199.59.242.150:80 (TCP) A Network Trojan was detected ET TROJAN Possible Worm W32.Svich or Other Infection Request for setting.ini 2012198
ET rules applied using Suricata. ETPro rule matches (33 total) are hidden and available in the private webservice or standalone version.

Extracted Strings

All Details:
Download All Memory Strings (17KiB)
! 6J[[Lj=
Ansi based on Memory/File Scan (2.exe.bin)
!""""""##$%&'())))))**+,-./FFFFFFFF001234566678789:;<=;<=FFF>?@ABCD
Ansi based on Memory/File Scan (2.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan (2.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
Ansi based on Memory/File Scan (2.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan (2.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
Ansi based on Memory/File Scan (2.exe.bin)
!This program cannot be run in DOS mode.$
Ansi based on Memory/File Scan (2.exe.bin)
"%WINDIR%\system32\WININET.dll",DispatchAPICall 1
Ansi based on Process Commandline (rundll3<Input Sample>)
"' 6Hx)
Ansi based on Memory/File Scan (2.exe.bin)
"'/5H[DPY
Ansi based on Memory/File Scan (2.exe.bin)
"1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity type="win32" processorArchitecture="*" version="1.0.0.0" name="Windows"/><description>Windows</description> Identify the application security requirements. --><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges><requestedExecutionLevellevel="asInvoker"uiAccess="false"/></requestedPrivileges></security></trustInfo> Identify the application dependencies. --><dependency><dependentAssembly><assemblyIdentitytype="win32"name="Microsoft.Windows.Common-Controls"version="6.0.0.0"language="*"processorArchitecture="*"publicKeyToken="6595b64144ccf1df"/></dependentAssembly></dependency></assembly>
Ansi based on Memory/File Scan (2.exe.bin)
#comments-end
Unicode based on Memory/File Scan (2.exe.bin)
#comments-start
Unicode based on Memory/File Scan (2.exe.bin)
#include
Unicode based on Hybrid Analysis (2.exe.bin)
#include depth exceeded. Make sure there are no recursive includes
Unicode based on Memory/File Scan (2.exe.bin)
#include-once
Unicode based on Memory/File Scan (2.exe.bin)
#notrayicon
Unicode based on Memory/File Scan (2.exe.bin)
#requireadmin
Unicode based on Memory/File Scan (2.exe.bin)
#z A D W(kk
Ansi based on Memory/File Scan (2.exe.bin)
$Id: qmath.h,v 1.1 2004/01/15 19:50:35 jonbennett Exp $
Ansi based on Memory/File Scan (2.exe.bin)
%4d%02d%02d%02d%02d%02d
Unicode based on Memory/File Scan (2.exe.bin)
%d/%02d/%02d
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s.: %s %s
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s:
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s: %s %s
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s:%s%s
Unicode based on Memory/File Scan (2.exe.bin)
%u.%u.%u.%u
Unicode based on Memory/File Scan (2.exe.bin)
%USERPROFILE%\Desktop\system3_.exe
Unicode based on Runtime Data (2.exe )
%WINDIR%\system32\apphelp.dll
Unicode based on Runtime Data (2.exe )
%windir%\tracing
Unicode based on Runtime Data (2.exe )
'ie8')$IE=8;else if(Sp.className==='ie9')$IE=9;function aAq($callback){aAt++;aAu=RC.innerWidth||DY.documentElement.clientWidth||Sp.clientWidth;aAs=RC.innerHeight||DY.documentElement.clientHeight||Sp.clientHeight;if(aAu>0||aAt>=5){$callback();}else{setTimeout(aAq,100);}}var $num_requirements=2;function $requirementMet(){$num_requirements--;if($num_requirements===0)aAv();}aAq($requirementMet);g_pc.$onReady($requirementMet);function aAv(){var ef=undefined,IQ=encodeURIComponent,aAo;if(aAw!=azu&&g_pd.r_s===ef)aAw.href=azu.href;aAo=DY.createElement('script');aAo.type='text/javascript';aAo.src='/glp'+'?r='+(g_pd.r!==ef?g_pd.r:(DY.referrer?IQ(DY.referrer.substr(0,255)):''))+(g_pd.r_u?'&u='+g_pd.r_u:'&u='+IQ(azu.href.split('?')[0]))+(g_pd.gc?'&gc='+g_pd.gc:'')+(g_pd.cid?'&cid='+g_pd.cid:'')+(g_pd.query?'&sq='+g_pd.query:'')+(g_pd.search?'&ss=1':'')+(g_pd.a!==ef?'&a':'')+(g_pd.z!==ef?'&z':'')+(g_pd.z_ds!==ef?'&z_ds':'')+(g_pd.r_s!==ef?'&r_s='+g_pd.r_s:'')+(g_pd.r_d!==ef?'&r_d='+g_pd.r_d:'')+'&rw='+aAj.width+'&rh='+aAj.height+(g_pd.r_ww!==ef?'&ww='+g_pd.r_ww:'&ww='+aAu)+(g_pd.r_wh!==ef?'&wh='+g_pd.r_wh:'&wh='+aAs)+(g_pc.$isWhitelisted()?'&abp=1':'')+($IE!==null?'&ie='+$IE:'')+(g_pd.partner!==ef?'&partner='+g_pd.partner:'')+(g_pd.subid1!==ef?'&subid1='+g_pd.subid1:'')+(g_pd.subid2!==ef?'&subid2='+g_pd.subid2:'')+(g_pd.subid3!==ef?'&subid3='+g_pd.subid3:'');Sp.appendChild(aAo);}})();</script></body></html>
Ansi based on PCAP Processing (network.pcap)
((((( H
Unicode based on Memory/File Scan (2.exe.bin)
(*VERB) not recognized
Ansi based on Memory/File Scan (2.exe.bin)
(*VERB) with an argument is not supported
Ansi based on Memory/File Scan (2.exe.bin)
(?R or (?[+-]digits must be followed by )
Ansi based on Memory/File Scan (2.exe.bin)
(Paused)
Unicode based on Memory/File Scan (2.exe.bin)
) : ==> %s: %s %s
Unicode based on Memory/File Scan (2.exe.bin)
*.au3;*.a3x
Unicode based on Memory/File Scan (2.exe.bin)
*Unable to get a list of running processes.*Missing separator character after keyword.
Unicode based on Memory/File Scan (2.exe.bin)
+L$Lf+Ntf
Ansi based on Memory/File Scan (2.exe.bin)
+t$(;t$,s
Ansi based on Memory/File Scan (2.exe.bin)
,_,___
Ansi based on Image Processing (screen_0.png)
-----
Unicode based on Hybrid Analysis (2.exe.bin)
.00.2900.2180
Unicode based on Memory/File Scan (2.exe.bin)
.2180 (xpsp_sp2_rtm.040803-2158)
Unicode based on Memory/File Scan (2.exe.bin)
.: %s %s
Unicode based on Memory/File Scan (2.exe.bin)
.?AVbad_alloc@std@@
Ansi based on Memory/File Scan (2.exe.bin)
.?AVexception@std@@
Ansi based on Memory/File Scan (2.exe.bin)
.?AVtype_info@@
Ansi based on Memory/File Scan (2.exe.bin)
.data
Ansi based on Memory/File Scan (2.exe.bin)
.rsrc
Ansi based on Memory/File Scan (2.exe.bin)
.text
Ansi based on Memory/File Scan (2.exe.bin)
/asdb000/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb002/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb004/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb006/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb008/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb010/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb012/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb014/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb016/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb018/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb020/setting.ini
Ansi based on PCAP Processing (PCAP)
/AutoIt3ExecuteLine
Unicode based on Memory/File Scan (2.exe.bin)
/AutoIt3ExecuteScript
Unicode based on Memory/File Scan (2.exe.bin)
/AutoIt3OutputDebug
Unicode based on Memory/File Scan (2.exe.bin)
/C AT /delete /yes
Ansi based on Process Commandline (cmd.exe)
/C AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe
Ansi based on Process Commandline (cmd.exe)
/ErrorStdOut
Unicode based on Memory/File Scan (2.exe.bin)
/set/setting.ini
Ansi based on PCAP Processing (PCAP)
0.0.0.0
Unicode based on Hybrid Analysis (2.exe.bin)
00000409
Unicode based on Runtime Data (2.exe )
0123456789ABCDEF
Unicode based on Memory/File Scan (2.exe.bin)
04090000
Unicode based on Hybrid Analysis (2.exe.bin)
0?{{{{{{{{{{{{{{{{{{{{{{0?
Ansi based on Memory/File Scan (2.exe.bin)
1#IND
Ansi based on Hybrid Analysis (2.exe.bin)
1#INF
Ansi based on Hybrid Analysis (2.exe.bin)
1#QNAN
Ansi based on Hybrid Analysis (2.exe.bin)
1#SNAN
Ansi based on Hybrid Analysis (2.exe.bin)
102652EC
Unicode based on Runtime Data (2.exe )
1111111(o
Ansi based on Memory/File Scan (2.exe.bin)
2((((((((((((((((((((((((((
Ansi based on Memory/File Scan (2.exe.bin)
2.exe
Unicode based on Runtime Data (2.exe )
3, 3, 0, 0
Unicode based on Memory/File Scan (2.exe.bin)
33$?m[
Ansi based on Memory/File Scan (2.exe.bin)
3333333330
Ansi based on Memory/File Scan (2.exe.bin)
33333333333333
Ansi based on Memory/File Scan (2.exe.bin)
333333333333330
Ansi based on Memory/File Scan (2.exe.bin)
333333333333333
Ansi based on Memory/File Scan (2.exe.bin)
333333333333333333333333333333333333333333333333333333333333333333333
Ansi based on Memory/File Scan (2.exe.bin)
44444
Ansi based on Memory/File Scan (2.exe.bin)
4444444
Ansi based on Memory/File Scan (2.exe.bin)
444444444
Ansi based on Memory/File Scan (2.exe.bin)
4444444444444444444444444444444444444444444444444444444444444444
Ansi based on Memory/File Scan (2.exe.bin)
444444444444444444444444444444444444444444444444444444444444444444
Ansi based on Memory/File Scan (2.exe.bin)
444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444
Ansi based on Memory/File Scan (2.exe.bin)
444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444
Ansi based on Memory/File Scan (2.exe.bin)
555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555
Ansi based on Memory/File Scan (2.exe.bin)
6.00.2900.2180
Unicode based on Memory/File Scan (2.exe.bin)
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Unicode based on Memory/File Scan (2.exe.bin)
733333333333333333333330?
Ansi based on Memory/File Scan (2.exe.bin)
7lllll
Ansi based on Memory/File Scan (2.exe.bin)
9D$<t9D$@
Ansi based on Memory/File Scan (2.exe.bin)
9} tL9}$uB9}(uB3
Ansi based on Memory/File Scan (2.exe.bin)
: ==> %s:%s%s
Unicode based on Memory/File Scan (2.exe.bin)
;D$$|};D$,
Ansi based on Memory/File Scan (2.exe.bin)
<+t(<-t$:
Ansi based on Memory/File Scan (2.exe.bin)
<.pbk
Unicode based on Runtime Data (2.exe )
<<<<<<<<<<<<<<<<<<<<<<<<<<u9l
Ansi based on Memory/File Scan (2.exe.bin)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity type="win32" processorArchitecture="*" version="1.0.0.0" name="Windows"/><description>Windows</description> Identify the application security requirements. --><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges><requestedExecutionLevellevel="asInvoker"uiAccess="false"/></requestedPrivileges></security></trustInfo> Identify the application dependencies. --><dependency><dependentAssembly><assemblyIdentitytype="win32"name="Microsoft.Windows.Common-Controls"version="6.0.0.0"language="*"processorArchitecture="*"publicKeyToken="6595b64144ccf1df"/></dependentAssembly></dependency></assembly>
Ansi based on Memory/File Scan (2.exe.bin)
<local>
Unicode based on Hybrid Analysis (2.exe.bin)
<program name unknown>
Ansi based on Memory/File Scan (2.exe.bin)
>>>AUTOIT SCRIPT<<<
Unicode based on Memory/File Scan (2.exe.bin)
>wP-trc=AU
Ansi based on Memory/File Scan (2.exe.bin)
??????????????????????????????????????????????????????????????????????????????????????????
Ansi based on Memory/File Scan (2.exe.bin)
?{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
?{{{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
?{{{{{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
@COM_EVENTOBJ
Unicode based on Memory/File Scan (2.exe.bin)
@EXITCODE
Unicode based on Memory/File Scan (2.exe.bin)
@EXITMETHOD
Unicode based on Memory/File Scan (2.exe.bin)
@GUI_CTRLHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
@GUI_CTRLID
Unicode based on Memory/File Scan (2.exe.bin)
@GUI_DRAGFILE
Unicode based on Memory/File Scan (2.exe.bin)
@GUI_DRAGID
Unicode based on Hybrid Analysis (2.exe.bin)
@GUI_DROPID
Unicode based on Memory/File Scan (2.exe.bin)
@GUI_WINHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
@TRAY_ID
Unicode based on Hybrid Analysis (2.exe.bin)
[[[[[[
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[[[
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[[[[
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[[[[7
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[jxzW
Ansi based on Memory/File Scan (2.exe.bin)
[[^[^[^[[]^[^[[[[[[[[[^^[[[[^^[[[[[^^[[[^^[[[[[[[^]^[[[[^[[^^[[[^ZZ[[^[[[^^^^[[ZZ[[][[[[^-
Ansi based on Memory/File Scan (2.exe.bin)
[ACTIVE
Unicode based on Hybrid Analysis (2.exe.bin)
[Autorun]Open=system3_.exe
Ansi based on Runtime Data (2.exe )
[c*(((((((((((((((((wl
Ansi based on Memory/File Scan (2.exe.bin)
[CLASS:
Unicode based on Hybrid Analysis (2.exe.bin)
[fPFMlllll
Ansi based on Memory/File Scan (2.exe.bin)
[f}tttttttttt
Ansi based on Memory/File Scan (2.exe.bin)
[HANDLE:
Unicode based on Hybrid Analysis (2.exe.bin)
[i)<<<<<<<<<<<<<<:nK_l
Ansi based on Memory/File Scan (2.exe.bin)
[i>wTTTTTTTTwpN
Ansi based on Memory/File Scan (2.exe.bin)
[i}<<<<<<<<<<<<<<<<<wl
Ansi based on Memory/File Scan (2.exe.bin)
[LAST
Unicode based on Hybrid Analysis (2.exe.bin)
[o$(111111111((#
Ansi based on Memory/File Scan (2.exe.bin)
[o2T<<<<<<<11<t9Ll
Ansi based on Memory/File Scan (2.exe.bin)
[o>wSSTTTw:nLglll
Ansi based on Memory/File Scan (2.exe.bin)
[q~b[Fllll
Ansi based on Memory/File Scan (2.exe.bin)
[REGEXPTITLE:
Unicode based on Memory/File Scan (2.exe.bin)
[ZoneTransfer]ZoneId=1
Ansi based on Runtime Data (2.exe )
\ at end of pattern
Ansi based on Memory/File Scan (2.exe.bin)
\??\%s
Unicode based on Hybrid Analysis (2.exe.bin)
\c at end of pattern
Ansi based on Memory/File Scan (2.exe.bin)
\C not allowed in lookbehind assertion
Ansi based on Memory/File Scan (2.exe.bin)
\CLSID
Unicode based on Hybrid Analysis (2.exe.bin)
\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number
Ansi based on Memory/File Scan (2.exe.bin)
\IPC$
Unicode based on Hybrid Analysis (2.exe.bin)
\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Unicode based on Memory/File Scan (2.exe.bin)
\RPC Control\console-0x00000900-lpc-handle
Unicode based on Runtime Data (at.exe )
\RPC Control\console-0x00000960-lpc-handle
Unicode based on Runtime Data (at.exe )
\Sessions\1\Windows\ApiPort
Unicode based on Runtime Data (2.exe )
\ThemeApiPort
Unicode based on Runtime Data (2.exe )
\TypeLib
Unicode based on Hybrid Analysis (2.exe.bin)
\VarFileInfo\Translation
Unicode based on Memory/File Scan (2.exe.bin)
] is an invalid data character in JavaScript compatibility mode
Ansi based on Memory/File Scan (2.exe.bin)
^ ERROR
Unicode based on Hybrid Analysis (2.exe.bin)
^_^\^_\^[__^^_^^__^^^^___^__^\_\\_^^^^\^^_[__^^__^_^__^^\[^^_^_^^_^\_^_^^\^\^[^[[__^\^^^\-
Ansi based on Memory/File Scan (2.exe.bin)
_?m?J?__?_q___?????v_,?_?_???__,_____??_J_m____L___
Ansi based on Image Processing (screen_0.png)
__Ah|yABLyR5|D|5
Ansi based on Image Processing (screen_0.png)
__based(
Ansi based on Memory/File Scan (2.exe.bin)
__cdecl
Ansi based on Memory/File Scan (2.exe.bin)
__clrcall
Ansi based on Memory/File Scan (2.exe.bin)
__fastcall
Ansi based on Memory/File Scan (2.exe.bin)
__pascal
Ansi based on Memory/File Scan (2.exe.bin)
__ptr64
Ansi based on Memory/File Scan (2.exe.bin)
__restrict
Ansi based on Memory/File Scan (2.exe.bin)
__stdcall
Ansi based on Memory/File Scan (2.exe.bin)
__thiscall
Ansi based on Memory/File Scan (2.exe.bin)
__unaligned
Ansi based on Memory/File Scan (2.exe.bin)
_CTRLID
Unicode based on Memory/File Scan (2.exe.bin)
_ENABLE
Unicode based on Memory/File Scan (2.exe.bin)
_glllll
Ansi based on Memory/File Scan (2.exe.bin)
_LOCK
Unicode based on Memory/File Scan (2.exe.bin)
_MINIMIZE
Unicode based on Memory/File Scan (2.exe.bin)
_NewEnum
Unicode based on Hybrid Analysis (2.exe.bin)
_nextafter
Ansi based on Memory/File Scan (2.exe.bin)
_USER
Unicode based on Memory/File Scan (2.exe.bin)
`.rdata
Ansi based on Memory/File Scan (2.exe.bin)
`\??\Volume{8177f4e4-b53f-11e4-a9c2-806e6f6e6963}
Unicode based on Runtime Data (2.exe )
`\??\Volume{8177f4e5-b53f-11e4-a9c2-806e6f6e6963}
Unicode based on Runtime Data (2.exe )
`copy constructor closure'
Ansi based on Memory/File Scan (2.exe.bin)
`default constructor closure'
Ansi based on Memory/File Scan (2.exe.bin)
`dynamic atexit destructor for '
Ansi based on Memory/File Scan (2.exe.bin)
`dynamic initializer for '
Ansi based on Memory/File Scan (2.exe.bin)
`eh vector constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`eh vector copy constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`eh vector destructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`eh vector vbase constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`eh vector vbase copy constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`local static guard'
Ansi based on Memory/File Scan (2.exe.bin)
`local static thread guard'
Ansi based on Memory/File Scan (2.exe.bin)
`local vftable constructor closure'
Ansi based on Memory/File Scan (2.exe.bin)
`local vftable'
Ansi based on Memory/File Scan (2.exe.bin)
`managed vector constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`managed vector copy constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`managed vector destructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`omni callsig'
Ansi based on Memory/File Scan (2.exe.bin)
`placement delete closure'
Ansi based on Memory/File Scan (2.exe.bin)
`placement delete[] closure'
Ansi based on Memory/File Scan (2.exe.bin)
`RTTI
Ansi based on Memory/File Scan (2.exe.bin)
`scalar deleting destructor'
Ansi based on Memory/File Scan (2.exe.bin)
`string'
Ansi based on Memory/File Scan (2.exe.bin)
`typeof'
Ansi based on Memory/File Scan (2.exe.bin)
`udt returning'
Ansi based on Memory/File Scan (2.exe.bin)
`vbase destructor'
Ansi based on Memory/File Scan (2.exe.bin)
`vbtable'
Ansi based on Memory/File Scan (2.exe.bin)
`vcall'
Ansi based on Memory/File Scan (2.exe.bin)
`vector constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`vector copy constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`vector deleting destructor'
Ansi based on Memory/File Scan (2.exe.bin)
`vector destructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`vector vbase constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`vector vbase copy constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`vftable'
Ansi based on Memory/File Scan (2.exe.bin)
`virtual displacement map'
Ansi based on Memory/File Scan (2.exe.bin)
a numbered reference must not be zero
Ansi based on Memory/File Scan (2.exe.bin)
A66E19E6
Unicode based on Runtime Data (rundll32.exe )
A><<<<<<<<<<<<<<<<<<<<<<<<<<
Ansi based on Memory/File Scan (2.exe.bin)
aAeEiIoOuUyYnN
Ansi based on Memory/File Scan (2.exe.bin)
abbbbbbbababbabebababbbbbbbbbbbbbbbbbabaaababbabbbbbbaabbabbaabbabbdbabbbaaabbabbabababbb.
Ansi based on Memory/File Scan (2.exe.bin)
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ansi based on Memory/File Scan (2.exe.bin)
abcdefghijklmnopqrstuvwxyz
Ansi based on Memory/File Scan (2.exe.bin)
abort
Unicode based on Memory/File Scan (2.exe.bin)
ACCEPT
Ansi based on Memory/File Scan (2.exe.bin)
ACTIVE
Unicode based on Hybrid Analysis (2.exe.bin)
AddAce
Ansi based on Memory/File Scan (2.exe.bin)
AddressFamily
Unicode based on Runtime Data (2.exe )
ADDSTRING
Unicode based on Memory/File Scan (2.exe.bin)
AdjustTokenPrivileges
Ansi based on Memory/File Scan (2.exe.bin)
AdjustWindowRectEx
Ansi based on Memory/File Scan (2.exe.bin)
ADLIBDISABLE
Unicode based on Memory/File Scan (2.exe.bin)
ADLIBENABLE
Unicode based on Memory/File Scan (2.exe.bin)
admin
Unicode based on Memory/File Scan (2.exe.bin)
ADVAPI32.dll
Ansi based on Memory/File Scan (2.exe.bin)
alias PlayMe
Unicode based on Memory/File Scan (2.exe.bin)
align
Unicode based on Hybrid Analysis (2.exe.bin)
All files (*.*)
Unicode based on Memory/File Scan (2.exe.bin)
ALLBACKREGISTER
Unicode based on Memory/File Scan (2.exe.bin)
alnum
Ansi based on Memory/File Scan (2.exe.bin)
alpha
Ansi based on Hybrid Analysis (2.exe.bin)
ALTDOWN
Ansi based on Memory/File Scan (2.exe.bin)
ALTUP
Ansi based on Memory/File Scan (2.exe.bin)
AlwaysDrainOnRedirect
Unicode based on Runtime Data (2.exe )
ANDLE:
Unicode based on Memory/File Scan (2.exe.bin)
AngleArc
Ansi based on Memory/File Scan (2.exe.bin)
ANYCRLF)
Ansi based on Hybrid Analysis (2.exe.bin)
AppData
Unicode based on Hybrid Analysis (2.exe.bin)
APPDATACOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
APPDATADIR
Unicode based on Memory/File Scan (2.exe.bin)
APPSKEY
Ansi based on Memory/File Scan (2.exe.bin)
April
Ansi based on Memory/File Scan (2.exe.bin)
Arabic
Ansi based on Memory/File Scan (2.exe.bin)
Armenian
Ansi based on Memory/File Scan (2.exe.bin)
Array maximum size exceeded.+"Func" statement has no matching "EndFunc".
Unicode based on Memory/File Scan (2.exe.bin)
arse #include
Unicode based on Memory/File Scan (2.exe.bin)
ASC 0%d
Ansi based on Hybrid Analysis (2.exe.bin)
ascii
Ansi based on Memory/File Scan (2.exe.bin)
Assert Failed!
Unicode based on Memory/File Scan (2.exe.bin)
assertion expected after (?(
Ansi based on Memory/File Scan (2.exe.bin)
ASSIGN
Unicode based on Hybrid Analysis (2.exe.bin)
AssignPrimaryTokenPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
AT /delete /yes
Ansi based on Process Commandline (at.exe)
AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe
Ansi based on Process Commandline (at.exe)
ATEBUTTON
Unicode based on Memory/File Scan (2.exe.bin)
ATETAB
Unicode based on Memory/File Scan (2.exe.bin)
ateTimePick32
Unicode based on Memory/File Scan (2.exe.bin)
AttachThreadInput
Ansi based on Memory/File Scan (2.exe.bin)
AtTaskMaxHours
Unicode based on Runtime Data (2.exe )
Attributes
Unicode based on Runtime Data (2.exe )
AU3_FreeVar
Ansi based on Memory/File Scan (2.exe.bin)
AU3_GetPluginDetails
Ansi based on Memory/File Scan (2.exe.bin)
August
Ansi based on Memory/File Scan (2.exe.bin)
AuthenticodeEnabled
Unicode based on Runtime Data (2.exe )
AutoConfigCustomUA
Unicode based on Runtime Data (2.exe )
AutoConfigURL
Unicode based on Runtime Data (2.exe )
AutoDetect
Unicode based on Runtime Data (2.exe )
AutodialDLL
Unicode based on Runtime Data (2.exe )
AutoIt
Ansi based on PCAP Processing (PCAP)
AutoIt Error
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt has detected the stack has become corrupt.Stack corruption typically occurs when either the wrong calling convention is used or when the function is called with the wrong number of arguments.AutoIt supports the __stdcall (WINAPI) and __cdecl calling conventions. The __stdcall (WINAPI) convention is used by default but __cdecl can be used instead. See the DllCall() documentation for details on changing the calling convention.
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt Input Box
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt script files (*.au3, *.a3x)
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt v3
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt v3 GUI
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt.Error
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt3GUI
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITCALLVARIABLE%d
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITEXE
Unicode based on Memory/File Scan (2.exe.bin)
AutoItExit'S
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITPID
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITSETOPTION
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITUNICODE
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITVERSION
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITWINGETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITWINSETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITX64
Unicode based on Memory/File Scan (2.exe.bin)
AutoProxyDetectType
Unicode based on Runtime Data (2.exe )
autorun.ini
Unicode based on Runtime Data (2.exe )
AYITEMDELETE
Unicode based on Memory/File Scan (2.exe.bin)
AYSETPAUSEICON
Unicode based on Memory/File Scan (2.exe.bin)
ba_`__aa_____aaaab__a_aa``ab__a__a___b__a____`___a__a______a_a_b_a__a__`_aa`a__aa_abaa``a.
Ansi based on Memory/File Scan (2.exe.bin)
BACKSPACE
Ansi based on Memory/File Scan (2.exe.bin)
bad allocation
Ansi based on Memory/File Scan (2.exe.bin)
Badly formated Enum statement!Badly formated variable or macro.3This keyword cannot be used after a "Then" keyword.>"Select" statement is missing "EndSelect" or "Case" statement.+"If" statements must have a "Then" keyword. Badly formated Struct statement."Cannot assign values to constants..Cannot make existing variables into constants.9Only Object-type variables allowed in a "With" statement.v"long_ptr", "int_ptr" and "short_ptr" DllCall() types have been deprecated. Use "long*", "int*" and "short*" instead.-Object referenced outside a "With" statement.)Nested "With" statements are not allowed."Variable must be of type "Object".1The requested action with this object has failed.8Variable appears more than once in function declaration.2ReDim array can not be initialized in this manner.1An array variable can not be used in this manner.
Unicode based on Memory/File Scan (2.exe.bin)
BadProxyExpiresTime
Unicode based on Runtime Data (2.exe )
Balinese
Ansi based on Memory/File Scan (2.exe.bin)
BARGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
Base Class Array'
Ansi based on Memory/File Scan (2.exe.bin)
Base Class Descriptor at (
Ansi based on Memory/File Scan (2.exe.bin)
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB6
Ansi based on Memory/File Scan (2.exe.bin)
BeginPaint
Ansi based on Memory/File Scan (2.exe.bin)
BeginPath
Ansi based on Memory/File Scan (2.exe.bin)
Bengali
Ansi based on Memory/File Scan (2.exe.bin)
BINARY
Unicode based on Hybrid Analysis (2.exe.bin)
BINARYLEN
Unicode based on Memory/File Scan (2.exe.bin)
BINARYMID
Unicode based on Memory/File Scan (2.exe.bin)
BINARYTOSTRING
Unicode based on Memory/File Scan (2.exe.bin)
BITAND
Unicode based on Hybrid Analysis (2.exe.bin)
BitBlt
Ansi based on Memory/File Scan (2.exe.bin)
BITNOT
Unicode based on Hybrid Analysis (2.exe.bin)
BITOR
Unicode based on Hybrid Analysis (2.exe.bin)
BITROTATE
Unicode based on Memory/File Scan (2.exe.bin)
BITSHIFT
Unicode based on Hybrid Analysis (2.exe.bin)
BITXOR
Unicode based on Hybrid Analysis (2.exe.bin)
blank
Unicode based on Hybrid Analysis (2.exe.bin)
BLOCKINPUT
Unicode based on Memory/File Scan (2.exe.bin)
BlockInput
Ansi based on Memory/File Scan (2.exe.bin)
Bopomofo
Ansi based on Memory/File Scan (2.exe.bin)
Braille
Ansi based on Memory/File Scan (2.exe.bin)
BREAK
Unicode based on Hybrid Analysis (2.exe.bin)
BROWSER_BACK
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_FAVORTIES
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_FORWARD
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_HOME
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_REFRESH
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_SEARCH
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_STOP
Ansi based on Memory/File Scan (2.exe.bin)
BSR_ANYCRLF)
Ansi based on Memory/File Scan (2.exe.bin)
BSR_UNICODE)
Ansi based on Memory/File Scan (2.exe.bin)
BTrDGTriGTr
Ansi based on Memory/File Scan (2.exe , 00007995-00002916.00000001.11491.0047D000.00000004.mdmp)
Buginese
Ansi based on Memory/File Scan (2.exe.bin)
Buhid
Ansi based on Memory/File Scan (2.exe.bin)
button
Unicode based on Hybrid Analysis (2.exe.bin)
BUTTON
Unicode based on Hybrid Analysis (2.exe.bin)
BypassHTTPNoCacheCheck
Unicode based on Runtime Data (2.exe )
BypassSSLNoCacheCheck
Unicode based on Runtime Data (2.exe )
BYREF
Unicode based on Memory/File Scan (2.exe.bin)
C:\2.exe
Unicode based on Hybrid Analysis (2.exe , 00007995-00002916.00000001.11491.00401000.00000020.mdmp)
Cache
Unicode based on Runtime Data (2.exe )
CacheLimit
Unicode based on Runtime Data (2.exe )
CacheMode
Unicode based on Runtime Data (2.exe )
CacheOptions
Unicode based on Runtime Data (2.exe )
CachePath
Unicode based on Runtime Data (2.exe )
CachePrefix
Unicode based on Runtime Data (2.exe )
CacheRepair
Unicode based on Runtime Data (2.exe )
CALLARGARRAY
Unicode based on Memory/File Scan (2.exe.bin)
CallForAttributes
Unicode based on Runtime Data (2.exe )
Can not redeclare a constant.5Can not redeclare a parameter inside a user function.HCan pass constants by reference only to parameters with "Const" keyword.*Can not initialize a variable with itself.$Incorrect way to use this parameter.:"EndSwitch" statement with no matching "Switch" statement.>"Switch" statement is missing "EndSwitch" or "Case" statement.H"ContinueCase" statement with no matching "Select"or "Switch" statement.
Unicode based on Memory/File Scan (2.exe.bin)
Can't install a new Errorhandler when one is still active.
Unicode based on Memory/File Scan (2.exe.bin)
Canadian_Aboriginal
Ansi based on Memory/File Scan (2.exe.bin)
Cancel
Unicode based on Memory/File Scan (2.exe.bin)
Cannot parse #include
Unicode based on Memory/File Scan (2.exe.bin)
Capabilities
Unicode based on Runtime Data (at.exe )
CAPSLOCK
Ansi based on Memory/File Scan (2.exe.bin)
CaretCoordMode
Unicode based on Memory/File Scan (2.exe.bin)
Carian
Ansi based on Memory/File Scan (2.exe.bin)
Category
Unicode based on Runtime Data (2.exe )
CCEPT
Unicode based on Memory/File Scan (2.exe.bin)
cd wait
Unicode based on Memory/File Scan (2.exe.bin)
cdecl
Unicode based on Hybrid Analysis (2.exe.bin)
cdrom
Unicode based on Hybrid Analysis (2.exe.bin)
CDROM
Unicode based on Hybrid Analysis (2.exe.bin)
CDTRAY
Unicode based on Hybrid Analysis (2.exe.bin)
CEILING
Unicode based on Hybrid Analysis (2.exe.bin)
CEIPEnable
Unicode based on Runtime Data (2.exe )
CertCacheNoValidate
Unicode based on Runtime Data (2.exe )
CertificateRevocation
Unicode based on Runtime Data (2.exe )
character value in \x{...} sequence is too large
Ansi based on Memory/File Scan (2.exe.bin)
CharLowerBuffW
Ansi based on Memory/File Scan (2.exe.bin)
CharNextW
Ansi based on Memory/File Scan (2.exe.bin)
CharUpperBuffW
Ansi based on Memory/File Scan (2.exe.bin)
CharUpperW
Ansi based on Memory/File Scan (2.exe.bin)
CHECK
Unicode based on Hybrid Analysis (2.exe.bin)
CheckMenuRadioItem
Ansi based on Memory/File Scan (2.exe.bin)
CheckSignatureDll
Unicode based on Runtime Data (at.exe )
CheckSignatureRoutine
Unicode based on Runtime Data (at.exe )
Cherokee
Ansi based on Memory/File Scan (2.exe.bin)
ckMode
Unicode based on Memory/File Scan (2.exe.bin)
Class
Unicode based on Runtime Data (2.exe )
CLASS
Unicode based on Hybrid Analysis (2.exe.bin)
Class Hierarchy Descriptor'
Ansi based on Memory/File Scan (2.exe.bin)
CLASSNAME=
Unicode based on Memory/File Scan (2.exe.bin)
CLASSNN
Unicode based on Hybrid Analysis (2.exe.bin)
CLEAR
Unicode based on Memory/File Scan (2.exe.bin)
ClientAuthBuiltInUI
Unicode based on Runtime Data (2.exe )
ClientToScreen
Ansi based on Memory/File Scan (2.exe.bin)
CLIPGET
Unicode based on Hybrid Analysis (2.exe.bin)
CLIPPUT
Unicode based on Hybrid Analysis (2.exe.bin)
close
Unicode based on Hybrid Analysis (2.exe.bin)
close all
Unicode based on Memory/File Scan (2.exe.bin)
close cd wait
Unicode based on Memory/File Scan (2.exe.bin)
close PlayMe
Unicode based on Memory/File Scan (2.exe.bin)
CloseClipboard
Ansi based on Memory/File Scan (2.exe.bin)
closed
Unicode based on Hybrid Analysis (2.exe.bin)
CloseDesktop
Ansi based on Memory/File Scan (2.exe.bin)
CloseFigure
Ansi based on Memory/File Scan (2.exe.bin)
CloseHandle
Ansi based on Memory/File Scan (2.exe.bin)
CloseServiceHandle
Ansi based on Memory/File Scan (2.exe.bin)
CloseWindowStation
Ansi based on Memory/File Scan (2.exe.bin)
closing ) for (?C expected
Ansi based on Memory/File Scan (2.exe.bin)
CLSID\
Unicode based on Hybrid Analysis (2.exe.bin)
CLSIDFromProgID
Ansi based on Memory/File Scan (2.exe.bin)
CLSIDFromString
Ansi based on Memory/File Scan (2.exe.bin)
CMDLINE
Unicode based on Hybrid Analysis (2.exe.bin)
CMDLINERAW
Unicode based on Memory/File Scan (2.exe.bin)
cntrl
Ansi based on Memory/File Scan (2.exe.bin)
CoCreateInstance
Ansi based on Memory/File Scan (2.exe.bin)
CoCreateInstanceEx
Ansi based on Memory/File Scan (2.exe.bin)
CoInitialize
Ansi based on Memory/File Scan (2.exe.bin)
CoInitializeSecurity
Ansi based on Memory/File Scan (2.exe.bin)
COLLAPSE
Unicode based on Hybrid Analysis (2.exe.bin)
Com+Enabled
Unicode based on Runtime Data (2.exe )
Combobox
Unicode based on Hybrid Analysis (2.exe.bin)
ComboBox
Unicode based on Hybrid Analysis (2.exe.bin)
COMCTL32.dll
Ansi based on Memory/File Scan (2.exe.bin)
COMDLG32.dll
Ansi based on Memory/File Scan (2.exe.bin)
Comment
Unicode based on Runtime Data (at.exe )
COMMIT
Ansi based on Memory/File Scan (2.exe.bin)
Common
Ansi based on Memory/File Scan (2.exe.bin)
Common AppData
Unicode based on Memory/File Scan (2.exe.bin)
Common Desktop
Unicode based on Memory/File Scan (2.exe.bin)
Common Documents
Unicode based on Memory/File Scan (2.exe.bin)
Common Favorites
Unicode based on Memory/File Scan (2.exe.bin)
Common Programs
Unicode based on Memory/File Scan (2.exe.bin)
Common Start Menu
Unicode based on Memory/File Scan (2.exe.bin)
Common Startup
Unicode based on Memory/File Scan (2.exe.bin)
COMMONFILESDIR
Unicode based on Memory/File Scan (2.exe.bin)
CommonFilesDir
Unicode based on Memory/File Scan (2.exe.bin)
CompareStringA
Ansi based on Memory/File Scan (2.exe.bin)
CompareStringW
Ansi based on Memory/File Scan (2.exe.bin)
Complete Object Locator'
Ansi based on Memory/File Scan (2.exe.bin)
ComputerName
Unicode based on Runtime Data (2.exe )
COMPUTERNAME
Unicode based on Memory/File Scan (2.exe.bin)
COMSPEC
Unicode based on Hybrid Analysis (2.exe.bin)
conditional group contains more than two branches
Ansi based on Memory/File Scan (2.exe.bin)
ConnectRetries
Unicode based on Runtime Data (2.exe )
ConnectTimeOut
Unicode based on Runtime Data (2.exe )
CONOUT$
Ansi based on Hybrid Analysis (2.exe.bin)
CONSOLEREAD
Unicode based on Memory/File Scan (2.exe.bin)
ConsoleTracingMask
Unicode based on Runtime Data (2.exe )
CONSOLEWRITE
Unicode based on Memory/File Scan (2.exe.bin)
CONSOLEWRITEERROR
Unicode based on Memory/File Scan (2.exe.bin)
CONST
Unicode based on Memory/File Scan (2.exe.bin)
constants.9Only Object-type variables allowed in a "With" statement.v"long_ptr", "int_ptr" and "short_ptr" DllCall() types have been deprecated. Use "long*", "int*" and "short*" instead.-Object referenced outside a "With" statement.)Nested "With" statements are not allowed."Variable must be of type "Object".1The requested action with this object has failed.8Variable appears more than once in function declaration.2ReDim array can not be initialized in this manner.1An array variable can not be used in this m
Unicode based on Memory/File Scan (2.exe.bin)
Container
Unicode based on Memory/File Scan (2.exe.bin)
Context1
Unicode based on Memory/File Scan (2.exe.bin)
CONTINUECASE
Unicode based on Memory/File Scan (2.exe.bin)
CONTINUELOOP
Unicode based on Memory/File Scan (2.exe.bin)
Control Panel\Mouse
Unicode based on Memory/File Scan (2.exe.bin)
Control32
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLCLICK
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLCOMMAND
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLDISABLE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLENABLE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLFOCUS
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETFOCUS
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETPOS
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLHIDE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLLISTVIEW
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLMOVE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLSEND
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLSETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLSHOW
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLTREEVIEW
Unicode based on Memory/File Scan (2.exe.bin)
Conversion of parameters failed
Unicode based on Memory/File Scan (2.exe.bin)
Cookies
Unicode based on Runtime Data (2.exe )
Coptic
Ansi based on Memory/File Scan (2.exe.bin)
CopyFileBufferedSynchronousIo
Unicode based on Runtime Data (2.exe )
CopyFileChunkSize
Unicode based on Runtime Data (2.exe )
CopyFileOverlappedCount
Unicode based on Runtime Data (2.exe )
CopyFileW
Ansi based on Memory/File Scan (2.exe.bin)
CopyImage
Ansi based on Memory/File Scan (2.exe.bin)
CopyRect
Ansi based on Memory/File Scan (2.exe.bin)
CopySid
Ansi based on Memory/File Scan (2.exe.bin)
CorExitProcess
Ansi based on Memory/File Scan (2.exe.bin)
CoSetProxyBlanket
Ansi based on Memory/File Scan (2.exe.bin)
CoTaskMemAlloc
Ansi based on Memory/File Scan (2.exe.bin)
CoTaskMemFree
Ansi based on Memory/File Scan (2.exe.bin)
CoUninitialize
Ansi based on Memory/File Scan (2.exe.bin)
CountClipboardFormats
Ansi based on Memory/File Scan (2.exe.bin)
CreateAcceleratorTableW
Ansi based on Memory/File Scan (2.exe.bin)
CreateBindCtx
Ansi based on Memory/File Scan (2.exe.bin)
CreateCompatibleBitmap
Ansi based on Memory/File Scan (2.exe.bin)
CreateCompatibleDC
Ansi based on Memory/File Scan (2.exe.bin)
CreateDCW
Ansi based on Memory/File Scan (2.exe.bin)
CreateDIBSection
Ansi based on Memory/File Scan (2.exe.bin)
CreateDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
CreateEnvironmentBlock
Ansi based on Memory/File Scan (2.exe.bin)
CreateFileA
Ansi based on Memory/File Scan (2.exe.bin)
CreateFileW
Ansi based on Memory/File Scan (2.exe.bin)
CreateFontW
Ansi based on Memory/File Scan (2.exe.bin)
CreateHardLinkW
Ansi based on Memory/File Scan (2.exe.bin)
CreateIconFromResourceEx
Ansi based on Memory/File Scan (2.exe.bin)
CreateMenu
Ansi based on Memory/File Scan (2.exe.bin)
CreatePen
Ansi based on Memory/File Scan (2.exe.bin)
CreatePipe
Ansi based on Memory/File Scan (2.exe.bin)
CreatePopupMenu
Ansi based on Memory/File Scan (2.exe.bin)
CreateProcessAsUserW
Ansi based on Memory/File Scan (2.exe.bin)
CreateProcessW
Ansi based on Memory/File Scan (2.exe.bin)
CreateProcessWithLogonW
Ansi based on Memory/File Scan (2.exe.bin)
CreateSolidBrush
Ansi based on Memory/File Scan (2.exe.bin)
CreateStreamOnHGlobal
Ansi based on Memory/File Scan (2.exe.bin)
CreateThread
Ansi based on Memory/File Scan (2.exe.bin)
CreateToolhelp32Snapshot
Ansi based on Memory/File Scan (2.exe.bin)
CreateUriCacheSize
Unicode based on Runtime Data (2.exe )
CreateWindowExW
Ansi based on Memory/File Scan (2.exe.bin)
CRLF)
Ansi based on Hybrid Analysis (2.exe.bin)
CTINVERT
Unicode based on Memory/File Scan (2.exe.bin)
CTIVATE
Unicode based on Memory/File Scan (2.exe.bin)
CTIVE
Unicode based on Memory/File Scan (2.exe.bin)
ctls_Progress32
Unicode based on Memory/File Scan (2.exe.bin)
CTRLDOWN
Ansi based on Memory/File Scan (2.exe.bin)
CTRLUP
Ansi based on Memory/File Scan (2.exe.bin)
Cuneiform
Ansi based on Memory/File Scan (2.exe.bin)
CURRENTTAB
Unicode based on Memory/File Scan (2.exe.bin)
CWDIllegalInDLLSearch
Unicode based on Runtime Data (2.exe )
Cypriot
Ansi based on Memory/File Scan (2.exe.bin)
Cyrillic
Ansi based on Memory/File Scan (2.exe.bin)
d (File "%s"):
Unicode based on Memory/File Scan (2.exe.bin)
d characters behind Object assignment !
Unicode based on Memory/File Scan (2.exe.bin)
D$ 9D$,|=_
Ansi based on Memory/File Scan (2.exe.bin)
D$ 9D$,}L
Ansi based on Memory/File Scan (2.exe.bin)
D$ PSAQh`
Ansi based on Memory/File Scan (2.exe.bin)
D$ SSSPh`
Ansi based on Memory/File Scan (2.exe.bin)
D$$t&1D$$
Ansi based on Memory/File Scan (2.exe.bin)
D$$t1D$$
Ansi based on Memory/File Scan (2.exe.bin)
D$,9D$(t>
Ansi based on Memory/File Scan (2.exe.bin)
D$,@tG;|$
Ansi based on Memory/File Scan (2.exe.bin)
D$,@u G;|$
Ansi based on Memory/File Scan (2.exe.bin)
D$4QRPUWV
Ansi based on Memory/File Scan (2.exe.bin)
D$<h8LH
Ansi based on Memory/File Scan (2.exe.bin)
D$@QWRSPV
Ansi based on Memory/File Scan (2.exe.bin)
D$dQWSURh
Ansi based on Memory/File Scan (2.exe.bin)
D%.15g
Unicode based on Memory/File Scan (2.exe.bin)
d%02d%02d%02d%02d%02d
Unicode based on Memory/File Scan (2.exe.bin)
D'OnAutoItExit'S
Unicode based on Memory/File Scan (2.exe.bin)
d0r0,1023
Unicode based on Memory/File Scan (2.exe.bin)
d0r0,3
Unicode based on Hybrid Analysis (2.exe.bin)
d100m0
Unicode based on Hybrid Analysis (2.exe.bin)
d10m0
Unicode based on Hybrid Analysis (2.exe.bin)
d124c
Unicode based on Hybrid Analysis (2.exe.bin)
d1r0,2
Unicode based on Hybrid Analysis (2.exe.bin)
d1r1,2
Unicode based on Hybrid Analysis (2.exe.bin)
d250m0
Unicode based on Hybrid Analysis (2.exe.bin)
D@GUI_DRAGID
Unicode based on Memory/File Scan (2.exe.bin)
DBBEBCEBBBCBBBEDDBBBDCCBBBBCBBCBBDDBCBBBCCCBCBBCBBEDBDEBCCBBCDBCEBCBCBBBBBBDCCDCCBDDDCBBD6
Ansi based on Memory/File Scan (2.exe.bin)
dddd, MMMM dd, yyyy
Ansi based on Memory/File Scan (2.exe.bin)
ddddddddddddd
Ansi based on Memory/File Scan (2.exe.bin)
DDDDl
Ansi based on Memory/File Scan (2.exe.bin)
debug.txt
Unicode based on Runtime Data (2.exe )
DebugHeapFlags
Unicode based on Runtime Data (2.exe )
December
Ansi based on Memory/File Scan (2.exe.bin)
DecodePointer
Ansi based on Memory/File Scan (2.exe.bin)
Default
Unicode based on Hybrid Analysis (2.exe.bin)
default
Unicode based on Hybrid Analysis (2.exe.bin)
Default_Page_URL
Unicode based on Runtime Data (2.exe )
Default_Search_URL
Unicode based on Runtime Data (2.exe )
DefaultAccessPermission
Unicode based on Runtime Data (2.exe )
DefaultConnectionSettings
Unicode based on Runtime Data (2.exe )
DefaultLangCodepage
Unicode based on Memory/File Scan (2.exe.bin)
DefDlgProcW
Ansi based on Memory/File Scan (2.exe.bin)
DEFINE
Ansi based on Hybrid Analysis (2.exe.bin)
DEFINE group contains more than one branch
Ansi based on Memory/File Scan (2.exe.bin)
DefWindowProcW
Ansi based on Memory/File Scan (2.exe.bin)
delete
Ansi based on Memory/File Scan (2.exe.bin)
DELETE
Ansi based on Memory/File Scan (2.exe.bin)
delete[]
Ansi based on Memory/File Scan (2.exe.bin)
DeleteCriticalSection
Ansi based on Memory/File Scan (2.exe.bin)
DeleteDC
Ansi based on Memory/File Scan (2.exe.bin)
DeleteFileW
Ansi based on Memory/File Scan (2.exe.bin)
DeleteMenu
Ansi based on Memory/File Scan (2.exe.bin)
DeleteObject
Ansi based on Memory/File Scan (2.exe.bin)
DELSTRING
Unicode based on Memory/File Scan (2.exe.bin)
DESCRIPTION
Unicode based on Memory/File Scan (2.exe.bin)
Description
Unicode based on Runtime Data (2.exe )
DESELECT
Unicode based on Hybrid Analysis (2.exe.bin)
Deseret
Ansi based on Memory/File Scan (2.exe.bin)
Desktop
Unicode based on Hybrid Analysis (2.exe.bin)
DESKTOPCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
DESKTOPDEPTH
Unicode based on Memory/File Scan (2.exe.bin)
DESKTOPDIR
Unicode based on Memory/File Scan (2.exe.bin)
DESKTOPHEIGHT
Unicode based on Memory/File Scan (2.exe.bin)
DESKTOPREFRESH
Unicode based on Memory/File Scan (2.exe.bin)
DESKTOPWIDTH
Unicode based on Memory/File Scan (2.exe.bin)
DestroyAcceleratorTable
Ansi based on Memory/File Scan (2.exe.bin)
DestroyEnvironmentBlock
Ansi based on Memory/File Scan (2.exe.bin)
DestroyIcon
Ansi based on Memory/File Scan (2.exe.bin)
DestroyMenu
Ansi based on Memory/File Scan (2.exe.bin)
DestroyWindow
Ansi based on Memory/File Scan (2.exe.bin)
details
Unicode based on Hybrid Analysis (2.exe.bin)
Devanagari
Ansi based on Memory/File Scan (2.exe.bin)
DeviceIoControl
Ansi based on Memory/File Scan (2.exe.bin)
DevicePath
Unicode based on Runtime Data (2.exe )
DhcpDomain
Unicode based on Runtime Data (2.exe )
DhcpNameServer
Unicode based on Runtime Data (2.exe )
Dhcpv6Domain
Unicode based on Runtime Data (2.exe )
DialogBoxParamW
Ansi based on Memory/File Scan (2.exe.bin)
DialupUseLanSettings
Unicode based on Runtime Data (2.exe )
digit
Ansi based on Memory/File Scan (2.exe.bin)
digit expected after (?+
Ansi based on Memory/File Scan (2.exe.bin)
diouxXeEfgGs
Unicode based on Memory/File Scan (2.exe.bin)
DIRCOPY
Unicode based on Hybrid Analysis (2.exe.bin)
DIRCREATE
Unicode based on Memory/File Scan (2.exe.bin)
DIRGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
DIRMOVE
Unicode based on Hybrid Analysis (2.exe.bin)
DIRREMOVE
Unicode based on Memory/File Scan (2.exe.bin)
Disable
Unicode based on Runtime Data (2.exe )
DisableBasicOverClearChannel
Unicode based on Runtime Data (2.exe )
DisableBranchCache
Unicode based on Runtime Data (2.exe )
DisableCachingOfSSLPages
Unicode based on Runtime Data (2.exe )
DisableEngine
Unicode based on Runtime Data (2.exe )
DisableImprovedZoneCheck
Unicode based on Runtime Data (2.exe )
DisableKeepAlive
Unicode based on Runtime Data (2.exe )
DisableLocalOverride
Unicode based on Runtime Data (2.exe )
DisableMetaFiles
Unicode based on Runtime Data (2.exe )
DisableNTLMPreAuth
Unicode based on Runtime Data (2.exe )
DisablePassport
Unicode based on Runtime Data (2.exe )
DisableReadRange
Unicode based on Runtime Data (2.exe )
DisableRegistryTools
Unicode based on Runtime Data (2.exe )
DisableSecuritySettingsCheck
Unicode based on Runtime Data (2.exe )
DisableTaskMgr
Unicode based on Runtime Data (2.exe )
DisableUserModeCallbackFilter
Unicode based on Runtime Data (2.exe )
DisableWorkerThreadHibernation
Unicode based on Runtime Data (2.exe )
DispatchMessageW
Ansi based on Memory/File Scan (2.exe.bin)
DISPLAY
Unicode based on Hybrid Analysis (2.exe.bin)
DisplayScriptDownloadFailureUI
Unicode based on Runtime Data (2.exe )
DisplayString
Unicode based on Runtime Data (2.exe )
DLLCALL
Unicode based on Hybrid Analysis (2.exe.bin)
DLLCALLBACKFREE
Unicode based on Memory/File Scan (2.exe.bin)
DLLCALLBACKGETPTR
Unicode based on Memory/File Scan (2.exe.bin)
DLLCALLBACKREGISTER
Unicode based on Memory/File Scan (2.exe.bin)
DLLCLOSE
Unicode based on Hybrid Analysis (2.exe.bin)
DLLERROR
Unicode based on Memory/File Scan (2.exe.bin)
DllFile
Unicode based on Runtime Data (2.exe )
DLLOPEN
Unicode based on Hybrid Analysis (2.exe.bin)
DLLStruct
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTCREATE
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTGETDATA
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTGETPTR
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTSETDATA
Unicode based on Memory/File Scan (2.exe.bin)
DnsCacheEnabled
Unicode based on Runtime Data (2.exe )
DnsCacheEntries
Unicode based on Runtime Data (2.exe )
DnsCacheTimeout
Unicode based on Runtime Data (2.exe )
DOCUMENTSCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
Domain
Unicode based on Runtime Data (2.exe )
DOMAIN error
Ansi based on Memory/File Scan (2.exe.bin)
DontUseDNSLoadBalancing
Unicode based on Runtime Data (2.exe )
double
Unicode based on Memory/File Scan (2.exe.bin)
DPLAY
Unicode based on Memory/File Scan (2.exe.bin)
DragFinish
Ansi based on Memory/File Scan (2.exe.bin)
DragQueryFileW
Ansi based on Memory/File Scan (2.exe.bin)
DragQueryPoint
Ansi based on Memory/File Scan (2.exe.bin)
DrawFocusRect
Ansi based on Memory/File Scan (2.exe.bin)
DrawFrameControl
Ansi based on Memory/File Scan (2.exe.bin)
DrawMenuBar
Ansi based on Memory/File Scan (2.exe.bin)
DrawTextW
Ansi based on Memory/File Scan (2.exe.bin)
DRIVEGETDRIVE
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETFILESYSTEM
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETLABEL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETSERIAL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETTYPE
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEMAPADD
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEMAPDEL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEMAPGET
Unicode based on Memory/File Scan (2.exe.bin)
DriveMask
Unicode based on Runtime Data (2.exe )
DRIVESETLABEL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVESPACEFREE
Unicode based on Memory/File Scan (2.exe.bin)
DRIVESPACETOTAL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVESTATUS
Unicode based on Memory/File Scan (2.exe.bin)
DSeAssignPrimaryTokenPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
DSETWAVEVOLUME
Unicode based on Memory/File Scan (2.exe.bin)
DSTRING
Unicode based on Memory/File Scan (2.exe.bin)
DUMMYSPEEDTEST
Unicode based on Memory/File Scan (2.exe.bin)
Duplicate function name.
Unicode based on Memory/File Scan (2.exe.bin)
DuplicateHandle
Ansi based on Memory/File Scan (2.exe.bin)
DWITH
Unicode based on Memory/File Scan (2.exe.bin)
dword
Unicode based on Memory/File Scan (2.exe.bin)
e mode
Unicode based on Memory/File Scan (2.exe.bin)
e PlayMe
Unicode based on Memory/File Scan (2.exe.bin)
e+000
Ansi based on Hybrid Analysis (2.exe.bin)
earchChildren
Unicode based on Memory/File Scan (2.exe.bin)
EATEITEM
Unicode based on Memory/File Scan (2.exe.bin)
EATEMENU
Unicode based on Memory/File Scan (2.exe.bin)
EATENTFSLINK
Unicode based on Memory/File Scan (2.exe.bin)
ECKED
Unicode based on Memory/File Scan (2.exe.bin)
ECOMBO
Unicode based on Memory/File Scan (2.exe.bin)
ect type
Unicode based on Memory/File Scan (2.exe.bin)
ECTED
Unicode based on Memory/File Scan (2.exe.bin)
ecuteScript
Unicode based on Memory/File Scan (2.exe.bin)
EDITPASTE
Unicode based on Memory/File Scan (2.exe.bin)
eeebeccbefbefefeffbbbeffeecbfbeeeebefebebefbceefeceefefffffbfebeebeeebebfeebfecbbbeeecffc/
Ansi based on Memory/File Scan (2.exe.bin)
EEECEEEEEBCCBCBEBEBECCBEEBCCEDECEEEDDBCDBECBEECECCECEEEBEDDBCEEBBDEEEEBBECCEDEEEEDBCECBBC6
Ansi based on Memory/File Scan (2.exe.bin)
EEEEEEEEEEEEEEEEEEEEECDEEEEEDEECECEEEDEEEEEEEDECEDEEEEEEEECECEEECEEEBEEEECEBECCEEEEEEEEEE7
Ansi based on Memory/File Scan (2.exe.bin)
EEEEEFEGEFFEGFGEEEEEFEGEFHFGGEEEEEGHEFFEFEEFFFEFEEEEHEGFEHEEGEEEFEEEEHEEEEEEFEEEEFGGEFFFE7
Ansi based on Memory/File Scan (2.exe.bin)
EGEXPTITLE:
Unicode based on Memory/File Scan (2.exe.bin)
ELECT
Unicode based on Memory/File Scan (2.exe.bin)
ELETE
Unicode based on Memory/File Scan (2.exe.bin)
Ellipse
Ansi based on Memory/File Scan (2.exe.bin)
EMENUITEM
Unicode based on Memory/File Scan (2.exe.bin)
EMGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
EMOVE
Unicode based on Memory/File Scan (2.exe.bin)
EmptyClipboard
Ansi based on Memory/File Scan (2.exe.bin)
EMSETONEVENT
Unicode based on Memory/File Scan (2.exe.bin)
en-US
Unicode based on Runtime Data (2.exe )
EnableAutodial
Unicode based on Runtime Data (2.exe )
EnableAutoProxyResultCache
Unicode based on Runtime Data (2.exe )
EnableConsoleTracing
Unicode based on Runtime Data (2.exe )
Enabled
Unicode based on Runtime Data (2.exe )
EnableDhcp
Unicode based on Runtime Data (2.exe )
EnableFileTracing
Unicode based on Runtime Data (2.exe )
EnableHttp1_1
Unicode based on Runtime Data (2.exe )
EnableHttpTrace
Unicode based on Runtime Data (2.exe )
EnableNegotiate
Unicode based on Runtime Data (2.exe )
EnablePunycode
Unicode based on Runtime Data (2.exe )
EnableWindow
Ansi based on Memory/File Scan (2.exe.bin)
EncodePointer
Ansi based on Memory/File Scan (2.exe.bin)
EndDialog
Ansi based on Memory/File Scan (2.exe.bin)
EndPaint
Ansi based on Memory/File Scan (2.exe.bin)
EndPath
Ansi based on Memory/File Scan (2.exe.bin)
ENDSELECT
Unicode based on Memory/File Scan (2.exe.bin)
ENDSWITCH
Unicode based on Memory/File Scan (2.exe.bin)
ent Interface from Object.
Unicode based on Memory/File Scan (2.exe.bin)
ENTER
Ansi based on Memory/File Scan (2.exe.bin)
EnterCriticalSection
Ansi based on Memory/File Scan (2.exe.bin)
ENUCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
EnumChildWindows
Ansi based on Memory/File Scan (2.exe.bin)
EnumProcesses
Ansi based on Memory/File Scan (2.exe.bin)
EnumProcessModules
Ansi based on Memory/File Scan (2.exe.bin)
EnumResourceNamesW
Ansi based on Memory/File Scan (2.exe.bin)
EnumThreadWindows
Ansi based on Memory/File Scan (2.exe.bin)
EnumWindows
Ansi based on Memory/File Scan (2.exe.bin)
ENVGET
Unicode based on Hybrid Analysis (2.exe.bin)
Environment
Unicode based on Memory/File Scan (2.exe.bin)
ENVSET
Unicode based on Hybrid Analysis (2.exe.bin)
ENVUPDATE
Unicode based on Memory/File Scan (2.exe.bin)
EPROGRESS
Unicode based on Memory/File Scan (2.exe.bin)
ERNAME
Unicode based on Memory/File Scan (2.exe.bin)
ERPROFILEDIR
Unicode based on Memory/File Scan (2.exe.bin)
erroffset passed as NULL
Ansi based on Memory/File Scan (2.exe.bin)
Error allocating memory.
Unicode based on Memory/File Scan (2.exe.bin)
Error in expression.
Unicode based on Memory/File Scan (2.exe.bin)
Error opening the file
Unicode based on Memory/File Scan (2.exe.bin)
Error parsing function call.0Incorrect number of parameters in function call.'"ReDim" used without an array variable.>Illegal text at the end of statement (one statement per line).1"If" statement has no matching "EndIf" statement.1"Else" statement with no matching "If" statement.2"EndIf" statement with no matching "If" statement.7Too many "Else" statements for matching "If" statement.3"While" statement has no matching "Wend" statement.4"Wend" statement with no matching "While" statement.%Variable used witho
Unicode based on Memory/File Scan (2.exe.bin)
Error parsing function call.0Incorrect number of parameters in function call.'"ReDim" used without an array variable.>Illegal text at the end of statement (one statement per line).1"If" statement has no matching "EndIf" statement.1"Else" statement with no matching "If" statement.2"EndIf" statement with no matching "If" statement.7Too many "Else" statements for matching "If" statement.3"While" statement has no matching "Wend" statement.4"Wend" statement with no matching "While" statement.%Variable used without being declared.XArray variable has incorrect number of subscripts or subscript dimension range exceeded.)Array variable subscript badly formatted.'Subscript used with non-Array variable.&Too many subscripts used for an array.0Missing subscript dimensions in "Dim" statement.NNo variable given for "Dim", "Local", "Global", "Struct" or "Const" statement.0Expected a "=" operator in assignment statement.*Invalid keyword at the start of this line.
Unicode based on Memory/File Scan (2.exe.bin)
Error:
Unicode based on Memory/File Scan (2.exe.bin)
ersion of parameters failed
Unicode based on Memory/File Scan (2.exe.bin)
erver32
Unicode based on Memory/File Scan (2.exe.bin)
ES_ROOT
Unicode based on Memory/File Scan (2.exe.bin)
ESCAPE
Ansi based on Memory/File Scan (2.exe.bin)
ESECTION
Unicode based on Memory/File Scan (2.exe.bin)
ESREAD
Unicode based on Memory/File Scan (2.exe.bin)
ESSEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
ESSSETPRIORITY
Unicode based on Memory/File Scan (2.exe.bin)
ESTATUS
Unicode based on Memory/File Scan (2.exe.bin)
estion
Unicode based on Memory/File Scan (2.exe.bin)
esult
Unicode based on Memory/File Scan (2.exe.bin)
ETACCELERATORS
Unicode based on Memory/File Scan (2.exe.bin)
ETCLIENTSIZE
Unicode based on Memory/File Scan (2.exe.bin)
ETGETACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
Ethiopic
Ansi based on Memory/File Scan (2.exe.bin)
ETHOD
Unicode based on Memory/File Scan (2.exe.bin)
ETPTR
Unicode based on Memory/File Scan (2.exe.bin)
ETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
ETSTATS
Unicode based on Memory/File Scan (2.exe.bin)
ETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
ETTRANS
Unicode based on Memory/File Scan (2.exe.bin)
eVars
Unicode based on Memory/File Scan (2.exe.bin)
EVENT
Unicode based on Memory/File Scan (2.exe.bin)
exception
Ansi based on Memory/File Scan (2.exe , 00007995-00002916.00000001.11491.0047D000.00000004.mdmp)
EXECUTE
Unicode based on Hybrid Analysis (2.exe.bin)
ExecuteLine
Unicode based on Memory/File Scan (2.exe.bin)
EXISTS
Unicode based on Hybrid Analysis (2.exe.bin)
ExitProcess
Ansi based on Memory/File Scan (2.exe.bin)
ExitThread
Ansi based on Memory/File Scan (2.exe.bin)
ExitWindowsEx
Ansi based on Memory/File Scan (2.exe.bin)
EXPAND
Unicode based on Hybrid Analysis (2.exe.bin)
EXPAND_SZ
Unicode based on Memory/File Scan (2.exe.bin)
ExpandEnvStrings
Unicode based on Memory/File Scan (2.exe.bin)
ExpandVarStrings
Unicode based on Memory/File Scan (2.exe.bin)
Explorer.exe system3_.exe
Unicode based on Runtime Data (2.exe )
Export
Unicode based on Runtime Data (2.exe )
ExtCreatePen
Ansi based on Memory/File Scan (2.exe.bin)
ExtractIconExW
Ansi based on Memory/File Scan (2.exe.bin)
f+Npf+L$Lf
Ansi based on Memory/File Scan (2.exe.bin)
Failed to create the Error Handler
Unicode based on Memory/File Scan (2.exe.bin)
Failed to create the Event Object.
Unicode based on Memory/File Scan (2.exe.bin)
failed to get memory
Ansi based on Memory/File Scan (2.exe.bin)
Failed to retrieve outgoing Event Interface from Object.
Unicode based on Memory/File Scan (2.exe.bin)
False
Unicode based on Hybrid Analysis (2.exe.bin)
fault
Unicode based on Memory/File Scan (2.exe.bin)
FAULT
Unicode based on Memory/File Scan (2.exe.bin)
Favorites
Unicode based on Memory/File Scan (2.exe.bin)
FAVORITESCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
FAVORITESDIR
Unicode based on Memory/File Scan (2.exe.bin)
FBKCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
Feature_ClientAuthCertFilter
Unicode based on Runtime Data (2.exe )
February
Ansi based on Memory/File Scan (2.exe.bin)
ffiffffffffififfffffffffffffieffffffffffiifffiiffffiffiifffffffiffffffiffffffhffffffffiif/
Ansi based on Memory/File Scan (2.exe.bin)
FHHHHFGFHGFHFGEFFEFFHEFEFFFFFFFFGHHHFHGHHHFHHHHFGFGFGHGGEHFHFGGHGGGGHHFFHGHGFFEEEHHEHGHHF8
Ansi based on Memory/File Scan (2.exe.bin)
FILECHANGEDIR
Unicode based on Memory/File Scan (2.exe.bin)
FILECLOSE
Unicode based on Memory/File Scan (2.exe.bin)
FILECOPY
Unicode based on Hybrid Analysis (2.exe.bin)
FILECREATENTFSLINK
Unicode based on Memory/File Scan (2.exe.bin)
FILECREATESHORTCUT
Unicode based on Memory/File Scan (2.exe.bin)
FILEDELETE
Unicode based on Memory/File Scan (2.exe.bin)
FileDirectory
Unicode based on Runtime Data (2.exe )
FILEEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
FileExtensions
Unicode based on Runtime Data (2.exe )
FILEFINDFIRSTFILE
Unicode based on Memory/File Scan (2.exe.bin)
FILEFINDNEXTFILE
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETATTRIB
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETLONGNAME
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETSHORTCUT
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETSHORTNAME
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETTIME
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETVERSION
Unicode based on Memory/File Scan (2.exe.bin)
FILEINSTALL
Unicode based on Memory/File Scan (2.exe.bin)
FILEMOVE
Unicode based on Hybrid Analysis (2.exe.bin)
FILEOPEN
Unicode based on Hybrid Analysis (2.exe.bin)
FILEOPENDIALOG
Unicode based on Memory/File Scan (2.exe.bin)
FILEREAD
Unicode based on Hybrid Analysis (2.exe.bin)
FILEREADLINE
Unicode based on Memory/File Scan (2.exe.bin)
FILERECYCLE
Unicode based on Memory/File Scan (2.exe.bin)
FILERECYCLEEMPTY
Unicode based on Memory/File Scan (2.exe.bin)
FILESAVEDIALOG
Unicode based on Memory/File Scan (2.exe.bin)
FILESDIR
Unicode based on Memory/File Scan (2.exe.bin)
FILESELECTFOLDER
Unicode based on Memory/File Scan (2.exe.bin)
FILESETATTRIB
Unicode based on Memory/File Scan (2.exe.bin)
FILESETTIME
Unicode based on Memory/File Scan (2.exe.bin)
FileTimeToLocalFileTime
Ansi based on Memory/File Scan (2.exe.bin)
FileTimeToSystemTime
Ansi based on Memory/File Scan (2.exe.bin)
FileTracingMask
Unicode based on Runtime Data (2.exe )
FileVersion
Unicode based on Memory/File Scan (2.exe.bin)
FILEWRITE
Unicode based on Memory/File Scan (2.exe.bin)
FILEWRITELINE
Unicode based on Memory/File Scan (2.exe.bin)
FillRect
Ansi based on Memory/File Scan (2.exe.bin)
FindClose
Ansi based on Memory/File Scan (2.exe.bin)
FindFirstFileW
Ansi based on Memory/File Scan (2.exe.bin)
FINDITEM
Unicode based on Hybrid Analysis (2.exe.bin)
FindNextFileW
Ansi based on Memory/File Scan (2.exe.bin)
FindResourceW
Ansi based on Memory/File Scan (2.exe.bin)
FINDSTRING
Unicode based on Memory/File Scan (2.exe.bin)
FindWindowExW
Ansi based on Memory/File Scan (2.exe.bin)
FindWindowW
Ansi based on Memory/File Scan (2.exe.bin)
FipsAlgorithmPolicy
Unicode based on Runtime Data (2.exe )
First parameter must be of type 'Object'.
Unicode based on Memory/File Scan (2.exe.bin)
Fixed
Unicode based on Hybrid Analysis (2.exe.bin)
fixed
Unicode based on Hybrid Analysis (2.exe.bin)
Flags
Unicode based on Runtime Data (2.exe )
FlashWindow
Ansi based on Memory/File Scan (2.exe.bin)
float
Unicode based on Memory/File Scan (2.exe.bin)
FLOAT
Unicode based on Memory/File Scan (2.exe.bin)
FLOOR
Unicode based on Hybrid Analysis (2.exe.bin)
FlsAlloc
Ansi based on Hybrid Analysis (2.exe.bin)
FlsFree
Ansi based on Hybrid Analysis (2.exe.bin)
FlsGetValue
Ansi based on Memory/File Scan (2.exe.bin)
FlsSetValue
Ansi based on Memory/File Scan (2.exe.bin)
FlushFileBuffers
Ansi based on Memory/File Scan (2.exe.bin)
FolderTypeID
Unicode based on Runtime Data (2.exe )
FormatMessageW
Ansi based on Memory/File Scan (2.exe.bin)
FrameRect
Ansi based on Memory/File Scan (2.exe.bin)
FreeEnvironmentStringsW
Ansi based on Memory/File Scan (2.exe.bin)
FreeLibrary
Ansi based on Memory/File Scan (2.exe.bin)
Friday
Ansi based on Memory/File Scan (2.exe.bin)
FromCacheTimeout
Unicode based on Runtime Data (2.exe )
FtpBinaryMode
Unicode based on Memory/File Scan (2.exe.bin)
FtpDefaultExpiryTimeSecs
Unicode based on Runtime Data (2.exe )
FtpGetFileSize
Ansi based on Memory/File Scan (2.exe.bin)
FtpOpenFileW
Ansi based on Memory/File Scan (2.exe.bin)
FTPSETPROXY
Unicode based on Memory/File Scan (2.exe.bin)
FULLPATH
Unicode based on Memory/File Scan (2.exe.bin)
GAIsProcessorFeaturePresent
Ansi based on Memory/File Scan (2.exe.bin)
GDI32.dll
Ansi based on Memory/File Scan (2.exe.bin)
Generation
Unicode based on Runtime Data (2.exe )
Georgian
Ansi based on Memory/File Scan (2.exe.bin)
GET /asdb000/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb002/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb004/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb006/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb008/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb010/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb012/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb014/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb016/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb018/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb020/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu000.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu001.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu002.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu003.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu004.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu005.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu006.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu007.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu008.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu009.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
get__NewEnum
Unicode based on Memory/File Scan (2.exe.bin)
GetAce
Ansi based on Memory/File Scan (2.exe.bin)
GetAclInformation
Ansi based on Memory/File Scan (2.exe.bin)
GetACP
Ansi based on Memory/File Scan (2.exe.bin)
GetActiveWindow
Ansi based on Memory/File Scan (2.exe.bin)
GetAsyncKeyState
Ansi based on Memory/File Scan (2.exe.bin)
GETATTRIB
Unicode based on Memory/File Scan (2.exe.bin)
GetCaretPos
Ansi based on Memory/File Scan (2.exe.bin)
GetClassNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetClientRect
Ansi based on Memory/File Scan (2.exe.bin)
GetClipboardData
Ansi based on Memory/File Scan (2.exe.bin)
GetCommandLineW
Ansi based on Memory/File Scan (2.exe.bin)
GetComputerNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetConsoleCP
Ansi based on Memory/File Scan (2.exe.bin)
GetConsoleMode
Ansi based on Memory/File Scan (2.exe.bin)
GetConsoleOutputCP
Ansi based on Memory/File Scan (2.exe.bin)
GetCPInfo
Ansi based on Memory/File Scan (2.exe.bin)
GETCURRENTCOL
Unicode based on Memory/File Scan (2.exe.bin)
GetCurrentDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GETCURRENTLINE
Unicode based on Memory/File Scan (2.exe.bin)
GetCurrentProcess
Ansi based on Memory/File Scan (2.exe.bin)
GetCurrentProcessId
Ansi based on Memory/File Scan (2.exe.bin)
GETCURRENTSELECTION
Unicode based on Memory/File Scan (2.exe.bin)
GetCurrentThread
Ansi based on Memory/File Scan (2.exe.bin)
GetCurrentThreadId
Ansi based on Memory/File Scan (2.exe.bin)
GetCursor
Ansi based on Memory/File Scan (2.exe.bin)
GetCursorPos
Ansi based on Memory/File Scan (2.exe.bin)
GetDC
Ansi based on Memory/File Scan (2.exe.bin)
GetDesktopWindow
Ansi based on Memory/File Scan (2.exe.bin)
GetDeviceCaps
Ansi based on Memory/File Scan (2.exe.bin)
GetDIBits
Ansi based on Memory/File Scan (2.exe.bin)
GetDiskFreeSpaceExW
Ansi based on Memory/File Scan (2.exe.bin)
GetDiskFreeSpaceW
Ansi based on Memory/File Scan (2.exe.bin)
GetDlgCtrlID
Ansi based on Memory/File Scan (2.exe.bin)
GetDlgItem
Ansi based on Memory/File Scan (2.exe.bin)
GetDriveTypeW
Ansi based on Memory/File Scan (2.exe.bin)
GetEnvironmentStringsW
Ansi based on Memory/File Scan (2.exe.bin)
GetEnvironmentVariableW
Ansi based on Memory/File Scan (2.exe.bin)
GetExitCodeProcess
Ansi based on Memory/File Scan (2.exe.bin)
GetFileAttributesW
Ansi based on Memory/File Scan (2.exe.bin)
GetFileSize
Ansi based on Memory/File Scan (2.exe.bin)
GetFileType
Ansi based on Memory/File Scan (2.exe.bin)
GetFileVersionInfoSizeW
Ansi based on Memory/File Scan (2.exe.bin)
GetFileVersionInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetFocus
Ansi based on Memory/File Scan (2.exe.bin)
GetForegroundWindow
Ansi based on Memory/File Scan (2.exe.bin)
GetFullPathNameW
Ansi based on Memory/File Scan (2.exe.bin)
GETITEMCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetKeyboardLayoutNameA
Ansi based on Memory/File Scan (2.exe.bin)
GetKeyboardLayoutNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetKeyboardState
Ansi based on Memory/File Scan (2.exe.bin)
GetKeyState
Ansi based on Memory/File Scan (2.exe.bin)
GetLastActivePopup
Ansi based on Memory/File Scan (2.exe.bin)
GetLastError
Ansi based on Memory/File Scan (2.exe.bin)
GetLengthSid
Ansi based on Memory/File Scan (2.exe.bin)
GETLINE
Unicode based on Hybrid Analysis (2.exe.bin)
GETLINECOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetLocaleInfoA
Ansi based on Memory/File Scan (2.exe.bin)
GetLocalTime
Ansi based on Memory/File Scan (2.exe.bin)
GetMenu
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuItemCount
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuItemID
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuItemInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuStringW
Ansi based on Memory/File Scan (2.exe.bin)
GetMessageW
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleBaseNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleFileNameA
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleHandleA
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleHandleW
Ansi based on Memory/File Scan (2.exe.bin)
GetMonitorInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetNativeSystemInfo
Ansi based on Memory/File Scan (2.exe.bin)
GetObjectW
Ansi based on Memory/File Scan (2.exe.bin)
GetOEMCP
Ansi based on Memory/File Scan (2.exe.bin)
GetOpenFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetParent
Ansi based on Memory/File Scan (2.exe.bin)
GetPixel
Ansi based on Memory/File Scan (2.exe.bin)
GetPrivateProfileSectionNamesW
Ansi based on Memory/File Scan (2.exe.bin)
GetPrivateProfileSectionW
Ansi based on Memory/File Scan (2.exe.bin)
GetPrivateProfileStringW
Ansi based on Memory/File Scan (2.exe.bin)
GetProcAddress
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessHeap
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessIoCounters
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessMemoryInfo
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessWindowStation
Ansi based on Memory/File Scan (2.exe.bin)
GetSaveFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetSecurityDescriptorDacl
Ansi based on Memory/File Scan (2.exe.bin)
GETSELECTED
Unicode based on Memory/File Scan (2.exe.bin)
GETSELECTEDCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetShortPathNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetStartupInfoA
Ansi based on Memory/File Scan (2.exe.bin)
GetStartupInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetStdHandle
Ansi based on Memory/File Scan (2.exe.bin)
GetStockObject
Ansi based on Memory/File Scan (2.exe.bin)
GetStringTypeA
Ansi based on Memory/File Scan (2.exe.bin)
GetStringTypeW
Ansi based on Memory/File Scan (2.exe.bin)
GETSUBITEMCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetSubMenu
Ansi based on Memory/File Scan (2.exe.bin)
GetSysColor
Ansi based on Memory/File Scan (2.exe.bin)
GetSysColorBrush
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemInfo
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemMetrics
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemTimeAsFileTime
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemWow64DirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GetTempFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetTempPathW
Ansi based on Memory/File Scan (2.exe.bin)
GETTEXT
Unicode based on Hybrid Analysis (2.exe.bin)
GetTextExtentPoint32W
Ansi based on Memory/File Scan (2.exe.bin)
GetTextFaceW
Ansi based on Memory/File Scan (2.exe.bin)
GetTickCount
Ansi based on Memory/File Scan (2.exe.bin)
GETTIME
Unicode based on Memory/File Scan (2.exe.bin)
GetTimeZoneInformation
Ansi based on Memory/File Scan (2.exe.bin)
GetTokenInformation
Ansi based on Memory/File Scan (2.exe.bin)
GETTOTALCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetUserNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetUserObjectInformationA
Ansi based on Memory/File Scan (2.exe.bin)
GetUserObjectSecurity
Ansi based on Memory/File Scan (2.exe.bin)
GetVersionExW
Ansi based on Memory/File Scan (2.exe.bin)
GetVolumeInformationW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowDC
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowLongW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowRect
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowsDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowTextLengthW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowTextW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowThreadProcessId
Ansi based on Memory/File Scan (2.exe.bin)
GEXPCLASS
Unicode based on Memory/File Scan (2.exe.bin)
Glagolitic
Ansi based on Memory/File Scan (2.exe.bin)
GlobalAlloc
Ansi based on Memory/File Scan (2.exe.bin)
GlobalFree
Ansi based on Memory/File Scan (2.exe.bin)
GlobalLock
Ansi based on Memory/File Scan (2.exe.bin)
GlobalMemoryStatusEx
Ansi based on Memory/File Scan (2.exe.bin)
GlobalSession
Unicode based on Runtime Data (2.exe )
GlobalUnlock
Ansi based on Memory/File Scan (2.exe.bin)
GlobalUserOffline
Unicode based on Runtime Data (2.exe )
god.txt
Unicode based on Runtime Data (2.exe )
GONSERVER
Unicode based on Memory/File Scan (2.exe.bin)
Gothic
Ansi based on Memory/File Scan (2.exe.bin)
graph
Ansi based on Memory/File Scan (2.exe.bin)
Greek
Ansi based on Memory/File Scan (2.exe.bin)
GUI_RUNDEFMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUICloseOnESC
Unicode based on Memory/File Scan (2.exe.bin)
GUICoordMode
Unicode based on Memory/File Scan (2.exe.bin)
GUICREATE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEAVI
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEBUTTON
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATECHECKBOX
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATECOMBO
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATECONTEXTMENU
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEDATE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEDUMMY
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEEDIT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEGRAPHIC
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEGROUP
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEICON
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEINPUT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATELABEL
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATELIST
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATELISTVIEW
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATELISTVIEWITEM
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEMENU
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEMENUITEM
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEMONTHCAL
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEOBJ
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEPIC
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEPROGRESS
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATERADIO
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATESLIDER
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATETAB
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATETABITEM
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATETREEVIEW
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATETREEVIEWITEM
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEUPDOWN
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLDELETE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLREAD
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLRECVMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLREGISTERLISTVIEWSORT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSENDMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSENDTODUMMY
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETBKCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETCURSOR
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETDATA
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETDEFBKCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETDEFCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETFONT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETGRAPHIC
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETIMAGE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETLIMIT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETONEVENT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETPOS
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETRESIZING
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETTIP
Unicode based on Memory/File Scan (2.exe.bin)
GUIDataSeparatorChar
Unicode based on Memory/File Scan (2.exe.bin)
GUIDELETE
Unicode based on Memory/File Scan (2.exe.bin)
GUIEventOptions
Unicode based on Memory/File Scan (2.exe.bin)
GUIGETCURSORINFO
Unicode based on Memory/File Scan (2.exe.bin)
GUIGETMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUIGETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
GUIOnEventMode
Unicode based on Memory/File Scan (2.exe.bin)
GUIREGISTERMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUIResizeMode
Unicode based on Memory/File Scan (2.exe.bin)
GUISETACCELERATORS
Unicode based on Memory/File Scan (2.exe.bin)
GUISETBKCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
GUISETCOORD
Unicode based on Memory/File Scan (2.exe.bin)
GUISETCURSOR
Unicode based on Memory/File Scan (2.exe.bin)
GUISETFONT
Unicode based on Memory/File Scan (2.exe.bin)
GUISETHELP
Unicode based on Memory/File Scan (2.exe.bin)
GUISETICON
Unicode based on Memory/File Scan (2.exe.bin)
GUISETONEVENT
Unicode based on Memory/File Scan (2.exe.bin)
GUISETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
GUISETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
GUISTARTGROUP
Unicode based on Memory/File Scan (2.exe.bin)
GUISWITCH
Unicode based on Memory/File Scan (2.exe.bin)
Gujarati
Ansi based on Memory/File Scan (2.exe.bin)
Gurmukhi
Ansi based on Memory/File Scan (2.exe.bin)
GWRITE
Unicode based on Memory/File Scan (2.exe.bin)
h(((( H
Unicode based on Memory/File Scan (2.exe.bin)
h1.ripway.com
Ansi based on PCAP Processing (PCAP)
h7dllll
Ansi based on Memory/File Scan (2.exe.bin)
ha[]dlll
Ansi based on Memory/File Scan (2.exe.bin)
ha[llll
Ansi based on Memory/File Scan (2.exe.bin)
HANDLE
Unicode based on Hybrid Analysis (2.exe.bin)
HANDLE=
Unicode based on Hybrid Analysis (2.exe.bin)
Hangul
Ansi based on Memory/File Scan (2.exe.bin)
Hanunoo
Ansi based on Memory/File Scan (2.exe.bin)
HasNavigationEnum
Unicode based on Runtime Data (2.exe )
HeaderExclusionListForCache
Unicode based on Runtime Data (2.exe )
HeapAlloc
Ansi based on Memory/File Scan (2.exe.bin)
HeapCreate
Ansi based on Memory/File Scan (2.exe.bin)
HeapFree
Ansi based on Memory/File Scan (2.exe.bin)
HeapReAlloc
Ansi based on Memory/File Scan (2.exe.bin)
HeapSize
Ansi based on Memory/File Scan (2.exe.bin)
Hebrew
Ansi based on Memory/File Scan (2.exe.bin)
HELPCONTEXT
Unicode based on Memory/File Scan (2.exe.bin)
HelperDllName
Unicode based on Runtime Data (2.exe )
HH:mm:ss
Ansi based on Memory/File Scan (2.exe.bin)
HIDEDROPDOWN
Unicode based on Memory/File Scan (2.exe.bin)
HideFolderVerbs
Unicode based on Runtime Data (2.exe )
HideInWebView
Unicode based on Runtime Data (2.exe )
HideOnDesktopPerUser
Unicode based on Runtime Data (2.exe )
HIHIIIKHJKKHHIHKHKHKIJKHIJHJIHIJHKJHHHHHIJIIIKHIHIIHHIKIKKKIKIJJIIHKIHKJJJIIKKHHHKHKHIIIH:
Ansi based on Memory/File Scan (2.exe.bin)
Hiragana
Ansi based on Memory/File Scan (2.exe.bin)
History
Unicode based on Runtime Data (2.exe )
HKCR\
Unicode based on Hybrid Analysis (2.exe.bin)
HKEY_CLASSES_ROOT
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_CURRENT_CONFIG
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_CURRENT_USER
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_LOCAL_MACHINE
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_USERS
Unicode based on Memory/File Scan (2.exe.bin)
HOMEDRIVE
Unicode based on Memory/File Scan (2.exe.bin)
HOMEPATH
Unicode based on Hybrid Analysis (2.exe.bin)
HOMESHARE
Unicode based on Memory/File Scan (2.exe.bin)
HORTNAME
Unicode based on Memory/File Scan (2.exe.bin)
hostingsolutions-26026
Ansi based on PCAP Processing (network.pcap)
Hostname
Unicode based on Runtime Data (2.exe )
HOTKEYPRESSED
Unicode based on Memory/File Scan (2.exe.bin)
HOTKEYSET
Unicode based on Memory/File Scan (2.exe.bin)
HOWNORMAL
Unicode based on Memory/File Scan (2.exe.bin)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:03 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_KSjjB2yb88jxaJwJ6dX5eY2INSmzqTHVGJXOkp0ZngXjzenMSrPo28vNlL73/gHnDklx6ZkYJ2G4F6GmEVXlbQ==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_KSjjB2yb88jxaJwJ6dX5eY2INSmzqTHVGJXOkp0ZngXjzenMSrPo28vNlL73/gHnDklx6ZkYJ2G4F6GmEVXlbQ=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:04 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_qvoEUXrFoVloUaukGuy/tZ7aR1qFi1IDdXq1tPwSPmh48mYArYZYUM781NKBDeaMTP2j0H69k8RnIk+xsF/EUQ==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_qvoEUXrFoVloUaukGuy/tZ7aR1qFi1IDdXq1tPwSPmh48mYArYZYUM781NKBDeaMTP2j0H69k8RnIk+xsF/EUQ=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:06 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_x07LH2O82Gu4Na/jF5kBE5VP9ClnpS38Ea8d3oZf31f3Fy7C8NKV0sID9AsV3/OPbvF+aTWW+KrsKJigv75qzA==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_x07LH2O82Gu4Na/jF5kBE5VP9ClnpS38Ea8d3oZf31f3Fy7C8NKV0sID9AsV3/OPbvF+aTWW+KrsKJigv75qzA=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_T3wFi791f/HP4EwGHpYlBewOF/mNuQ1g1gUbBm8hNLDSuYH5lZZZ+WOVa/G4IQUgf3oNte6urteqNurKm/95yQ==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_T3wFi791f/HP4EwGHpYlBewOF/mNuQ1g1gUbBm8hNLDSuYH5lZZZ+WOVa/G4IQUgf3oNte6urteqNurKm/95yQ=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:14 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_hK/cZdzfToFtGaAEXyJHrF95vttPAi8KbwG1L7LreRZgrEA68FrWtlgNocqWZ7yFCXQ0NKGk2MgEfHtAg3lAHQ==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_hK/cZdzfToFtGaAEXyJHrF95vttPAi8KbwG1L7LreRZgrEA68FrWtlgNocqWZ7yFCXQ0NKGk2MgEfHtAg3lAHQ=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:20 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_KVrciMAmnc3k7jVCERG6ZaFkJeaoHdzLwyT1qvNLfpY/wWjYZ2OiW2tAAk6hrUvs4KTRx4y3ZYY/dCSwz0f81g==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_KVrciMAmnc3k7jVCERG6ZaFkJeaoHdzLwyT1qvNLfpY/wWjYZ2OiW2tAAk6hrUvs4KTRx4y3ZYY/dCSwz0f81g=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:24 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_XIWxHfKhYhiTtEbfzDOi1/nRQxISDmSmdwkvSP+nxEL2pyH2mnpXMLJ2/ml4gB8YIJ79hhfHl6D+phvnKcUciA==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_XIWxHfKhYhiTtEbfzDOi1/nRQxISDmSmdwkvSP+nxEL2pyH2mnpXMLJ2/ml4gB8YIJ79hhfHl6D+phvnKcUciA=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:29 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_ZQe1lNrfyVMaAicKFKitMjzBoixGzwGcA9qnt9QlnJuJp8nU5khqHllgz8d9WDZJOs0p3RvvxcBK+ks5ryv08w==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_ZQe1lNrfyVMaAicKFKitMjzBoixGzwGcA9qnt9QlnJuJp8nU5khqHllgz8d9WDZJOs0p3RvvxcBK+ks5ryv08w=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:34 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_xVzr1UUkuQA9pQcvKhaU4a7opx+UfixbPv7giMpbaPhct9StMg/2Xqvja8r1AE1iACvpKt+EYgL75/HMQun0vA==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_xVzr1UUkuQA9pQcvKhaU4a7opx+UfixbPv7giMpbaPhct9StMg/2Xqvja8r1AE1iACvpKt+EYgL75/HMQun0vA=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:39 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_mUXaFGnbPknidYqt3lzcvkzrHgidRdX56ZSD5CYqN/N4457NUor2QXnZOrNJDNFJ/tRsIBJOqGn2NktCRVZq9A==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_mUXaFGnbPknidYqt3lzcvkzrHgidRdX56ZSD5CYqN/N4457NUor2QXnZOrNJDNFJ/tRsIBJOqGn2NktCRVZq9A=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:45 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_aM7VZwCetyT72Y2WrELCfnIAWrEq3NoMFpFObVDLoqgK5AJTc/XNenIfjx1VFMEK3jNkAxRk1QTpvsqz1Y8VzQ==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_aM7VZwCetyT72Y2WrELCfnIAWrEq3NoMFpFObVDLoqgK5AJTc/XNenIfjx1VFMEK3jNkAxRk1QTpvsqz1Y8VzQ=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
http://www.mydreamworld.50webs.com
Unicode based on Runtime Data (2.exe )
HttpDefaultExpiryTimeSecs
Unicode based on Runtime Data (2.exe )
HttpOpenRequestW
Ansi based on Memory/File Scan (2.exe.bin)
HttpQueryInfoW
Ansi based on Memory/File Scan (2.exe.bin)
HttpSendRequestW
Ansi based on Memory/File Scan (2.exe.bin)
HTTPSETPROXY
Unicode based on Memory/File Scan (2.exe.bin)
HYYtJHt9H
Ansi based on Memory/File Scan (2.exe.bin)
H}AU3!EA06L
Ansi based on Memory/File Scan (2.exe.bin)
ICMP.DLL
Ansi based on Hybrid Analysis (2.exe.bin)
IcmpCloseHandle
Ansi based on Memory/File Scan (2.exe.bin)
IcmpCreateFile
Ansi based on Memory/File Scan (2.exe.bin)
IcmpSendEcho
Ansi based on Memory/File Scan (2.exe.bin)
ICODE
Unicode based on Memory/File Scan (2.exe.bin)
ICTRLCREATEPIC
Unicode based on Memory/File Scan (2.exe.bin)
ICTRLGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
ICTRLSETGRAPHIC
Unicode based on Memory/File Scan (2.exe.bin)
ICTRLSETPOS
Unicode based on Memory/File Scan (2.exe.bin)
Id7(1IIIIIIIIIIII
Ansi based on Memory/File Scan (2.exe.bin)
idispatch
Unicode based on Memory/File Scan (2.exe.bin)
IdnEnabled
Unicode based on Runtime Data (2.exe )
IETldDllVersionHigh
Unicode based on Runtime Data (2.exe )
IETldDllVersionLow
Unicode based on Runtime Data (2.exe )
IETldVersionHigh
Unicode based on Runtime Data (2.exe )
IETldVersionLow
Unicode based on Runtime Data (2.exe )
iew32
Unicode based on Memory/File Scan (2.exe.bin)
IGETCURSORINFO
Unicode based on Memory/File Scan (2.exe.bin)
IGETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
IIDFromString
Ansi based on Memory/File Scan (2.exe.bin)
IIIII`
Ansi based on Memory/File Scan (2.exe.bin)
IIIIIIIIIIIIIId7
Ansi based on Memory/File Scan (2.exe.bin)
ijjgijggjfifjjgijijjjjigjijgjiiijijjiiiffjijjjjjjijjijijjiijiijjjiigfijjjjjijjjjjjjgijjjj0
Ansi based on Memory/File Scan (2.exe.bin)
ILING
Unicode based on Memory/File Scan (2.exe.bin)
Image Path
Unicode based on Runtime Data (2.exe )
ImageList_BeginDrag
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_Create
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_Destroy
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_DragEnter
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_DragLeave
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_DragMove
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_EndDrag
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_Remove
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_ReplaceIcon
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_SetDragCursorImage
Ansi based on Memory/File Scan (2.exe.bin)
IMARY
Unicode based on Memory/File Scan (2.exe.bin)
IMlll
Ansi based on Memory/File Scan (2.exe.bin)
Include
Unicode based on Hybrid Analysis (2.exe.bin)
inconsistent NEWLINE options
Ansi based on Memory/File Scan (2.exe.bin)
Incorrect Object type in FOR..IN loop
Unicode based on Memory/File Scan (2.exe.bin)
Incorrect Parameter format
Unicode based on Memory/File Scan (2.exe.bin)
Incorrect parameters to object property !
Unicode based on Memory/File Scan (2.exe.bin)
INECOUNT
Unicode based on Memory/File Scan (2.exe.bin)
INETGET
Unicode based on Hybrid Analysis (2.exe.bin)
INETGETACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
INETGETBYTESREAD
Unicode based on Memory/File Scan (2.exe.bin)
INETGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
InflateRect
Ansi based on Memory/File Scan (2.exe.bin)
InfoTip
Unicode based on Runtime Data (2.exe )
INHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
Inherited
Ansi based on Memory/File Scan (2.exe.bin)
INIDELETE
Unicode based on Memory/File Scan (2.exe.bin)
INIREAD
Unicode based on Hybrid Analysis (2.exe.bin)
INIREADSECTION
Unicode based on Memory/File Scan (2.exe.bin)
INIREADSECTIONNAMES
Unicode based on Memory/File Scan (2.exe.bin)
INIRENAMESECTION
Unicode based on Memory/File Scan (2.exe.bin)
InitCommonControlsEx
Ansi based on Memory/File Scan (2.exe.bin)
InitFolderHandler
Unicode based on Runtime Data (2.exe )
InitializeAcl
Ansi based on Memory/File Scan (2.exe.bin)
InitializeCriticalSection
Ansi based on Memory/File Scan (2.exe.bin)
InitializeCriticalSectionAndSpinCount
Ansi based on Memory/File Scan (2.exe.bin)
InitializeSecurityDescriptor
Ansi based on Memory/File Scan (2.exe.bin)
INIWRITE
Unicode based on Hybrid Analysis (2.exe.bin)
INIWRITESECTION
Unicode based on Memory/File Scan (2.exe.bin)
InprocServer32
Unicode based on Runtime Data (2.exe )
inprocserver32
Unicode based on Memory/File Scan (2.exe.bin)
INPUTBOX
Unicode based on Hybrid Analysis (2.exe.bin)
INSERT
Ansi based on Memory/File Scan (2.exe.bin)
InsertMenuItemW
Ansi based on Memory/File Scan (2.exe.bin)
install.txt
Unicode based on Runtime Data (2.exe )
InstallLanguage
Unicode based on Memory/File Scan (2.exe.bin)
INSTANCE
Unicode based on Hybrid Analysis (2.exe.bin)
Int64
Unicode based on Memory/File Scan (2.exe.bin)
int64
Unicode based on Memory/File Scan (2.exe.bin)
int_ptr
Unicode based on Memory/File Scan (2.exe.bin)
interface
Unicode based on Memory/File Scan (2.exe.bin)
Interface\
Unicode based on Memory/File Scan (2.exe.bin)
interface\
Unicode based on Memory/File Scan (2.exe.bin)
InterlockedDecrement
Ansi based on Memory/File Scan (2.exe.bin)
InterlockedExchange
Ansi based on Memory/File Scan (2.exe.bin)
InterlockedIncrement
Ansi based on Memory/File Scan (2.exe.bin)
internal error: code overflow
Ansi based on Memory/File Scan (2.exe.bin)
internal error: overran compiling workspace
Ansi based on Memory/File Scan (2.exe.bin)
internal error: previously-checked referenced subpattern not found
Ansi based on Memory/File Scan (2.exe.bin)
internal error: unexpected repeat
Ansi based on Memory/File Scan (2.exe.bin)
Internal Name
Unicode based on Memory/File Scan (2.exe.bin)
InternetCloseHandle
Ansi based on Memory/File Scan (2.exe.bin)
InternetConnectW
Ansi based on Memory/File Scan (2.exe.bin)
InternetCrackUrlW
Ansi based on Memory/File Scan (2.exe.bin)
InternetOpenUrlW
Ansi based on Memory/File Scan (2.exe.bin)
InternetOpenW
Ansi based on Memory/File Scan (2.exe.bin)
InternetReadFile
Ansi based on Memory/File Scan (2.exe.bin)
InternetSetOptionW
Ansi based on Memory/File Scan (2.exe.bin)
IntranetName
Unicode based on Runtime Data (2.exe )
INUELOOP
Unicode based on Memory/File Scan (2.exe.bin)
INVALID
Unicode based on Hybrid Analysis (2.exe.bin)
Invalid characters behind Object assignment !
Unicode based on Memory/File Scan (2.exe.bin)
invalid condition (?(0)
Ansi based on Memory/File Scan (2.exe.bin)
Invalid element in a DllStruct.*Unknown option or bad parameter specified.&Unable to load the internet libraries./"Struct" statement has no matching "EndStruct".HUnable to open file, the maximum number of open files has been exceeded.
Unicode based on Memory/File Scan (2.exe.bin)
invalid escape sequence in character class
Ansi based on Memory/File Scan (2.exe.bin)
Invalid file filter given.*Expected a variable in user function call.1"Do" statement has no matching "Until" statement.2"Until" statement with no matching "Do" statement.#"For" statement is badly formatted.2"Next" statement with no matching "For" statement.N"ExitLoop/ContinueLoop" statements only valid from inside a For/Do/While loop.1"For" statement has no matching "Next" statement.@"Case" statement with no matching "Select"or "Switch" statement.:"EndSelect" statement with no matching "Select" statement.ORecursion level has been exceeded - AutoIt will quit to prevent stack overflow.
Unicode based on Memory/File Scan (2.exe.bin)
invalid UTF-8 string
Ansi based on Memory/File Scan (2.exe.bin)
InvalidateRect
Ansi based on Memory/File Scan (2.exe.bin)
IOnEventMode
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS1
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS2
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS3
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS4
Unicode based on Memory/File Scan (2.exe.bin)
IPGET
Unicode based on Memory/File Scan (2.exe.bin)
IPTION
Unicode based on Memory/File Scan (2.exe.bin)
IREADSECTION
Unicode based on Memory/File Scan (2.exe.bin)
is a compiled AutoIt script. AV researchers please email avsupport@autoitscript.com for support.
Ansi based on Memory/File Scan (2.exe.bin)
ISADMIN
Unicode based on Hybrid Analysis (2.exe.bin)
ISARRAY
Unicode based on Hybrid Analysis (2.exe.bin)
ISBINARY
Unicode based on Hybrid Analysis (2.exe.bin)
ISBOOL
Unicode based on Hybrid Analysis (2.exe.bin)
IsCharAlphaNumericW
Ansi based on Memory/File Scan (2.exe.bin)
IsCharAlphaW
Ansi based on Memory/File Scan (2.exe.bin)
IsCharLowerW
Ansi based on Memory/File Scan (2.exe.bin)
IsCharUpperW
Ansi based on Memory/File Scan (2.exe.bin)
ISCHECKED
Unicode based on Memory/File Scan (2.exe.bin)
IsClipboardFormatAvailable
Ansi based on Memory/File Scan (2.exe.bin)
IsDebuggerPresent
Ansi based on Memory/File Scan (2.exe.bin)
ISDECLARED
Unicode based on Memory/File Scan (2.exe.bin)
IsDialogMessageW
Ansi based on Memory/File Scan (2.exe.bin)
IsDlgButtonChecked
Ansi based on Memory/File Scan (2.exe.bin)
ISDLLSTRUCT
Unicode based on Memory/File Scan (2.exe.bin)
ISENABLED
Unicode based on Memory/File Scan (2.exe.bin)
ISFLOAT
Unicode based on Hybrid Analysis (2.exe.bin)
ISHWND
Unicode based on Hybrid Analysis (2.exe.bin)
IsIconic
Ansi based on Memory/File Scan (2.exe.bin)
ISINT
Unicode based on Hybrid Analysis (2.exe.bin)
ISKEYWORD
Unicode based on Memory/File Scan (2.exe.bin)
IsMenu
Ansi based on Memory/File Scan (2.exe.bin)
ISNUMBER
Unicode based on Hybrid Analysis (2.exe.bin)
ISOBJ
Unicode based on Hybrid Analysis (2.exe.bin)
IsProcessorFeaturePresent
Ansi based on Hybrid Analysis (2.exe.bin)
ISPTR
Unicode based on Hybrid Analysis (2.exe.bin)
ISSELECTED
Unicode based on Memory/File Scan (2.exe.bin)
ISSTRING
Unicode based on Hybrid Analysis (2.exe.bin)
IsThemeActive
Ansi based on Memory/File Scan (2.exe.bin)
istView32
Unicode based on Memory/File Scan (2.exe.bin)
IsValidCodePage
Ansi based on Memory/File Scan (2.exe.bin)
ISVISIBLE
Unicode based on Memory/File Scan (2.exe.bin)
IsWindow
Ansi based on Memory/File Scan (2.exe.bin)
IsWindowEnabled
Ansi based on Memory/File Scan (2.exe.bin)
IsWindowVisible
Ansi based on Memory/File Scan (2.exe.bin)
IsWow64Process
Ansi based on Memory/File Scan (2.exe.bin)
IsZoomed
Ansi based on Memory/File Scan (2.exe.bin)
It v3
Unicode based on Memory/File Scan (2.exe.bin)
ITCALLVARIABLE%d
Unicode based on Memory/File Scan (2.exe.bin)
ITEMCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
ITEMSETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
itFunc
Unicode based on Memory/File Scan (2.exe.bin)
ITUNICODE
Unicode based on Memory/File Scan (2.exe.bin)
ITX64
Unicode based on Memory/File Scan (2.exe.bin)
IVEGETSERIAL
Unicode based on Memory/File Scan (2.exe.bin)
IVESPACEFREE
Unicode based on Memory/File Scan (2.exe.bin)
JanFebMarAprMayJunJulAugSepOctNovDec
Ansi based on Memory/File Scan (2.exe.bin)
January
Ansi based on Memory/File Scan (2.exe.bin)
jjmjjjjjllllljjjkljlkjjmljljljjjkkjjjmkljjjjkjjjmljjklljljljjjkllkjmjjlljlkllmkllkklljllj1
Ansi based on Memory/File Scan (2.exe.bin)
Kannada
Ansi based on Memory/File Scan (2.exe.bin)
Katakana
Ansi based on Memory/File Scan (2.exe.bin)
Kayah_Li
Ansi based on Memory/File Scan (2.exe.bin)
KeepAliveTimeout
Unicode based on Runtime Data (2.exe )
KERNEL32
Ansi based on Hybrid Analysis (2.exe.bin)
kernel32.dll
Ansi based on Memory/File Scan (2.exe.bin)
KERNEL32.DLL
Ansi based on Memory/File Scan (2.exe.bin)
keybd_event
Ansi based on Memory/File Scan (2.exe.bin)
KeyDelay
Unicode based on Memory/File Scan (2.exe.bin)
Keyword
Unicode based on Memory/File Scan (2.exe.bin)
Kharoshthi
Ansi based on Memory/File Scan (2.exe.bin)
Khmer
Ansi based on Memory/File Scan (2.exe.bin)
KillTimer
Ansi based on Memory/File Scan (2.exe.bin)
KKKIKKKKKKKKIKIIKIKKKKKIKKKKKKKIKKKKKKKKKKIIKKKKKKIKKKKKIKKKIIKKKKIKKLKKKKKKKKIKKKKIIKKKK9
Ansi based on Memory/File Scan (2.exe.bin)
KNOWN
Unicode based on Memory/File Scan (2.exe.bin)
l a new Errorhandler when one is still active.
Unicode based on Memory/File Scan (2.exe.bin)
l$$+l$<+\$@j
Ansi based on Memory/File Scan (2.exe.bin)
L$(Qj
Ansi based on Memory/File Scan (2.exe.bin)
L$<h8LH
Ansi based on Memory/File Scan (2.exe.bin)
L$<SRPQUWV
Ansi based on Memory/File Scan (2.exe.bin)
L$@RPQUWV
Ansi based on Memory/File Scan (2.exe.bin)
L$@RWPSQV
Ansi based on Memory/File Scan (2.exe.bin)
L$D9L$,tz
Ansi based on Memory/File Scan (2.exe.bin)
L$PRPQUWV
Ansi based on Memory/File Scan (2.exe.bin)
largeicons
Unicode based on Memory/File Scan (2.exe.bin)
LASTDLLERROR
Unicode based on Memory/File Scan (2.exe.bin)
Latin
Ansi based on Memory/File Scan (2.exe.bin)
LAUNCH_APP1
Ansi based on Memory/File Scan (2.exe.bin)
LAUNCH_APP2
Ansi based on Memory/File Scan (2.exe.bin)
LAUNCH_MAIL
Ansi based on Memory/File Scan (2.exe.bin)
LAUNCH_MEDIA
Ansi based on Memory/File Scan (2.exe.bin)
layMe wait
Unicode based on Memory/File Scan (2.exe.bin)
LCALLBACKFREE
Unicode based on Memory/File Scan (2.exe.bin)
LCMapStringA
Ansi based on Memory/File Scan (2.exe.bin)
LCMapStringW
Ansi based on Memory/File Scan (2.exe.bin)
LCREATETREEVIEWITEM
Unicode based on Memory/File Scan (2.exe.bin)
LCTRL
Ansi based on Memory/File Scan (2.exe.bin)
LdapClientIntegrity
Unicode based on Runtime Data (2.exe )
LeashLegacyCookies
Unicode based on Runtime Data (2.exe )
LeaveCriticalSection
Ansi based on Memory/File Scan (2.exe.bin)
LECHANGEDIR
Unicode based on Memory/File Scan (2.exe.bin)
LECTALL
Unicode based on Memory/File Scan (2.exe.bin)
LECTION
Unicode based on Memory/File Scan (2.exe.bin)
LEEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
LEOPEN
Unicode based on Memory/File Scan (2.exe.bin)
Lepcha
Ansi based on Memory/File Scan (2.exe.bin)
LibraryPath
Unicode based on Runtime Data (2.exe )
lickDelay
Unicode based on Memory/File Scan (2.exe.bin)
licons
Unicode based on Memory/File Scan (2.exe.bin)
Limbu
Ansi based on Memory/File Scan (2.exe.bin)
Line %d (File "%s"):
Unicode based on Memory/File Scan (2.exe.bin)
Line %d:
Unicode based on Memory/File Scan (2.exe.bin)
Line:
Unicode based on Hybrid Analysis (2.exe.bin)
Linear_B
Ansi based on Memory/File Scan (2.exe.bin)
LineTo
Ansi based on Memory/File Scan (2.exe.bin)
Listbox
Unicode based on Hybrid Analysis (2.exe.bin)
ListBox
Unicode based on Hybrid Analysis (2.exe.bin)
LLARGARRAY
Unicode based on Memory/File Scan (2.exe.bin)
lllll
Ansi based on Memory/File Scan (2.exe.bin)
LMLLLKKNKKNLMKKLKKLLKLKKLKNLLKLLLKKLLMKKNKLNKKNLLKLNMKKLKLKKNNMMLMLLNLKMKKLMKLKLLNKLKLNNL;
Ansi based on Memory/File Scan (2.exe.bin)
LoadAppInit_DLLs
Unicode based on Runtime Data (2.exe )
LoadCursorW
Ansi based on Memory/File Scan (2.exe.bin)
LoadIconW
Ansi based on Memory/File Scan (2.exe.bin)
LoadImageW
Ansi based on Memory/File Scan (2.exe.bin)
LoadLibraryA
Ansi based on Memory/File Scan (2.exe.bin)
LoadLibraryExW
Ansi based on Memory/File Scan (2.exe.bin)
LoadLibraryW
Ansi based on Memory/File Scan (2.exe.bin)
LoadResource
Ansi based on Memory/File Scan (2.exe.bin)
LoadStringW
Ansi based on Memory/File Scan (2.exe.bin)
LoadUserProfileW
Ansi based on Memory/File Scan (2.exe.bin)
LOCAL
Unicode based on Memory/File Scan (2.exe.bin)
Local AppData
Unicode based on Runtime Data (2.exe )
LocalFileTimeToFileTime
Ansi based on Memory/File Scan (2.exe.bin)
LocalizedName
Unicode based on Runtime Data (2.exe )
LocalRedirectOnly
Unicode based on Runtime Data (2.exe )
localserver32
Unicode based on Memory/File Scan (2.exe.bin)
LockResource
Ansi based on Memory/File Scan (2.exe.bin)
LockServiceDatabase
Ansi based on Memory/File Scan (2.exe.bin)
LockWindowUpdate
Ansi based on Memory/File Scan (2.exe.bin)
LOFT9159-XL
Ansi based on PCAP Processing (network.pcap)
LOGONDNSDOMAIN
Unicode based on Memory/File Scan (2.exe.bin)
LOGONDOMAIN
Unicode based on Memory/File Scan (2.exe.bin)
LOGONSERVER
Unicode based on Memory/File Scan (2.exe.bin)
LogonUserW
Ansi based on Memory/File Scan (2.exe.bin)
lookbehind assertion is not fixed length
Ansi based on Memory/File Scan (2.exe.bin)
LookupPrivilegeValueW
Ansi based on Memory/File Scan (2.exe.bin)
LOSESOCKET
Unicode based on Memory/File Scan (2.exe.bin)
lower
Ansi based on Memory/File Scan (2.exe.bin)
ls_progress32
Unicode based on Memory/File Scan (2.exe.bin)
LSEND
Unicode based on Memory/File Scan (2.exe.bin)
LSETDEFCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
LSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
LSETTIP
Unicode based on Memory/File Scan (2.exe.bin)
LSHIFT
Ansi based on Memory/File Scan (2.exe.bin)
lstrcmpiW
Ansi based on Memory/File Scan (2.exe.bin)
LSTRUCTCREATE
Unicode based on Memory/File Scan (2.exe.bin)
LSTRUCTGETPTR
Unicode based on Memory/File Scan (2.exe.bin)
LSTRUCTSETDATA
Unicode based on Memory/File Scan (2.exe.bin)
lude-once
Unicode based on Memory/File Scan (2.exe.bin)
LWINDOWN
Ansi based on Memory/File Scan (2.exe.bin)
LWINUP
Ansi based on Memory/File Scan (2.exe.bin)
Lycian
Ansi based on Memory/File Scan (2.exe.bin)
Lydian
Ansi based on Memory/File Scan (2.exe.bin)
m____
Ansi based on Image Processing (screen_0.png)
MachineGuid
Unicode based on Runtime Data (2.exe )
MachinePreferredUILanguages
Unicode based on Runtime Data (2.exe )
MachineThrottling
Unicode based on Runtime Data (2.exe )
Malayalam
Ansi based on Memory/File Scan (2.exe.bin)
malformed \P or \p sequence
Ansi based on Memory/File Scan (2.exe.bin)
malformed number or name after (?(
Ansi based on Memory/File Scan (2.exe.bin)
MapNetDriveVerbs
Unicode based on Runtime Data (2.exe )
Mapping
Unicode based on Runtime Data (2.exe )
MapVirtualKeyW
Ansi based on Memory/File Scan (2.exe.bin)
March
Ansi based on Memory/File Scan (2.exe.bin)
MartaExtension
Unicode based on Runtime Data (2.exe )
matching "For" statement.N"ExitLoop/ContinueLoop" statements only valid from inside a For/Do/While loop.1"For" statement has no matching "Next" statement.@"Case" statement with no matching "Select"or "Switch" statement.:"EndSelect" statement with no matching "Select" statement.ORecursion level has been exceeded - AutoIt will quit to prevent stack overflow.
Unicode based on Memory/File Scan (2.exe.bin)
MaxConnectionsPer1_0Server
Unicode based on Runtime Data (2.exe )
MaxConnectionsPerProxy
Unicode based on Runtime Data (2.exe )
MaxConnectionsPerServer
Unicode based on Runtime Data (2.exe )
MaxFileSize
Unicode based on Runtime Data (2.exe )
MaxHttpRedirects
Unicode based on Runtime Data (2.exe )
MaximumAllowedAllocationSize
Unicode based on Runtime Data (2.exe )
MaxRpcSize
Unicode based on Runtime Data (2.exe )
MaxSockaddrLength
Unicode based on Runtime Data (2.exe )
MaxSxSHashCount
Unicode based on Runtime Data (2.exe )
MBCSAPIforCrack
Unicode based on Runtime Data (2.exe )
MBCSServername
Unicode based on Runtime Data (2.exe )
mciSendStringW
Ansi based on Memory/File Scan (2.exe.bin)
MEDIA_NEXT
Ansi based on Memory/File Scan (2.exe.bin)
MEDIA_PLAY_PAUSE
Ansi based on Memory/File Scan (2.exe.bin)
MEDIA_PREV
Ansi based on Memory/File Scan (2.exe.bin)
MEDIA_STOP
Ansi based on Memory/File Scan (2.exe.bin)
MEMGETSTATS
Unicode based on Memory/File Scan (2.exe.bin)
MENTSDIR
Unicode based on Memory/File Scan (2.exe.bin)
MenuMode
Unicode based on Memory/File Scan (2.exe.bin)
MessageBeep
Ansi based on Memory/File Scan (2.exe.bin)
MessageBoxA
Ansi based on Memory/File Scan (2.exe.bin)
MessageBoxW
Ansi based on Memory/File Scan (2.exe.bin)
MFILESDIR
Unicode based on Memory/File Scan (2.exe.bin)
Microsoft
Unicode based on Memory/File Scan (2.exe.bin)
Microsoft Corporation
Unicode based on Memory/File Scan (2.exe.bin)
Microsoft Visual C++ Runtime Library
Ansi based on Memory/File Scan (2.exe.bin)
MIDDLE
Unicode based on Hybrid Analysis (2.exe.bin)
MigrateProxy
Unicode based on Runtime Data (2.exe )
MimeExclusionListForCache
Unicode based on Runtime Data (2.exe )
MinSockaddrLength
Unicode based on Runtime Data (2.exe )
missing )
Ansi based on Memory/File Scan (2.exe.bin)
missing ) after comment
Ansi based on Memory/File Scan (2.exe.bin)
Missing operator in expression."Unbalanced brackets in expression.
Unicode based on Memory/File Scan (2.exe.bin)
missing terminating ] for character class
Ansi based on Memory/File Scan (2.exe.bin)
MkParseDisplayName
Ansi based on Memory/File Scan (2.exe.bin)
MM/dd/yy
Ansi based on Memory/File Scan (2.exe.bin)
mmlmmlmmmmlmmmmmkmmlmmlmmmmmmmmmmmmmmmmmlmmmmlmmlmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm2
Ansi based on Memory/File Scan (2.exe.bin)
MMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
Monday
Ansi based on Memory/File Scan (2.exe.bin)
Mongolian
Ansi based on Memory/File Scan (2.exe.bin)
MonitorFromPoint
Ansi based on Memory/File Scan (2.exe.bin)
mouse_event
Ansi based on Memory/File Scan (2.exe.bin)
MOUSE_LBUTTON
Ansi based on Memory/File Scan (2.exe.bin)
MOUSE_MBUTTON
Ansi based on Memory/File Scan (2.exe.bin)
MOUSE_RBUTTON
Ansi based on Memory/File Scan (2.exe.bin)
MOUSE_XBUTTON1
Ansi based on Memory/File Scan (2.exe.bin)
MOUSE_XBUTTON2
Ansi based on Memory/File Scan (2.exe.bin)
MOUSECLICK
Unicode based on Memory/File Scan (2.exe.bin)
MouseClickDelay
Unicode based on Memory/File Scan (2.exe.bin)
MouseClickDownDelay
Unicode based on Memory/File Scan (2.exe.bin)
MOUSECLICKDRAG
Unicode based on Memory/File Scan (2.exe.bin)
MouseClickDragDelay
Unicode based on Memory/File Scan (2.exe.bin)
MouseCoordMode
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEDOWN
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEGETCURSOR
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEGETPOS
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEMOVE
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEUP
Unicode based on Hybrid Analysis (2.exe.bin)
MOUSEWHEEL
Unicode based on Memory/File Scan (2.exe.bin)
MoveFileW
Ansi based on Memory/File Scan (2.exe.bin)
MoveToEx
Ansi based on Memory/File Scan (2.exe.bin)
MoveWindow
Ansi based on Memory/File Scan (2.exe.bin)
MPR.dll
Ansi based on Memory/File Scan (2.exe.bin)
MS Shell Dlg
Unicode based on Memory/File Scan (2.exe.bin)
mscoree.dll
Unicode based on Memory/File Scan (2.exe.bin)
Msctls_Progress32
Unicode based on Memory/File Scan (2.exe.bin)
msctls_progress32
Unicode based on Memory/File Scan (2.exe.bin)
msctls_statusbar321
Unicode based on Memory/File Scan (2.exe.bin)
msctls_trackbar32
Unicode based on Memory/File Scan (2.exe.bin)
msctls_updown32
Unicode based on Memory/File Scan (2.exe.bin)
MSGBOX
Unicode based on Hybrid Analysis (2.exe.bin)
MultiByteToWideChar
Ansi based on Memory/File Scan (2.exe.bin)
MustDeclareVars
Unicode based on Memory/File Scan (2.exe.bin)
Myanmar
Ansi based on Memory/File Scan (2.exe.bin)
MYDOCUMENTSDIR
Unicode based on Memory/File Scan (2.exe.bin)
N32_NT
Unicode based on Memory/File Scan (2.exe.bin)
N_VISTA
Unicode based on Memory/File Scan (2.exe.bin)
NameServer
Unicode based on Runtime Data (2.exe )
NameSpace_Callout
Unicode based on Runtime Data (2.exe )
NASWAIT
Unicode based on Memory/File Scan (2.exe.bin)
NCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
nclude depth exceeded. Make sure there are no recursive includes
Unicode based on Memory/File Scan (2.exe.bin)
ndAttachMode
Unicode based on Memory/File Scan (2.exe.bin)
ndEnvStrings
Unicode based on Memory/File Scan (2.exe.bin)
NDFIRSTFILE
Unicode based on Memory/File Scan (2.exe.bin)
NDKEEPACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
NDNSDOMAIN
Unicode based on Memory/File Scan (2.exe.bin)
NdrOleExtDLL
Unicode based on Runtime Data (2.exe )
NDSTRING
Unicode based on Memory/File Scan (2.exe.bin)
ne %d:
Unicode based on Memory/File Scan (2.exe.bin)
NENUMBER
Unicode based on Memory/File Scan (2.exe.bin)
network
Unicode based on Hybrid Analysis (2.exe.bin)
Network
Unicode based on Hybrid Analysis (2.exe.bin)
new[]
Ansi based on Memory/File Scan (2.exe.bin)
New_Tai_Lue
Ansi based on Memory/File Scan (2.exe.bin)
Next_Catalog_Entry_ID
Unicode based on Runtime Data (2.exe )
ng_ptr
Unicode based on Memory/File Scan (2.exe.bin)
NGETCARETPOS
Unicode based on Memory/File Scan (2.exe.bin)
NGETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
NGRIGHT
Unicode based on Memory/File Scan (2.exe.bin)
NGSTRIPCR
Unicode based on Memory/File Scan (2.exe.bin)
NGTOASCIIARRAY
Unicode based on Memory/File Scan (2.exe.bin)
nhGFlllll
Ansi based on Memory/File Scan (2.exe.bin)
nKB\`lll
Ansi based on Memory/File Scan (2.exe.bin)
nKG[llll
Ansi based on Memory/File Scan (2.exe.bin)
NMINIMIZEALLUNDO
Unicode based on Memory/File Scan (2.exe.bin)
NNNNMNNNNNLNLLNNNNLLNNLLNNLNNNNLLNLLNLNLNNLLLLNNMNLLNLLNNNNLNLNLLLNNNNLLLNLNNNNNNNLNNLLLN>
Ansi based on Memory/File Scan (2.exe.bin)
no error
Ansi based on Hybrid Analysis (2.exe.bin)
NoCheckAutodialOverRide
Unicode based on Runtime Data (2.exe )
NoFileFolderJunction
Unicode based on Runtime Data (2.exe )
NofolderOptions
Unicode based on Runtime Data (2.exe )
NoNetAutodial
Unicode based on Runtime Data (2.exe )
Not an Object type
Unicode based on Memory/File Scan (2.exe.bin)
nothing to repeat
Ansi based on Memory/File Scan (2.exe.bin)
NOTREADY
Unicode based on Hybrid Analysis (2.exe.bin)
November
Ansi based on Memory/File Scan (2.exe.bin)
npoppnomnomnmppnopomopommmnopmpnmonpppomopmooopmoppponpppmmpnompmompopnnompnopmmmmmoopoom2
Ansi based on Memory/File Scan (2.exe.bin)
NSOLEREAD
Unicode based on Memory/File Scan (2.exe.bin)
NSOLEWRITEERROR
Unicode based on Memory/File Scan (2.exe.bin)
nt_ptr
Unicode based on Memory/File Scan (2.exe.bin)
ntControlSet\Control\Nls\Language
Unicode based on Memory/File Scan (2.exe.bin)
NTEXT
Unicode based on Memory/File Scan (2.exe.bin)
nText
Unicode based on Memory/File Scan (2.exe.bin)
NTINUECASE
Unicode based on Memory/File Scan (2.exe.bin)
nTitleMatchMode
Unicode based on Memory/File Scan (2.exe.bin)
NTROLTREEVIEW
Unicode based on Memory/File Scan (2.exe.bin)
Null Object assignment in FOR..IN loop
Unicode based on Memory/File Scan (2.exe.bin)
NULL Pointer assignment
Unicode based on Memory/File Scan (2.exe.bin)
Num_Catalog_Entries
Unicode based on Runtime Data (2.exe )
NUMBER
Unicode based on Hybrid Analysis (2.exe.bin)
number after (?C is > 255
Ansi based on Memory/File Scan (2.exe.bin)
number is too big
Ansi based on Memory/File Scan (2.exe.bin)
number too big in {} quantifier
Ansi based on Memory/File Scan (2.exe.bin)
numbers out of order in {} quantifier
Ansi based on Memory/File Scan (2.exe.bin)
NUMKEY
Unicode based on Memory/File Scan (2.exe.bin)
NUMLOCK
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD0
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD1
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD2
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD3
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD4
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD5
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD6
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD7
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD8
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD9
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADADD
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADDIV
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADDOT
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADENTER
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADMULT
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADSUB
Ansi based on Memory/File Scan (2.exe.bin)
NUMPARAMS
Unicode based on Memory/File Scan (2.exe.bin)
NUMVAL
Unicode based on Memory/File Scan (2.exe.bin)
OACTIVATE
Unicode based on Memory/File Scan (2.exe.bin)
OBJCREATE
Unicode based on Memory/File Scan (2.exe.bin)
Object'.
Unicode based on Memory/File Scan (2.exe.bin)
OBJEVENT
Unicode based on Hybrid Analysis (2.exe.bin)
OBJGET
Unicode based on Hybrid Analysis (2.exe.bin)
OBJNAME
Unicode based on Hybrid Analysis (2.exe.bin)
Obsolete function/parameter.4Invalid Exitcode (reserved for AutoIt internal use).
Unicode based on Memory/File Scan (2.exe.bin)
OCESS
Unicode based on Memory/File Scan (2.exe.bin)
OCKINPUT
Unicode based on Memory/File Scan (2.exe.bin)
octal value is greater than \377 (not in UTF-8 mode)
Ansi based on Memory/File Scan (2.exe.bin)
October
Ansi based on Memory/File Scan (2.exe.bin)
Ogham
Ansi based on Memory/File Scan (2.exe.bin)
OGRESSON
Unicode based on Memory/File Scan (2.exe.bin)
Ol_Chiki
Ansi based on Memory/File Scan (2.exe.bin)
Old_Italic
Ansi based on Memory/File Scan (2.exe.bin)
Old_Persian
Ansi based on Memory/File Scan (2.exe.bin)
ole32.dll
Ansi based on Memory/File Scan (2.exe.bin)
OLEAUT32.dll
Ansi based on Memory/File Scan (2.exe.bin)
OleInitialize
Ansi based on Memory/File Scan (2.exe.bin)
OleSetContainedObject
Ansi based on Memory/File Scan (2.exe.bin)
OleSetMenuDescriptor
Ansi based on Memory/File Scan (2.exe.bin)
OleUninitialize
Ansi based on Memory/File Scan (2.exe.bin)
OMASCIIARRAY
Unicode based on Memory/File Scan (2.exe.bin)
OMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
on Programs
Unicode based on Memory/File Scan (2.exe.bin)
on Startup
Unicode based on Memory/File Scan (2.exe.bin)
ONAUTOITEXIT
Unicode based on Memory/File Scan (2.exe.bin)
ONAUTOITSTART
Unicode based on Memory/File Scan (2.exe.bin)
OnExitFunc
Unicode based on Memory/File Scan (2.exe.bin)
ONFLASHING
Unicode based on Memory/File Scan (2.exe.bin)
ong_ptr
Unicode based on Memory/File Scan (2.exe.bin)
ONGNAME
Unicode based on Memory/File Scan (2.exe.bin)
ONTOP
Unicode based on Memory/File Scan (2.exe.bin)
OOBEInProgress
Unicode based on Runtime Data (2.exe )
OOONOOONOQNONONOOONONONOONONNORONOQNONOOOONRNORNNQNNOOONOOOONOOOQOQONOQNNRONQNNOORNOONNNN<
Ansi based on Memory/File Scan (2.exe.bin)
OpenClipboard
Ansi based on Memory/File Scan (2.exe.bin)
OpenDesktopW
Ansi based on Memory/File Scan (2.exe.bin)
OPENDIALOG
Unicode based on Memory/File Scan (2.exe.bin)
OpenProcess
Ansi based on Memory/File Scan (2.exe.bin)
OpenProcessToken
Ansi based on Memory/File Scan (2.exe.bin)
OpenSCManagerW
Ansi based on Memory/File Scan (2.exe.bin)
OpenThreadToken
Ansi based on Memory/File Scan (2.exe.bin)
OpenWindowStationW
Ansi based on Memory/File Scan (2.exe.bin)
operand of unlimited repeat could match the empty string
Ansi based on Memory/File Scan (2.exe.bin)
Operating System
Unicode based on Memory/File Scan (2.exe.bin)
operator
Ansi based on Memory/File Scan (2.exe.bin)
or AutoIt internal use).
Unicode based on Memory/File Scan (2.exe.bin)
OR..IN loop
Unicode based on Memory/File Scan (2.exe.bin)
Original File name
Unicode based on Memory/File Scan (2.exe.bin)
Oriya
Ansi based on Memory/File Scan (2.exe.bin)
Osmanya
Ansi based on Memory/File Scan (2.exe.bin)
OSSERVICEPACK
Unicode based on Memory/File Scan (2.exe.bin)
OSVERSION
Unicode based on Memory/File Scan (2.exe.bin)
OTATE
Unicode based on Memory/File Scan (2.exe.bin)
OutputDebugStringW
Ansi based on Memory/File Scan (2.exe.bin)
OWDROPDOWN
Unicode based on Memory/File Scan (2.exe.bin)
Pacific Daylight Time
Unicode based on Hybrid Analysis (2.exe , 00007995-00002916.00000001.11491.00401000.00000020.mdmp)
Pacific Standard Time
Unicode based on Hybrid Analysis (2.exe , 00007995-00002916.00000001.11491.00401000.00000020.mdmp)
PackedCatalogItem
Unicode based on Runtime Data (2.exe )
PageAllocatorSystemHeapIsPrivate
Unicode based on Runtime Data (2.exe )
PageAllocatorUseSystemHeap
Unicode based on Runtime Data (2.exe )
Parameter format
Unicode based on Memory/File Scan (2.exe.bin)
ParentFolder
Unicode based on Runtime Data (2.exe )
parentheses nested too deeply
Ansi based on Memory/File Scan (2.exe.bin)
ParsingName
Unicode based on Runtime Data (2.exe )
PAUSE
Ansi based on Memory/File Scan (2.exe.bin)
Paused
Unicode based on Memory/File Scan (2.exe.bin)
PCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
PCRE does not support \L, \l, \N, \U, or \u
Ansi based on Memory/File Scan (2.exe.bin)
PDATE
Unicode based on Memory/File Scan (2.exe.bin)
pdown32
Unicode based on Memory/File Scan (2.exe.bin)
PEEDTEST
Unicode based on Memory/File Scan (2.exe.bin)
PeekMessageW
Ansi based on Memory/File Scan (2.exe.bin)
Personal
Unicode based on Hybrid Analysis (2.exe.bin)
PerUserCookies
Unicode based on Runtime Data (2.exe )
PerUserItem
Unicode based on Runtime Data (2.exe )
Phags_Pa
Ansi based on Memory/File Scan (2.exe.bin)
Phoenician
Ansi based on Memory/File Scan (2.exe.bin)
PinToNameSpaceTree
Unicode based on Runtime Data (2.exe )
PIXELCHECKSUM
Unicode based on Memory/File Scan (2.exe.bin)
PixelCoordMode
Unicode based on Memory/File Scan (2.exe.bin)
PIXELGETCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
PIXELSEARCH
Unicode based on Memory/File Scan (2.exe.bin)
PjxPPh
Ansi based on Memory/File Scan (2.exe , 00007995-00002916.00000001.11491.00401000.00000020.mdmp)
PLACE
Unicode based on Memory/File Scan (2.exe.bin)
play PlayMe
Unicode based on Memory/File Scan (2.exe.bin)
play PlayMe wait
Unicode based on Memory/File Scan (2.exe.bin)
PLUGINCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
PLUGINOPEN
Unicode based on Memory/File Scan (2.exe.bin)
PolyDraw
Ansi based on Memory/File Scan (2.exe.bin)
POSIX collating elements are not supported
Ansi based on Memory/File Scan (2.exe.bin)
POSIX named classes are supported only within a class
Ansi based on Memory/File Scan (2.exe.bin)
PostMessageW
Ansi based on Memory/File Scan (2.exe.bin)
PostQuitMessage
Ansi based on Memory/File Scan (2.exe.bin)
ppppppqpppppppppsqpqprpppppppprpqppqrrprpqspppqrppprpppprqqrppppqpppprprpqpppqppppppppppr'
Ansi based on Memory/File Scan (2.exe.bin)
PreCreate
Unicode based on Runtime Data (2.exe )
PRECV
Unicode based on Memory/File Scan (2.exe.bin)
PreferExternalManifest
Unicode based on Runtime Data (2.exe )
PreferredUILanguages
Unicode based on Runtime Data (2.exe )
PRIMARY
Unicode based on Hybrid Analysis (2.exe.bin)
print
Ansi based on Memory/File Scan (2.exe.bin)
PRINTSCREEN
Ansi based on Memory/File Scan (2.exe.bin)
PrivateKeyLifetimeSeconds
Unicode based on Runtime Data (2.exe )
PrivKeyCacheMaxItems
Unicode based on Runtime Data (2.exe )
PrivKeyCachePurgeIntervalSeconds
Unicode based on Runtime Data (2.exe )
Process32FirstW
Ansi based on Memory/File Scan (2.exe.bin)
Process32NextW
Ansi based on Memory/File Scan (2.exe.bin)
PROCESSCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSGETSTATS
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSLIST
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSORARCH
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSSETPRIORITY
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSWAIT
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSWAITCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
Product Name
Unicode based on Memory/File Scan (2.exe.bin)
Product Version
Unicode based on Memory/File Scan (2.exe.bin)
ProfileImagePath
Unicode based on Runtime Data (2.exe )
ProgID
Unicode based on Hybrid Analysis (2.exe.bin)
ProgramData
Unicode based on Runtime Data (2.exe )
ProgramFilesDir
Unicode based on Memory/File Scan (2.exe.bin)
PROGRAMFILESDIR
Unicode based on Memory/File Scan (2.exe.bin)
PROGRAMSCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
PROGRAMSDIR
Unicode based on Memory/File Scan (2.exe.bin)
PROGRESSOFF
Unicode based on Memory/File Scan (2.exe.bin)
PROGRESSON
Unicode based on Memory/File Scan (2.exe.bin)
PROGRESSSET
Unicode based on Memory/File Scan (2.exe.bin)
Prompt
Unicode based on Memory/File Scan (2.exe.bin)
ProviderId
Unicode based on Runtime Data (2.exe )
ProviderInfo
Unicode based on Runtime Data (2.exe )
PROXY
Unicode based on Memory/File Scan (2.exe.bin)
ProxyBypass
Unicode based on Runtime Data (2.exe )
ProxyEnable
Unicode based on Runtime Data (2.exe )
ProxyHttp1.1
Unicode based on Runtime Data (2.exe )
ProxyOverride
Unicode based on Runtime Data (2.exe )
ProxyServer
Unicode based on Runtime Data (2.exe )
ProxySettingsPerUser
Unicode based on Runtime Data (2.exe )
PRUNE
Ansi based on Memory/File Scan (2.exe.bin)
PSAPI.DLL
Ansi based on Memory/File Scan (2.exe.bin)
PSHUTDOWN
Unicode based on Memory/File Scan (2.exe.bin)
PSPUBWS-PC
Ansi based on PCAP Processing (network.pcap)
pssssssqrssssssspqssssssprqsssssssqrqssqsrrsqssrrqrsssrqsspsqqsspsqqsssspsssssqqqrrsqssss(
Ansi based on Memory/File Scan (2.exe.bin)
PTimeout
Unicode based on Memory/File Scan (2.exe.bin)
PtInRect
Ansi based on Memory/File Scan (2.exe.bin)
PTLINE
Unicode based on Memory/File Scan (2.exe.bin)
PublishExpandedPath
Unicode based on Runtime Data (2.exe )
punct
Ansi based on Memory/File Scan (2.exe.bin)
QueryForInfoTip
Unicode based on Runtime Data (2.exe )
QueryForOverlay
Unicode based on Runtime Data (2.exe )
QueryPerformanceCounter
Ansi based on Memory/File Scan (2.exe.bin)
QueryPerformanceFrequency
Ansi based on Memory/File Scan (2.exe.bin)
question
Unicode based on Hybrid Analysis (2.exe.bin)
r0,1023
Unicode based on Memory/File Scan (2.exe.bin)
R6002- floating point support not loaded
Ansi based on Memory/File Scan (2.exe.bin)
R6008- not enough space for arguments
Ansi based on Memory/File Scan (2.exe.bin)
R6009- not enough space for environment
Ansi based on Memory/File Scan (2.exe.bin)
R6016- not enough space for thread data
Ansi based on Memory/File Scan (2.exe.bin)
R6017- unexpected multithread lock error
Ansi based on Memory/File Scan (2.exe.bin)
R6018- unexpected heap error
Ansi based on Memory/File Scan (2.exe.bin)
R6019- unable to open console device
Ansi based on Memory/File Scan (2.exe.bin)
R6024- not enough space for _onexit/atexit table
Ansi based on Memory/File Scan (2.exe.bin)
R6025- pure virtual function call
Ansi based on Memory/File Scan (2.exe.bin)
R6026- not enough space for stdio initialization
Ansi based on Memory/File Scan (2.exe.bin)
R6027- not enough space for lowio initialization
Ansi based on Memory/File Scan (2.exe.bin)
R6028- unable to initialize heap
Ansi based on Memory/File Scan (2.exe.bin)
R6030- CRT not initialized
Ansi based on Memory/File Scan (2.exe.bin)
R6031- Attempt to initialize the CRT more than once.This indicates a bug in your application.
Ansi based on Memory/File Scan (2.exe.bin)
R6032- not enough space for locale information
Ansi based on Memory/File Scan (2.exe.bin)
R6033- Attempt to use MSIL code from this assembly during native code initializationThis indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Ansi based on Memory/File Scan (2.exe.bin)
R6034An application has made an attempt to load the C runtime library incorrectly.Please contact the application's support team for more information.
Ansi based on Memory/File Scan (2.exe.bin)
RaiseDefaultAuthnLevel
Unicode based on Runtime Data (2.exe )
RaiseException
Ansi based on Memory/File Scan (2.exe.bin)
ramdisk
Unicode based on Hybrid Analysis (2.exe.bin)
RAMDisk
Unicode based on Hybrid Analysis (2.exe.bin)
rameter must be of type 'Object'.
Unicode based on Memory/File Scan (2.exe.bin)
RANDOM
Unicode based on Hybrid Analysis (2.exe.bin)
range out of order in character class
Ansi based on Memory/File Scan (2.exe.bin)
ranslation
Unicode based on Memory/File Scan (2.exe.bin)
rasphone.pbk
Unicode based on Runtime Data (2.exe )
RCREATE
Unicode based on Memory/File Scan (2.exe.bin)
RCTRL
Ansi based on Memory/File Scan (2.exe.bin)
re\AutoIt v3\AutoIt
Unicode based on Memory/File Scan (2.exe.bin)
RE\Microsoft\Windows\CurrentVersion
Unicode based on Memory/File Scan (2.exe.bin)
ReadFile
Ansi based on Memory/File Scan (2.exe.bin)
READONLY
Unicode based on Hybrid Analysis (2.exe.bin)
ReadProcessMemory
Ansi based on Memory/File Scan (2.exe.bin)
READY
Unicode based on Hybrid Analysis (2.exe.bin)
REATE
Unicode based on Memory/File Scan (2.exe.bin)
REATECHECKBOX
Unicode based on Memory/File Scan (2.exe.bin)
REATEMONTHCAL
Unicode based on Memory/File Scan (2.exe.bin)
REATERADIO
Unicode based on Memory/File Scan (2.exe.bin)
REATESLIDER
Unicode based on Memory/File Scan (2.exe.bin)
ReceiveTimeOut
Unicode based on Runtime Data (2.exe )
Rectangle
Ansi based on Memory/File Scan (2.exe.bin)
recursive call could loop indefinitely
Ansi based on Memory/File Scan (2.exe.bin)
RedrawWindow
Ansi based on Memory/File Scan (2.exe.bin)
REEVIEW
Unicode based on Memory/File Scan (2.exe.bin)
Reference
Unicode based on Memory/File Scan (2.exe.bin)
reference to non-existent subpattern
Ansi based on Memory/File Scan (2.exe.bin)
REG_BINARY
Unicode based on Memory/File Scan (2.exe.bin)
REG_DWORD
Unicode based on Memory/File Scan (2.exe.bin)
REG_EXPAND_SZ
Unicode based on Memory/File Scan (2.exe.bin)
REG_MULTI_SZ
Unicode based on Memory/File Scan (2.exe.bin)
REG_QWORD
Unicode based on Memory/File Scan (2.exe.bin)
REG_SZ
Unicode based on Hybrid Analysis (2.exe.bin)
RegCloseKey
Ansi based on Memory/File Scan (2.exe.bin)
RegConnectRegistryW
Ansi based on Memory/File Scan (2.exe.bin)
RegCreateKeyExW
Ansi based on Memory/File Scan (2.exe.bin)
REGDELETE
Unicode based on Memory/File Scan (2.exe.bin)
RegDeleteKeyW
Ansi based on Memory/File Scan (2.exe.bin)
RegDeleteValueW
Ansi based on Memory/File Scan (2.exe.bin)
REGENUMKEY
Unicode based on Memory/File Scan (2.exe.bin)
RegEnumKeyExW
Ansi based on Memory/File Scan (2.exe.bin)
REGENUMVAL
Unicode based on Memory/File Scan (2.exe.bin)
RegEnumValueW
Ansi based on Memory/File Scan (2.exe.bin)
REGEXP=
Unicode based on Hybrid Analysis (2.exe.bin)
REGEXPCLASS
Unicode based on Memory/File Scan (2.exe.bin)
REGEXPTITLE
Unicode based on Memory/File Scan (2.exe.bin)
RegisterAdapterName
Unicode based on Runtime Data (2.exe )
RegisterClassExW
Ansi based on Memory/File Scan (2.exe.bin)
RegisterHotKey
Ansi based on Memory/File Scan (2.exe.bin)
RegisterWindowMessageW
Ansi based on Memory/File Scan (2.exe.bin)
RegistrationEnabled
Unicode based on Runtime Data (2.exe )
RegOpenKeyExW
Ansi based on Memory/File Scan (2.exe.bin)
RegQueryValueExW
Ansi based on Memory/File Scan (2.exe.bin)
REGREAD
Unicode based on Hybrid Analysis (2.exe.bin)
RegSetValueExW
Ansi based on Memory/File Scan (2.exe.bin)
regular expression is too large
Ansi based on Memory/File Scan (2.exe.bin)
REGWRITE
Unicode based on Hybrid Analysis (2.exe.bin)
Rejang
Ansi based on Memory/File Scan (2.exe.bin)
RelativePath
Unicode based on Runtime Data (2.exe )
ReleaseCapture
Ansi based on Memory/File Scan (2.exe.bin)
ReleaseDC
Ansi based on Memory/File Scan (2.exe.bin)
RemoteRpcDll
Unicode based on Runtime Data (2.exe )
Removable
Unicode based on Memory/File Scan (2.exe.bin)
removable
Unicode based on Memory/File Scan (2.exe.bin)
RemoveDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
RENTCOL
Unicode based on Memory/File Scan (2.exe.bin)
RENTLINE
Unicode based on Memory/File Scan (2.exe.bin)
RENTSELECTION
Unicode based on Memory/File Scan (2.exe.bin)
repeated subpattern is too long
Ansi based on Memory/File Scan (2.exe.bin)
repeating a DEFINE group is not allowed
Ansi based on Memory/File Scan (2.exe.bin)
RESIZING
Unicode based on Memory/File Scan (2.exe.bin)
RestrictedAttributes
Unicode based on Runtime Data (2.exe )
ResumeThread
Ansi based on Memory/File Scan (2.exe.bin)
RETURN
Unicode based on Memory/File Scan (2.exe.bin)
Rh0LH
Ansi based on Memory/File Scan (2.exe.bin)
RIGHT
Unicode based on Hybrid Analysis (2.exe.bin)
RINGFORMAT
Unicode based on Memory/File Scan (2.exe.bin)
RINGUPPER
Unicode based on Memory/File Scan (2.exe.bin)
RIPTNAME
Unicode based on Memory/File Scan (2.exe.bin)
RIPWS
Unicode based on Memory/File Scan (2.exe.bin)
rllll
Ansi based on Memory/File Scan (2.exe.bin)
RMOVE
Unicode based on Memory/File Scan (2.exe.bin)
Roamable
Unicode based on Runtime Data (2.exe )
ROLMOVE
Unicode based on Memory/File Scan (2.exe.bin)
ROLSETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
ror allocating memory.
Unicode based on Memory/File Scan (2.exe.bin)
ROUND
Unicode based on Hybrid Analysis (2.exe.bin)
RoundRect
Ansi based on Memory/File Scan (2.exe.bin)
RpcId
Unicode based on Runtime Data (at.exe )
RRRRRRRROORORRROOORRRORROORRRRRORRRORROOPRRRRORROORRRRRRROROROOSRRRRRRORRRRRRRROORRORRRRR<
Ansi based on Memory/File Scan (2.exe.bin)
RSHIFT
Ansi based on Memory/File Scan (2.exe.bin)
RSION
Unicode based on Memory/File Scan (2.exe.bin)
RSSRRRRSSSRRSVRSRRRSSSSRVSSRRSRRSRSSSSSSUURSSRRRSSRSUSUSVSRSSRURSRRSSUSVURSSSSSRRVRSRRVVS=
Ansi based on Memory/File Scan (2.exe.bin)
RtlUnwind
Ansi based on Memory/File Scan (2.exe.bin)
Run Script:
Unicode based on Memory/File Scan (2.exe.bin)
runas
Unicode based on Hybrid Analysis (2.exe.bin)
RUNAS
Unicode based on Hybrid Analysis (2.exe.bin)
RUNASWAIT
Unicode based on Memory/File Scan (2.exe.bin)
rundll32.exe
Unicode based on Runtime Data (rundll32.exe )
Runic
Ansi based on Memory/File Scan (2.exe.bin)
runtime error
Ansi based on Memory/File Scan (2.exe.bin)
Runtime Error!Program:
Ansi based on Memory/File Scan (2.exe.bin)
RUNWAIT
Unicode based on Hybrid Analysis (2.exe.bin)
RVICEPACK
Unicode based on Memory/File Scan (2.exe.bin)
RWINDOWN
Ansi based on Memory/File Scan (2.exe.bin)
s1159
Unicode based on Runtime Data (at.exe )
s2359
Unicode based on Runtime Data (at.exe )
SafeDllSearchMode
Unicode based on Runtime Data (2.exe )
SafeProcessSearchMode
Unicode based on Runtime Data (2.exe )
sAnimate32
Unicode based on Memory/File Scan (2.exe.bin)
Saturday
Ansi based on Memory/File Scan (2.exe.bin)
Saurashtra
Ansi based on Memory/File Scan (2.exe.bin)
SavedLegacySettings
Unicode based on Runtime Data (2.exe )
ScavengeCacheFileLifeTime
Unicode based on Runtime Data (2.exe )
ScavengeCacheFileLimit
Unicode based on Runtime Data (2.exe )
ScavengeCacheLowerBound
Unicode based on Runtime Data (2.exe )
SCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
ScreenToClient
Ansi based on Memory/File Scan (2.exe.bin)
Script &Paused
Unicode based on Memory/File Scan (2.exe.bin)
Script Paused
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPT<<<
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTDIR
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTFULLPATH
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTION
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTLINE
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTLINENUMBER
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTNAME
Unicode based on Memory/File Scan (2.exe.bin)
SCROLLLOCK
Ansi based on Memory/File Scan (2.exe.bin)
sDate
Unicode based on Runtime Data (at.exe )
Search Page
Unicode based on Runtime Data (2.exe )
SearchList
Unicode based on Runtime Data (2.exe )
SeAssignPrimaryTokenPrivilege
Unicode based on Hybrid Analysis (2.exe.bin)
SECONDARY
Unicode based on Memory/File Scan (2.exe.bin)
SecureProtocols
Unicode based on Runtime Data (2.exe )
Security
Unicode based on Runtime Data (2.exe )
Security_HKLM_only
Unicode based on Runtime Data (2.exe )
SecurityProviders
Unicode based on Runtime Data (at.exe )
SeDebugPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
SeIncreaseQuotaPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
SELECT
Unicode based on Hybrid Analysis (2.exe.bin)
SELECTALL
Unicode based on Memory/File Scan (2.exe.bin)
SELECTCLEAR
Unicode based on Memory/File Scan (2.exe.bin)
SELECTINVERT
Unicode based on Memory/File Scan (2.exe.bin)
SelectObject
Ansi based on Memory/File Scan (2.exe.bin)
SELECTSTRING
Unicode based on Memory/File Scan (2.exe.bin)
SendAttachMode
Unicode based on Memory/File Scan (2.exe.bin)
SendCapsLockMode
Unicode based on Memory/File Scan (2.exe.bin)
SendDlgItemMessageW
Ansi based on Memory/File Scan (2.exe.bin)
SendExtraCRLF
Unicode based on Runtime Data (2.exe )
SENDKEEPACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
SendKeyDelay
Unicode based on Memory/File Scan (2.exe.bin)
SendKeyDownDelay
Unicode based on Memory/File Scan (2.exe.bin)
SendMessageTimeoutW
Ansi based on Memory/File Scan (2.exe.bin)
SendMessageW
Ansi based on Memory/File Scan (2.exe.bin)
SendTimeOut
Unicode based on Runtime Data (2.exe )
September
Ansi based on Memory/File Scan (2.exe.bin)
Serial_Access_Num
Unicode based on Runtime Data (2.exe )
server32
Unicode based on Memory/File Scan (2.exe.bin)
ServerInfoTimeout
Unicode based on Runtime Data (2.exe )
SeShutdownPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
SESOCKET
Unicode based on Memory/File Scan (2.exe.bin)
SessionStartTimeDefaultDeltaSecs
Unicode based on Runtime Data (2.exe )
set cd door
Unicode based on Memory/File Scan (2.exe.bin)
SetActiveWindow
Ansi based on Memory/File Scan (2.exe.bin)
SetBkColor
Ansi based on Memory/File Scan (2.exe.bin)
SetBkMode
Ansi based on Memory/File Scan (2.exe.bin)
SetCapture
Ansi based on Memory/File Scan (2.exe.bin)
SetClipboardData
Ansi based on Memory/File Scan (2.exe.bin)
SetCurrentDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
SETCURRENTSELECTION
Unicode based on Memory/File Scan (2.exe.bin)
SetCursor
Ansi based on Memory/File Scan (2.exe.bin)
SetEndOfFile
Ansi based on Memory/File Scan (2.exe.bin)
SetEnvironmentVariableA
Ansi based on Memory/File Scan (2.exe.bin)
SetEnvironmentVariableW
Ansi based on Memory/File Scan (2.exe.bin)
SETERROR
Unicode based on Hybrid Analysis (2.exe.bin)
SetErrorMode
Ansi based on Memory/File Scan (2.exe.bin)
SetExitCode
Unicode based on Memory/File Scan (2.exe.bin)
SETEXTENDED
Unicode based on Memory/File Scan (2.exe.bin)
SetFileAttributesW
Ansi based on Memory/File Scan (2.exe.bin)
SetFilePointer
Ansi based on Memory/File Scan (2.exe.bin)
SetFileTime
Ansi based on Memory/File Scan (2.exe.bin)
SetFocus
Ansi based on Memory/File Scan (2.exe.bin)
SetForegroundWindow
Ansi based on Memory/File Scan (2.exe.bin)
SetHandleCount
Ansi based on Memory/File Scan (2.exe.bin)
SetKeyboardState
Ansi based on Memory/File Scan (2.exe.bin)
SetLastError
Ansi based on Memory/File Scan (2.exe.bin)
SetLayeredWindowAttributes
Ansi based on Memory/File Scan (2.exe.bin)
SetMenu
Ansi based on Memory/File Scan (2.exe.bin)
SetMenuDefaultItem
Ansi based on Memory/File Scan (2.exe.bin)
SetMenuItemInfoW
Ansi based on Memory/File Scan (2.exe.bin)
SetPixel
Ansi based on Memory/File Scan (2.exe.bin)
SetPriorityClass
Ansi based on Memory/File Scan (2.exe.bin)
SetProcessWindowStation
Ansi based on Memory/File Scan (2.exe.bin)
SetRect
Ansi based on Memory/File Scan (2.exe.bin)
SetSecurityDescriptorDacl
Ansi based on Memory/File Scan (2.exe.bin)
SetStdHandle
Ansi based on Memory/File Scan (2.exe.bin)
SetSystemPowerState
Ansi based on Memory/File Scan (2.exe.bin)
SetTextColor
Ansi based on Memory/File Scan (2.exe.bin)
SetTimer
Ansi based on Memory/File Scan (2.exe.bin)
setting.ini
Unicode based on Runtime Data (2.exe )
SetUnhandledExceptionFilter
Ansi based on Memory/File Scan (2.exe.bin)
SetUserObjectSecurity
Ansi based on Memory/File Scan (2.exe.bin)
SetViewportOrgEx
Ansi based on Memory/File Scan (2.exe.bin)
SetVolumeLabelW
Ansi based on Memory/File Scan (2.exe.bin)
SetWindowLongW
Ansi based on Memory/File Scan (2.exe.bin)
SetWindowPos
Ansi based on Memory/File Scan (2.exe.bin)
SetWindowTextW
Ansi based on Memory/File Scan (2.exe.bin)
ShareCredsWithWinHttp
Unicode based on Runtime Data (2.exe )
Shavian
Ansi based on Memory/File Scan (2.exe.bin)
SHBrowseForFolderW
Ansi based on Memory/File Scan (2.exe.bin)
Shell
Unicode based on Runtime Data (2.exe )
SHELL32.dll
Ansi based on Memory/File Scan (2.exe.bin)
Shell=Open
Ansi based on Runtime Data (2.exe )
Shell\Open\command=system3_.exe
Ansi based on Runtime Data (2.exe )
Shell_NotifyIconW
Ansi based on Memory/File Scan (2.exe.bin)
Shell_TrayWnd
Unicode based on Memory/File Scan (2.exe.bin)
SHELLDLL_DefView
Unicode based on Memory/File Scan (2.exe.bin)
SHELLEXECUTE
Unicode based on Memory/File Scan (2.exe.bin)
Shellexecute=system3_.exe
Ansi based on Runtime Data (2.exe )
ShellExecuteExW
Ansi based on Memory/File Scan (2.exe.bin)
ShellExecuteW
Ansi based on Memory/File Scan (2.exe.bin)
SHELLEXECUTEWAIT
Unicode based on Memory/File Scan (2.exe.bin)
SHEmptyRecycleBinW
Ansi based on Memory/File Scan (2.exe.bin)
SHFileOperationW
Ansi based on Memory/File Scan (2.exe.bin)
SHGetDesktopFolder
Ansi based on Memory/File Scan (2.exe.bin)
SHGetMalloc
Ansi based on Memory/File Scan (2.exe.bin)
SHGetPathFromIDListW
Ansi based on Memory/File Scan (2.exe.bin)
SHIFTDOWN
Ansi based on Memory/File Scan (2.exe.bin)
SHIFTUP
Ansi based on Memory/File Scan (2.exe.bin)
short
Unicode based on Memory/File Scan (2.exe.bin)
SHORTCUT
Unicode based on Memory/File Scan (2.exe.bin)
ShowDebugInfo
Unicode based on Runtime Data (rundll32.exe )
SHOWDROPDOWN
Unicode based on Memory/File Scan (2.exe.bin)
ShowWindow
Ansi based on Memory/File Scan (2.exe.bin)
SHUTDOWN
Unicode based on Hybrid Analysis (2.exe.bin)
ShutdownPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
Signature
Unicode based on Runtime Data (2.exe )
SING error
Ansi based on Memory/File Scan (2.exe.bin)
Sinhala
Ansi based on Memory/File Scan (2.exe.bin)
SizeofResource
Ansi based on Memory/File Scan (2.exe.bin)
SLEEP
Unicode based on Hybrid Analysis (2.exe.bin)
Sleep
Ansi based on Memory/File Scan (2.exe.bin)
SLIST
Unicode based on Memory/File Scan (2.exe.bin)
smallicons
Unicode based on Memory/File Scan (2.exe.bin)
SocketReceiveBufferLength
Unicode based on Runtime Data (2.exe )
SocketSendBufferLength
Unicode based on Runtime Data (2.exe )
Software\AutoIt v3\AutoIt
Unicode based on Memory/File Scan (2.exe.bin)
SOFTWARE\Classes\
Unicode based on Memory/File Scan (2.exe.bin)
SOFTWARE\Microsoft\Windows\CurrentVersion
Unicode based on Memory/File Scan (2.exe.bin)
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Unicode based on Memory/File Scan (2.exe.bin)
SOUNDPLAY
Unicode based on Memory/File Scan (2.exe.bin)
SOUNDSETWAVEVOLUME
Unicode based on Memory/File Scan (2.exe.bin)
SourcePath
Unicode based on Runtime Data (2.exe )
SPACE
Ansi based on Memory/File Scan (2.exe.bin)
space
Ansi based on Memory/File Scan (2.exe.bin)
spare error
Ansi based on Memory/File Scan (2.exe.bin)
SPLASHIMAGEON
Unicode based on Memory/File Scan (2.exe.bin)
SPLASHOFF
Unicode based on Memory/File Scan (2.exe.bin)
SPLASHTEXTON
Unicode based on Memory/File Scan (2.exe.bin)
SPLAY
Unicode based on Memory/File Scan (2.exe.bin)
SPLIT
Unicode based on Memory/File Scan (2.exe.bin)
SQMServiceList
Unicode based on Runtime Data (2.exe )
SRANDOM
Unicode based on Hybrid Analysis (2.exe.bin)
sShortDate
Unicode based on Runtime Data (at.exe )
SSSET
Unicode based on Memory/File Scan (2.exe.bin)
SSSSSSSSSSSSSSTTTTTTTTT:kK^l
Ansi based on Memory/File Scan (2.exe.bin)
SSVVVVSVVTSSTVTVTSTVVVVWTSTVVWTVVVVVVVVSVSSSSSVSWSSWWVVVVSSVVVVVSVVVSVVVVVWVSSVVVWSVVSSSS@
Ansi based on Memory/File Scan (2.exe.bin)
StaleIETldCache
Unicode based on Runtime Data (2.exe )
STALL
Unicode based on Memory/File Scan (2.exe.bin)
stallLanguage
Unicode based on Memory/File Scan (2.exe.bin)
Start Menu
Unicode based on Memory/File Scan (2.exe.bin)
Start Page
Unicode based on Runtime Data (2.exe )
STARTMENUCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
STARTMENUDIR
Unicode based on Memory/File Scan (2.exe.bin)
STARTUPCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
STARTUPDIR
Unicode based on Memory/File Scan (2.exe.bin)
static
Unicode based on Hybrid Analysis (2.exe.bin)
status PlayMe mode
Unicode based on Memory/File Scan (2.exe.bin)
STATUSBARGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
stbox
Unicode based on Memory/File Scan (2.exe.bin)
stdcall
Unicode based on Hybrid Analysis (2.exe.bin)
STDERRREAD
Unicode based on Memory/File Scan (2.exe.bin)
STDINWRITE
Unicode based on Memory/File Scan (2.exe.bin)
STDIOCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
STDOUTREAD
Unicode based on Memory/File Scan (2.exe.bin)
sTime
Unicode based on Runtime Data (at.exe )
StoresServiceClassInfo
Unicode based on Runtime Data (2.exe )
Stream
Unicode based on Runtime Data (2.exe )
StreamResource
Unicode based on Runtime Data (2.exe )
StreamResourceType
Unicode based on Runtime Data (2.exe )
STRING
Unicode based on Hybrid Analysis (2.exe.bin)
String
Unicode based on Memory/File Scan (2.exe.bin)
String missing closing quote.
Unicode based on Memory/File Scan (2.exe.bin)
STRINGADDCR
Unicode based on Memory/File Scan (2.exe.bin)
STRINGCOMPARE
Unicode based on Memory/File Scan (2.exe.bin)
StringFileInfo
Unicode based on Memory/File Scan (2.exe.bin)
StringFileInfo\
Unicode based on Memory/File Scan (2.exe.bin)
STRINGFORMAT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGFROMASCIIARRAY
Unicode based on Memory/File Scan (2.exe.bin)
StringFromCLSID
Ansi based on Memory/File Scan (2.exe.bin)
StringFromIID
Ansi based on Memory/File Scan (2.exe.bin)
STRINGINSTR
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISALNUM
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISALPHA
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISASCII
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISDIGIT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISFLOAT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISINT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISLOWER
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISSPACE
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISUPPER
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISXDIGIT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGLEFT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGLEN
Unicode based on Memory/File Scan (2.exe.bin)
STRINGLOWER
Unicode based on Memory/File Scan (2.exe.bin)
STRINGMID
Unicode based on Memory/File Scan (2.exe.bin)
STRINGREGEXP
Unicode based on Memory/File Scan (2.exe.bin)
STRINGREGEXPREPLACE
Unicode based on Memory/File Scan (2.exe.bin)
STRINGREPLACE
Unicode based on Memory/File Scan (2.exe.bin)
STRINGRIGHT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGSPLIT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGSTRIPCR
Unicode based on Memory/File Scan (2.exe.bin)
STRINGSTRIPWS
Unicode based on Memory/File Scan (2.exe.bin)
STRINGTOASCIIARRAY
Unicode based on Memory/File Scan (2.exe.bin)
STRINGTOBINARY
Unicode based on Memory/File Scan (2.exe.bin)
STRINGTRIMLEFT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGTRIMRIGHT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGUPPER
Unicode based on Memory/File Scan (2.exe.bin)
StrokeAndFillPath
Ansi based on Memory/File Scan (2.exe.bin)
StrokePath
Ansi based on Memory/File Scan (2.exe.bin)
STYLE
Unicode based on Memory/File Scan (2.exe.bin)
subpattern name expected
Ansi based on Memory/File Scan (2.exe.bin)
subpattern name is too long (maximum 32 characters)
Ansi based on Memory/File Scan (2.exe.bin)
Sundanese
Ansi based on Memory/File Scan (2.exe.bin)
Sunday
Ansi based on Memory/File Scan (2.exe.bin)
SunMonTueWedThuFriSat
Ansi based on Memory/File Scan (2.exe.bin)
support for \P, \p, and \X has not been compiled
Ansi based on Memory/File Scan (2.exe.bin)
SupportedNameSpace
Unicode based on Runtime Data (2.exe )
SW_DISABLE
Unicode based on Memory/File Scan (2.exe.bin)
SW_ENABLE
Unicode based on Memory/File Scan (2.exe.bin)
SW_MAXIMIZE
Unicode based on Memory/File Scan (2.exe.bin)
SW_MINIMIZE
Unicode based on Memory/File Scan (2.exe.bin)
SW_RESTORE
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWDEFAULT
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWMAXIMIZED
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWMINIMIZED
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWMINNOACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWNA
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWNOACTIVATE
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWNORMAL
Unicode based on Memory/File Scan (2.exe.bin)
SW_UNLOCK
Unicode based on Memory/File Scan (2.exe.bin)
SwapMouseButtons
Unicode based on Memory/File Scan (2.exe.bin)
SWITCH
Unicode based on Memory/File Scan (2.exe.bin)
Syloti_Nagri
Ansi based on Memory/File Scan (2.exe.bin)
SyncMode5
Unicode based on Runtime Data (2.exe )
syntax error in subpattern name (missing terminator)
Ansi based on Memory/File Scan (2.exe.bin)
Syriac
Ansi based on Memory/File Scan (2.exe.bin)
SysAnimate32
Unicode based on Memory/File Scan (2.exe.bin)
SysDateTimePick32
Unicode based on Memory/File Scan (2.exe.bin)
SysListView32
Unicode based on Memory/File Scan (2.exe.bin)
SysMonthCal32
Unicode based on Memory/File Scan (2.exe.bin)
SysTabControl32
Unicode based on Memory/File Scan (2.exe.bin)
SYSTEM
Unicode based on Runtime Data (2.exe )
System32.exe
Unicode based on Memory/File Scan (2.exe.bin)
system3_.exe
Unicode based on Runtime Data (2.exe )
SYSTEM\CurrentControlSet\Control\Nls\Language
Unicode based on Memory/File Scan (2.exe.bin)
SYSTEMDIR
Unicode based on Memory/File Scan (2.exe.bin)
SystemParametersInfoW
Ansi based on Memory/File Scan (2.exe.bin)
SystemSetupInProgress
Unicode based on Runtime Data (2.exe )
SystemTimeToFileTime
Ansi based on Memory/File Scan (2.exe.bin)
SysTreeView32
Unicode based on Memory/File Scan (2.exe.bin)
t &Paused
Unicode based on Memory/File Scan (2.exe.bin)
t assignment in FOR..IN loop
Unicode based on Memory/File Scan (2.exe.bin)
T$8PQRUWV
Ansi based on Memory/File Scan (2.exe.bin)
T$<Rj
Ansi based on Memory/File Scan (2.exe.bin)
T$@QWPSRV
Ansi based on Memory/File Scan (2.exe.bin)
t)h8LH
Ansi based on Memory/File Scan (2.exe.bin)
t-h8LH
Ansi based on Memory/File Scan (2.exe.bin)
t=f99t8C;]
Ansi based on Memory/File Scan (2.exe.bin)
TABLEFT
Unicode based on Hybrid Analysis (2.exe.bin)
TABRIGHT
Unicode based on Hybrid Analysis (2.exe.bin)
Tagalog
Ansi based on Memory/File Scan (2.exe.bin)
Tagbanwa
Ansi based on Memory/File Scan (2.exe.bin)
Tai_Le
Ansi based on Memory/File Scan (2.exe.bin)
tails
Unicode based on Memory/File Scan (2.exe.bin)
Tamil
Ansi based on Memory/File Scan (2.exe.bin)
TARTGROUP
Unicode based on Memory/File Scan (2.exe.bin)
TaskbarCreated
Unicode based on Memory/File Scan (2.exe.bin)
TCODE
Unicode based on Memory/File Scan (2.exe.bin)
TCPACCEPT
Unicode based on Memory/File Scan (2.exe.bin)
TcpAutotuning
Unicode based on Runtime Data (2.exe )
TCPCLOSESOCKET
Unicode based on Memory/File Scan (2.exe.bin)
TCPCONNECT
Unicode based on Memory/File Scan (2.exe.bin)
TCPLISTEN
Unicode based on Memory/File Scan (2.exe.bin)
TCPNAMETOIP
Unicode based on Memory/File Scan (2.exe.bin)
TCPRECV
Unicode based on Hybrid Analysis (2.exe.bin)
TCPSEND
Unicode based on Hybrid Analysis (2.exe.bin)
TCPSHUTDOWN
Unicode based on Memory/File Scan (2.exe.bin)
TCPSTARTUP
Unicode based on Memory/File Scan (2.exe.bin)
TCPTimeout
Unicode based on Memory/File Scan (2.exe.bin)
te0'&")$f
Ansi based on Memory/File Scan (2.exe.bin)
Telugu
Ansi based on Memory/File Scan (2.exe.bin)
TEMCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
TENDED
Unicode based on Memory/File Scan (2.exe.bin)
TERLISTVIEWSORT
Unicode based on Memory/File Scan (2.exe.bin)
TerminateProcess
Ansi based on Memory/File Scan (2.exe.bin)
TerminateThread
Ansi based on Memory/File Scan (2.exe.bin)
TERMSG
Unicode based on Memory/File Scan (2.exe.bin)
TESCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
Thaana
Ansi based on Memory/File Scan (2.exe.bin)
THANDLE
Unicode based on Memory/File Scan (2.exe.bin)
ThemeApiConnectionRequest
Unicode based on Runtime Data (2.exe )
This a
Ansi based on Memory/File Scan (2.exe , 00007995-00002916.00000001.11491.0047D000.00000004.mdmp)
This application has requested the Runtime to terminate it in an unusual way.Please contact the application's support team for more information.
Ansi based on Memory/File Scan (2.exe.bin)
This is a compiled AutoIt script. AV researchers please email avsupport@autoitscript.com for support.
Ansi based on Memory/File Scan (2.exe.bin)
this version of PCRE is not compiled with PCRE_UTF8 support
Ansi based on Memory/File Scan (2.exe.bin)
ThreadingModel
Unicode based on Runtime Data (2.exe )
ThumbnailClass
Unicode based on Memory/File Scan (2.exe.bin)
Thursday
Ansi based on Memory/File Scan (2.exe.bin)
Tibetan
Ansi based on Memory/File Scan (2.exe.bin)
Tifinagh
Ansi based on Memory/File Scan (2.exe.bin)
timeGetTime
Ansi based on Memory/File Scan (2.exe.bin)
TIMERDIFF
Unicode based on Memory/File Scan (2.exe.bin)
TIMERINIT
Unicode based on Memory/File Scan (2.exe.bin)
TIONNAMES
Unicode based on Memory/File Scan (2.exe.bin)
TKEYSET
Unicode based on Memory/File Scan (2.exe.bin)
TLDUpdates
Unicode based on Runtime Data (2.exe )
TLINE
Unicode based on Memory/File Scan (2.exe.bin)
TLOSS error
Ansi based on Memory/File Scan (2.exe.bin)
TlsAlloc
Ansi based on Memory/File Scan (2.exe.bin)
TlsFree
Ansi based on Memory/File Scan (2.exe.bin)
TlsGetValue
Ansi based on Memory/File Scan (2.exe.bin)
TlsSetValue
Ansi based on Memory/File Scan (2.exe.bin)
TOITWINSETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
TokenSize
Unicode based on Runtime Data (at.exe )
too many named subpatterns (maximum 10000)
Ansi based on Memory/File Scan (2.exe.bin)
ToolBoxBitmap32
Unicode based on Memory/File Scan (2.exe.bin)
TOOLTIP
Unicode based on Hybrid Analysis (2.exe.bin)
tooltips_class32
Unicode based on Memory/File Scan (2.exe.bin)
TOTAL
Unicode based on Memory/File Scan (2.exe.bin)
TPROXY
Unicode based on Memory/File Scan (2.exe.bin)
tputDebug
Unicode based on Memory/File Scan (2.exe.bin)
TrackPopupMenuEx
Ansi based on Memory/File Scan (2.exe.bin)
TranslateAcceleratorW
Ansi based on Memory/File Scan (2.exe.bin)
TranslateMessage
Ansi based on Memory/File Scan (2.exe.bin)
Translation
Unicode based on Memory/File Scan (2.exe.bin)
TransparentEnabled
Unicode based on Runtime Data (2.exe )
Transports
Unicode based on Runtime Data (2.exe )
TrayAutoPause
Unicode based on Memory/File Scan (2.exe.bin)
TRAYCREATEITEM
Unicode based on Memory/File Scan (2.exe.bin)
TRAYCREATEMENU
Unicode based on Memory/File Scan (2.exe.bin)
TRAYGETMSG
Unicode based on Memory/File Scan (2.exe.bin)
TrayIconDebug
Unicode based on Memory/File Scan (2.exe.bin)
TRAYICONFLASHING
Unicode based on Memory/File Scan (2.exe.bin)
TrayIconHide
Unicode based on Memory/File Scan (2.exe.bin)
TRAYICONVISIBLE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMDELETE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMSETONEVENT
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMSETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
TrayMenuMode
Unicode based on Memory/File Scan (2.exe.bin)
TrayOnEventMode
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETCLICK
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETICON
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETONEVENT
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETPAUSEICON
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETTOOLTIP
Unicode based on Memory/File Scan (2.exe.bin)
TRAYTIP
Unicode based on Hybrid Analysis (2.exe.bin)
TREADY
Unicode based on Memory/File Scan (2.exe.bin)
tRHtCHt4Ht%HtFHHt
Ansi based on Memory/File Scan (2.exe.bin)
TRLCREATEAVI
Unicode based on Memory/File Scan (2.exe.bin)
TRLCREATECONTEXTMENU
Unicode based on Memory/File Scan (2.exe.bin)
TRLCREATEMENU
Unicode based on Memory/File Scan (2.exe.bin)
TRLCREATETABITEM
Unicode based on Memory/File Scan (2.exe.bin)
TRLHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
TSHORTCUT
Unicode based on Memory/File Scan (2.exe.bin)
TSIZE
Unicode based on Memory/File Scan (2.exe.bin)
TSTATE
Unicode based on Memory/File Scan (2.exe.bin)
TTOTALCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
ttttttttj
Ansi based on Memory/File Scan (2.exe.bin)
Tuesday
Ansi based on Memory/File Scan (2.exe.bin)
TVERSION
Unicode based on Memory/File Scan (2.exe.bin)
TVIEW
Unicode based on Memory/File Scan (2.exe.bin)
two named subpatterns have the same name
Ansi based on Memory/File Scan (2.exe.bin)
twork
Unicode based on Memory/File Scan (2.exe.bin)
type cdaudio alias cd wait
Unicode based on Memory/File Scan (2.exe.bin)
Type Descriptor'
Ansi based on Memory/File Scan (2.exe.bin)
UARCH
Unicode based on Memory/File Scan (2.exe.bin)
UBOUND
Unicode based on Hybrid Analysis (2.exe.bin)
ubyte
Unicode based on Memory/File Scan (2.exe.bin)
UDPBIND
Unicode based on Hybrid Analysis (2.exe.bin)
UDPCLOSESOCKET
Unicode based on Memory/File Scan (2.exe.bin)
UDPOPEN
Unicode based on Hybrid Analysis (2.exe.bin)
UDPRECV
Unicode based on Hybrid Analysis (2.exe.bin)
UDPSEND
Unicode based on Hybrid Analysis (2.exe.bin)
UDPSHUTDOWN
Unicode based on Memory/File Scan (2.exe.bin)
UDPSTARTUP
Unicode based on Memory/File Scan (2.exe.bin)
udword
Unicode based on Memory/File Scan (2.exe.bin)
Ugaritic
Ansi based on Memory/File Scan (2.exe.bin)
UGINOPEN
Unicode based on Memory/File Scan (2.exe.bin)
uint64
Unicode based on Memory/File Scan (2.exe.bin)
uint_ptr
Unicode based on Memory/File Scan (2.exe.bin)
ulong
Unicode based on Memory/File Scan (2.exe.bin)
ulong_ptr
Unicode based on Memory/File Scan (2.exe.bin)
Unable to open the script file.!Badly formatted "Func" statement.
Unicode based on Memory/File Scan (2.exe.bin)
Unable to parse line.(Missing right bracket ')' in expression.
Unicode based on Memory/File Scan (2.exe.bin)
UNCAsIntranet
Unicode based on Runtime Data (2.exe )
UNCHECK
Unicode based on Hybrid Analysis (2.exe.bin)
UnhandledExceptionFilter
Ansi based on Memory/File Scan (2.exe.bin)
UNICODE
Unicode based on Hybrid Analysis (2.exe.bin)
Unknown
Unicode based on Hybrid Analysis (2.exe.bin)
unknown
Unicode based on Hybrid Analysis (2.exe.bin)
UNKNOWN
Unicode based on Hybrid Analysis (2.exe.bin)
Unknown exception
Ansi based on Memory/File Scan (2.exe.bin)
Unknown function name.
Unicode based on Memory/File Scan (2.exe.bin)
Unknown macro.
Unicode based on Memory/File Scan (2.exe.bin)
unknown option bit(s) set
Ansi based on Memory/File Scan (2.exe.bin)
unknown POSIX class name
Ansi based on Memory/File Scan (2.exe.bin)
unknown property name after \P or \p
Ansi based on Memory/File Scan (2.exe.bin)
UnloadUserProfile
Ansi based on Memory/File Scan (2.exe.bin)
UnlockServiceDatabase
Ansi based on Memory/File Scan (2.exe.bin)
unmatched parentheses
Ansi based on Memory/File Scan (2.exe.bin)
unrecognized character after (? or (?-
Ansi based on Memory/File Scan (2.exe.bin)
unrecognized character after (?<
Ansi based on Memory/File Scan (2.exe.bin)
unrecognized character after (?P
Ansi based on Memory/File Scan (2.exe.bin)
unrecognized character follows \
Ansi based on Memory/File Scan (2.exe.bin)
UnregisterHotKey
Ansi based on Memory/File Scan (2.exe.bin)
Unterminated group of comments
Unicode based on Memory/File Scan (2.exe.bin)
Unterminated string
Unicode based on Memory/File Scan (2.exe.bin)
UNTIL
Unicode based on Memory/File Scan (2.exe.bin)
upper
Ansi based on Memory/File Scan (2.exe.bin)
URLDOWNLOADTOFILE
Unicode based on Memory/File Scan (2.exe.bin)
useClickDownDelay
Unicode based on Memory/File Scan (2.exe.bin)
USECLICKDRAG
Unicode based on Memory/File Scan (2.exe.bin)
useCoordMode
Unicode based on Memory/File Scan (2.exe.bin)
UseDelayedAcceptance
Unicode based on Runtime Data (2.exe )
UseDropHandler
Unicode based on Runtime Data (2.exe )
UseHostnameAsAlias
Unicode based on Runtime Data (2.exe )
USELECTITEM
Unicode based on Memory/File Scan (2.exe.bin)
UseOldHostResolutionOrder
Unicode based on Runtime Data (2.exe )
UseOldParsing
Unicode based on Runtime Data (at.exe )
USER32.DLL
Ansi based on Memory/File Scan (2.exe.bin)
USER32.dll
Ansi based on Memory/File Scan (2.exe.bin)
USERDNSDOMAIN
Unicode based on Memory/File Scan (2.exe.bin)
USERDOMAIN
Unicode based on Memory/File Scan (2.exe.bin)
USERENV.dll
Ansi based on Memory/File Scan (2.exe.bin)
USERPROFILE
Unicode based on Memory/File Scan (2.exe.bin)
USERPROFILEDIR
Unicode based on Memory/File Scan (2.exe.bin)
ushort
Unicode based on Memory/File Scan (2.exe.bin)
UTF-16LE
Unicode based on Hybrid Analysis (2.exe.bin)
UTF-8
Unicode based on Hybrid Analysis (2.exe.bin)
UTF8ServerNameRes
Unicode based on Runtime Data (2.exe )
uxtheme.dll
Ansi based on Memory/File Scan (2.exe.bin)
V211111111111111111111111111
Ansi based on Memory/File Scan (2.exe.bin)
vable
Unicode based on Memory/File Scan (2.exe.bin)
VarFileInfo
Unicode based on Memory/File Scan (2.exe.bin)
VARGETTYPE
Unicode based on Memory/File Scan (2.exe.bin)
Variable is not of type 'Object'.
Unicode based on Memory/File Scan (2.exe.bin)
Variable must be of type 'Object'.
Unicode based on Memory/File Scan (2.exe.bin)
VarStrings
Unicode based on Memory/File Scan (2.exe.bin)
vent Object.
Unicode based on Memory/File Scan (2.exe.bin)
VerQueryValueW
Ansi based on Memory/File Scan (2.exe.bin)
Version
Unicode based on Hybrid Analysis (2.exe.bin)
VERSION.dll
Ansi based on Memory/File Scan (2.exe.bin)
VIEWCHANGE
Unicode based on Memory/File Scan (2.exe.bin)
VirtualAlloc
Ansi based on Memory/File Scan (2.exe.bin)
VirtualAllocEx
Ansi based on Memory/File Scan (2.exe.bin)
VirtualFree
Ansi based on Memory/File Scan (2.exe.bin)
VirtualFreeEx
Ansi based on Memory/File Scan (2.exe.bin)
VISIBLE
Unicode based on Memory/File Scan (2.exe.bin)
VkKeyScanA
Ansi based on Memory/File Scan (2.exe.bin)
VOLUME_DOWN
Ansi based on Memory/File Scan (2.exe.bin)
VOLUME_MUTE
Ansi based on Memory/File Scan (2.exe.bin)
VOLUME_UP
Ansi based on Memory/File Scan (2.exe.bin)
VS_VERSION_INFO
Unicode based on Memory/File Scan (2.exe.bin)
vtwvtvvttstvwwvtwsvsswvtsvtsvtwstwvsssvvtsssssswvswsssswsttvsssswwsssvwstwvswvssswtvvsvvv(
Ansi based on Memory/File Scan (2.exe.bin)
VVVVVQRSSj
Ansi based on Memory/File Scan (2.exe.bin)
VWSPj
Ansi based on Memory/File Scan (2.exe.bin)
VW|[;(J
Ansi based on Memory/File Scan (2.exe.bin)
w!t*=
Ansi based on Memory/File Scan (2.exe.bin)
w%t.=
Ansi based on Memory/File Scan (2.exe.bin)
WaitForSingleObject
Ansi based on Memory/File Scan (2.exe.bin)
WantsAliasedNotifications
Unicode based on Runtime Data (2.exe )
WantsFORDISPLAY
Unicode based on Runtime Data (2.exe )
WantsFORPARSING
Unicode based on Runtime Data (2.exe )
WantsParseDisplayName
Unicode based on Runtime Data (2.exe )
WantsUniversalDelegate
Unicode based on Runtime Data (2.exe )
WarnAlwaysOnPost
Unicode based on Runtime Data (2.exe )
warning
Unicode based on Hybrid Analysis (2.exe.bin)
WarnOnBadCertRecving
Unicode based on Runtime Data (2.exe )
WarnOnHTTPSToHTTPRedirect
Unicode based on Runtime Data (2.exe )
WarnOnPost
Unicode based on Runtime Data (2.exe )
WarnOnPostRedirect
Unicode based on Runtime Data (2.exe )
WarnOnZoneCrossing
Unicode based on Runtime Data (2.exe )
waveOutSetVolume
Ansi based on Memory/File Scan (2.exe.bin)
wchar
Unicode based on Memory/File Scan (2.exe.bin)
WDEFAULT
Unicode based on Memory/File Scan (2.exe.bin)
Wednesday
Ansi based on Memory/File Scan (2.exe.bin)
WideCharToMultiByte
Ansi based on Memory/File Scan (2.exe.bin)
WIN32_NT
Unicode based on Hybrid Analysis (2.exe.bin)
WIN_2000
Unicode based on Hybrid Analysis (2.exe.bin)
WIN_2003
Unicode based on Hybrid Analysis (2.exe.bin)
WIN_2008
Unicode based on Hybrid Analysis (2.exe.bin)
WIN_VISTA
Unicode based on Memory/File Scan (2.exe.bin)
WIN_XP
Unicode based on Hybrid Analysis (2.exe.bin)
WINACTIVATE
Unicode based on Memory/File Scan (2.exe.bin)
WINACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
winapi
Unicode based on Hybrid Analysis (2.exe.bin)
WINCLOSE
Unicode based on Hybrid Analysis (2.exe.bin)
WINDESCRIPTION
Unicode based on Memory/File Scan (2.exe.bin)
WinDetectHiddenText
Unicode based on Memory/File Scan (2.exe.bin)
WindowFromPoint
Ansi based on Memory/File Scan (2.exe.bin)
WINDOWSDIR
Unicode based on Memory/File Scan (2.exe.bin)
WINEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
WINFLASH
Unicode based on Hybrid Analysis (2.exe.bin)
WINGETCARETPOS
Unicode based on Memory/File Scan (2.exe.bin)
WINGETCLASSLIST
Unicode based on Memory/File Scan (2.exe.bin)
WINGETCLIENTSIZE
Unicode based on Memory/File Scan (2.exe.bin)
WINGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
WINGETPOS
Unicode based on Memory/File Scan (2.exe.bin)
WINGETPROCESS
Unicode based on Memory/File Scan (2.exe.bin)
WINGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
WINGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
WINGETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
WININET.dll
Ansi based on Memory/File Scan (2.exe.bin)
WINKILL
Unicode based on Hybrid Analysis (2.exe.bin)
WINLIST
Unicode based on Hybrid Analysis (2.exe.bin)
WINMENUSELECTITEM
Unicode based on Memory/File Scan (2.exe.bin)
WINMINIMIZEALL
Unicode based on Memory/File Scan (2.exe.bin)
WINMINIMIZEALLUNDO
Unicode based on Memory/File Scan (2.exe.bin)
WINMM.dll
Ansi based on Memory/File Scan (2.exe.bin)
WINMOVE
Unicode based on Hybrid Analysis (2.exe.bin)
WinSearchChildren
Unicode based on Memory/File Scan (2.exe.bin)
WINSETONTOP
Unicode based on Memory/File Scan (2.exe.bin)
WINSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
WINSETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
WINSETTRANS
Unicode based on Memory/File Scan (2.exe.bin)
WinSock 2.0 Provider ID
Unicode based on Runtime Data (2.exe )
WinSock_Registry_Version
Unicode based on Runtime Data (2.exe )
winsta0
Unicode based on Hybrid Analysis (2.exe.bin)
winsta0\default
Unicode based on Memory/File Scan (2.exe.bin)
WinTextMatchMode
Unicode based on Memory/File Scan (2.exe.bin)
WinTitleMatchMode
Unicode based on Memory/File Scan (2.exe.bin)
WINWAIT
Unicode based on Hybrid Analysis (2.exe.bin)
WINWAITACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
WINWAITCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
WinWaitDelay
Unicode based on Memory/File Scan (2.exe.bin)
WINWAITNOTACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
WITEM
Unicode based on Memory/File Scan (2.exe.bin)
WNetAddConnection2W
Ansi based on Memory/File Scan (2.exe.bin)
WNetCancelConnection2W
Ansi based on Memory/File Scan (2.exe.bin)
WNetGetConnectionW
Ansi based on Memory/File Scan (2.exe.bin)
WNetUseConnectionW
Ansi based on Memory/File Scan (2.exe.bin)
WORKINGDIR
Unicode based on Memory/File Scan (2.exe.bin)
WpadDecision
Unicode based on Runtime Data (2.exe )
WpadDecisionReason
Unicode based on Runtime Data (2.exe )
WpadDecisionTime
Unicode based on Runtime Data (2.exe )
WpadExpirationDays
Unicode based on Runtime Data (2.exe )
WpadLastNetwork
Unicode based on Runtime Data (2.exe )
WpadNetworkName
Unicode based on Runtime Data (2.exe )
WpadOverride
Unicode based on Runtime Data (2.exe )
WpadSearchAllDomains
Unicode based on Runtime Data (2.exe )
wparam
Unicode based on Memory/File Scan (2.exe.bin)
WriteConsoleA
Ansi based on Memory/File Scan (2.exe.bin)
WriteConsoleW
Ansi based on Memory/File Scan (2.exe.bin)
WriteFile
Ansi based on Memory/File Scan (2.exe.bin)
WritePrivateProfileSectionW
Ansi based on Memory/File Scan (2.exe.bin)
WritePrivateProfileStringW
Ansi based on Memory/File Scan (2.exe.bin)
WriteProcessMemory
Ansi based on Memory/File Scan (2.exe.bin)
Ws2_32NumHandleBuckets
Unicode based on Runtime Data (2.exe )
Ws2_32SpinCount
Unicode based on Runtime Data (2.exe )
WSOCK32.dll
Ansi based on Memory/File Scan (2.exe.bin)
wsprintfW
Ansi based on Memory/File Scan (2.exe.bin)
wstring
Unicode based on Memory/File Scan (2.exe.bin)
WVZWWWVWWZZWWWVWWWWWWVWWWYZWWWWWVWVWWVWWVZZZWWWWWWWZWZWWWVWWVZWWWWWWYYWVWWVWWWWZZZWWYVWWV@
Ansi based on Memory/File Scan (2.exe.bin)
www.balu000.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu001.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu002.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu003.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu004.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu005.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu006.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu007.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu008.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu009.0catch.com
Ansi based on PCAP Processing (PCAP)
wwwwwwwwwwwwxwwwxwwwwwwwwwwtwwwwwwxwwwwwuwwwwwwxtwwwwwwwwwwwwwwwwwwxwxwwwwwwwwwwwwwxwwwww)
Ansi based on Memory/File Scan (2.exe.bin)
X#O-x%4]"
Ansi based on Memory/File Scan (2.exe.bin)
xBitmap32
Unicode based on Memory/File Scan (2.exe.bin)
xdigit
Ansi based on Memory/File Scan (2.exe.bin)
XELCHECKSUM
Unicode based on Memory/File Scan (2.exe.bin)
XELSEARCH
Unicode based on Memory/File Scan (2.exe.bin)
XISTS
Unicode based on Memory/File Scan (2.exe.bin)
XITCODE
Unicode based on Memory/File Scan (2.exe.bin)
XPREPLACE
Unicode based on Memory/File Scan (2.exe.bin)
XPTITLE
Unicode based on Memory/File Scan (2.exe.bin)
XTFILE
Unicode based on Memory/File Scan (2.exe.bin)
XwwwwwwwwwwwwwwSSSTTpNJBllll
Ansi based on Memory/File Scan (2.exe.bin)
xyyzzzwyzyzzzzwzwwxzzyxzzzyyzzxxzzwxxxyxxxzzzzxyyyywzzzxyyxzzxzxzxyywyzzzwxxzxzyyxzzxwzzz*
Ansi based on Memory/File Scan (2.exe.bin)
xyyzzzwyzyzzzzwzwwxzzyxzzzyyzzxxzzwxxzz|zz|{zzz{|zzz{z{zzzzzzz|z{z{z{{z{zzzzzz{{{zzz{z{{{+
Ansi based on Memory/File Scan (2.exe.bin)
Yahoo Messengger
Unicode based on Runtime Data (2.exe )
yMode
Unicode based on Memory/File Scan (2.exe.bin)
YWORD
Unicode based on Memory/File Scan (2.exe.bin)
yyyy3Wq
Ansi based on Memory/File Scan (2.exe.bin)
Z[Z[WWZZWWZZZXXZZZZWZXZZ[X[[[ZZWZZZZZWZZXWWZXZWZWZZZZZZZZZ[ZW[ZZ[ZZ[ZWWZ[[ZZWZZZZ[[WZZZZZA
Ansi based on Memory/File Scan (2.exe.bin)
zz{{zz|{zzzzzz|}zzzzzzzzzz{z{|zz{zzz|{}}}}{}}}}{}{}}}}{}}}}{}}}}}}}{}}{}{}}{{}}zz}}}{}}}},
Ansi based on Memory/File Scan (2.exe.bin)
{09477111-DE61-43CD-A5AA-D9F7B489301F}
Unicode based on Runtime Data (2.exe )
{20D04FE0-3AEA-1069-A2D8-08002B30309D}
Unicode based on Runtime Data (2.exe )
{if(!aAx&&LX){if(!window['googleNDT_']){}LX(google.ads.domains.Caf);}aAx=true;};DY.body.appendChild(DE);return{azj:function(n$){if(aAx)n$(google.ads.domains.Caf);elseLX=n$;},bq:function(){if(!aAx){DY.body.removeChild(DE);}}};})();g_pd=(function(){varazu=window.location,nw={},bH,azs=azu.search.substring(1),aAp,aAr;if(!azs)return nw;aAp=azs.split("&");for(bH=0;bH<aAp.length;bH++){aAr=aAp[bH].split('=');nw[aAr[0]]=aAr[1]?aAr[1]:"";}return nw;})();g_pc=(function(){var $is_ABP_whitelisted=null;var $Image1=new Image;var $Image2=new Image;var $error1=false;var $error2=false;var $remaining=2;var $random=Math.random()*11;function $imageLoaded(){$remaining--;if($remaining===0)$is_ABP_whitelisted=!$error1&&$error2;}$Image1.onload=$Image2.onload=$imageLoaded;$Image1.onerror=function(){$error1=true;$imageLoaded();};$Image2.onerror=function(){$error2=true;$imageLoaded();};$Image1.src='/px.gif?ch=1&rn='+$random;$Image2.src='/px.gif?ch=2&rn='+$random;return{azl:function(){return'&abp='+($is_ABP_whitelisted?'1':'0');},$isWhitelisted:function(){return $is_ABP_whitelisted;},$onReady:function($callback){function $poll(){if($is_ABP_whitelisted===null)setTimeout($poll,100);else $callback();}$poll();}}})();(function(){var aAj=screen,RC=window,azu=RC.location,aAw=top.location,DY=document,Sp=DY.body||DY.getElementsByTagName('body')[0],aAu=0,aAs=0,aAt=0,$IE=null;if(Sp.className==='ie6')$IE=6;else if(Sp.className==='ie7')$IE=7;else if(Sp.className===
Ansi based on PCAP Processing (network.pcap)
{{{{{{{{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
|$,+t$ +|$$
Ansi based on Memory/File Scan (2.exe.bin)
|%##########################
Ansi based on Memory/File Scan (2.exe.bin)
}}}{{{}}}{{}{{{}}{}}{{}}}{}}}{z}{}}{}{}}}}{}}}}{}{}}}}{}}}}{}}}}}}}{}}{}{}}{{}}zz}}}{}}}},
Ansi based on Memory/File Scan (2.exe.bin)
}}}~}~}~~~~~}~~~~
Ansi based on Memory/File Scan (2.exe.bin)
}~}}~}}~~}~~~~~~~~
Ansi based on Memory/File Scan (2.exe.bin)
~-C+GX:]
Ansi based on Memory/File Scan (2.exe.bin)
�����
Ansi based on Runtime Data (2.exe )
������
Ansi based on Runtime Data (2.exe )
�������
Ansi based on Runtime Data (2.exe )
��������
Ansi based on Runtime Data (2.exe )
���������
Ansi based on Runtime Data (2.exe )
����������
Ansi based on Runtime Data (2.exe )
�����������
Ansi based on Runtime Data (2.exe )
������������
Ansi based on Runtime Data (2.exe )
�������������
Ansi based on Runtime Data (2.exe )
��������������
Ansi based on Runtime Data (2.exe )
����������������
Ansi based on Runtime Data (2.exe )
�������������������
Ansi based on Runtime Data (2.exe )
��������������������
Ansi based on Runtime Data (2.exe )
�������������������������
Ansi based on Runtime Data (2.exe )
��������������������������
Ansi based on Runtime Data (2.exe )
����������������������������
Ansi based on Runtime Data (2.exe )
������������������������������
Ansi based on Runtime Data (2.exe )
�����������������������������������������������������������?����������������������������������
Ansi based on Runtime Data (2.exe )
�����������������������������������������������������������?�������������������������������������
Ansi based on Runtime Data (2.exe )
�����������������������������������������������������������?��������������������������������������
Ansi based on Runtime Data (2.exe )
�������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
��������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
��������������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
���������������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
��������������������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
���������������������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
!""""""##$%&'())))))**+,-./FFFFFFFF001234566678789:;<=;<=FFF>?@ABCD
Ansi based on Memory/File Scan (2.exe.bin)
"1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity type="win32" processorArchitecture="*" version="1.0.0.0" name="Windows"/><description>Windows</description> Identify the application security requirements. --><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges><requestedExecutionLevellevel="asInvoker"uiAccess="false"/></requestedPrivileges></security></trustInfo> Identify the application dependencies. --><dependency><dependentAssembly><assemblyIdentitytype="win32"name="Microsoft.Windows.Common-Controls"version="6.0.0.0"language="*"processorArchitecture="*"publicKeyToken="6595b64144ccf1df"/></dependentAssembly></dependency></assembly>
Ansi based on Memory/File Scan (2.exe.bin)
#comments-end
Unicode based on Memory/File Scan (2.exe.bin)
#comments-start
Unicode based on Memory/File Scan (2.exe.bin)
$Id: qmath.h,v 1.1 2004/01/15 19:50:35 jonbennett Exp $
Ansi based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s.: %s %s
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s:
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s: %s %s
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s:%s%s
Unicode based on Memory/File Scan (2.exe.bin)
%USERPROFILE%\Desktop\system3_.exe
Unicode based on Runtime Data (2.exe )
'ie8')$IE=8;else if(Sp.className==='ie9')$IE=9;function aAq($callback){aAt++;aAu=RC.innerWidth||DY.documentElement.clientWidth||Sp.clientWidth;aAs=RC.innerHeight||DY.documentElement.clientHeight||Sp.clientHeight;if(aAu>0||aAt>=5){$callback();}else{setTimeout(aAq,100);}}var $num_requirements=2;function $requirementMet(){$num_requirements--;if($num_requirements===0)aAv();}aAq($requirementMet);g_pc.$onReady($requirementMet);function aAv(){var ef=undefined,IQ=encodeURIComponent,aAo;if(aAw!=azu&&g_pd.r_s===ef)aAw.href=azu.href;aAo=DY.createElement('script');aAo.type='text/javascript';aAo.src='/glp'+'?r='+(g_pd.r!==ef?g_pd.r:(DY.referrer?IQ(DY.referrer.substr(0,255)):''))+(g_pd.r_u?'&u='+g_pd.r_u:'&u='+IQ(azu.href.split('?')[0]))+(g_pd.gc?'&gc='+g_pd.gc:'')+(g_pd.cid?'&cid='+g_pd.cid:'')+(g_pd.query?'&sq='+g_pd.query:'')+(g_pd.search?'&ss=1':'')+(g_pd.a!==ef?'&a':'')+(g_pd.z!==ef?'&z':'')+(g_pd.z_ds!==ef?'&z_ds':'')+(g_pd.r_s!==ef?'&r_s='+g_pd.r_s:'')+(g_pd.r_d!==ef?'&r_d='+g_pd.r_d:'')+'&rw='+aAj.width+'&rh='+aAj.height+(g_pd.r_ww!==ef?'&ww='+g_pd.r_ww:'&ww='+aAu)+(g_pd.r_wh!==ef?'&wh='+g_pd.r_wh:'&wh='+aAs)+(g_pc.$isWhitelisted()?'&abp=1':'')+($IE!==null?'&ie='+$IE:'')+(g_pd.partner!==ef?'&partner='+g_pd.partner:'')+(g_pd.subid1!==ef?'&subid1='+g_pd.subid1:'')+(g_pd.subid2!==ef?'&subid2='+g_pd.subid2:'')+(g_pd.subid3!==ef?'&subid3='+g_pd.subid3:'');Sp.appendChild(aAo);}})();</script></body></html>
Ansi based on PCAP Processing (network.pcap)
((((( H
Unicode based on Memory/File Scan (2.exe.bin)
(*VERB) with an argument is not supported
Ansi based on Memory/File Scan (2.exe.bin)
(?R or (?[+-]digits must be followed by )
Ansi based on Memory/File Scan (2.exe.bin)
*Unable to get a list of running processes.*Missing separator character after keyword.
Unicode based on Memory/File Scan (2.exe.bin)
-----
Unicode based on Hybrid Analysis (2.exe.bin)
.2180 (xpsp_sp2_rtm.040803-2158)
Unicode based on Memory/File Scan (2.exe.bin)
.?AVbad_alloc@std@@
Ansi based on Memory/File Scan (2.exe.bin)
.?AVexception@std@@
Ansi based on Memory/File Scan (2.exe.bin)
.?AVtype_info@@
Ansi based on Memory/File Scan (2.exe.bin)
/AutoIt3ExecuteLine
Unicode based on Memory/File Scan (2.exe.bin)
/AutoIt3ExecuteScript
Unicode based on Memory/File Scan (2.exe.bin)
/C AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe
Ansi based on Process Commandline (cmd.exe)
/ErrorStdOut
Unicode based on Memory/File Scan (2.exe.bin)
0?{{{{{{{{{{{{{{{{{{{{{{0?
Ansi based on Memory/File Scan (2.exe.bin)
1#INF
Ansi based on Hybrid Analysis (2.exe.bin)
2((((((((((((((((((((((((((
Ansi based on Memory/File Scan (2.exe.bin)
2.exe
Unicode based on Runtime Data (2.exe )
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Unicode based on Memory/File Scan (2.exe.bin)
9} tL9}$uB9}(uB3
Ansi based on Memory/File Scan (2.exe.bin)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity type="win32" processorArchitecture="*" version="1.0.0.0" name="Windows"/><description>Windows</description> Identify the application security requirements. --><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges><requestedExecutionLevellevel="asInvoker"uiAccess="false"/></requestedPrivileges></security></trustInfo> Identify the application dependencies. --><dependency><dependentAssembly><assemblyIdentitytype="win32"name="Microsoft.Windows.Common-Controls"version="6.0.0.0"language="*"processorArchitecture="*"publicKeyToken="6595b64144ccf1df"/></dependentAssembly></dependency></assembly>
Ansi based on Memory/File Scan (2.exe.bin)
<local>
Unicode based on Hybrid Analysis (2.exe.bin)
>>>AUTOIT SCRIPT<<<
Unicode based on Memory/File Scan (2.exe.bin)
?{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
?{{{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
?{{{{{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
@COM_EVENTOBJ
Unicode based on Memory/File Scan (2.exe.bin)
[[[[[[
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[[[
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[[[[
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[[[[7
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[jxzW
Ansi based on Memory/File Scan (2.exe.bin)
[[^[^[^[[]^[^[[[[[[[[[^^[[[[^^[[[[[^^[[[^^[[[[[[[^]^[[[[^[[^^[[[^ZZ[[^[[[^^^^[[ZZ[[][[[[^-
Ansi based on Memory/File Scan (2.exe.bin)
[Autorun]Open=system3_.exe
Ansi based on Runtime Data (2.exe )
[c*(((((((((((((((((wl
Ansi based on Memory/File Scan (2.exe.bin)
[o$(111111111((#
Ansi based on Memory/File Scan (2.exe.bin)
[REGEXPTITLE:
Unicode based on Memory/File Scan (2.exe.bin)
\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Unicode based on Memory/File Scan (2.exe.bin)
\RPC Control\console-0x00000900-lpc-handle
Unicode based on Runtime Data (at.exe )
\RPC Control\console-0x00000960-lpc-handle
Unicode based on Runtime Data (at.exe )
\Sessions\1\Windows\ApiPort
Unicode based on Runtime Data (2.exe )
\ThemeApiPort
Unicode based on Runtime Data (2.exe )
\VarFileInfo\Translation
Unicode based on Memory/File Scan (2.exe.bin)
] is an invalid data character in JavaScript compatibility mode
Ansi based on Memory/File Scan (2.exe.bin)
^ ERROR
Unicode based on Hybrid Analysis (2.exe.bin)
^_^\^_\^[__^^_^^__^^^^___^__^\_\\_^^^^\^^_[__^^__^_^__^^\[^^_^_^^_^\_^_^^\^\^[^[[__^\^^^\-
Ansi based on Memory/File Scan (2.exe.bin)
`\??\Volume{8177f4e4-b53f-11e4-a9c2-806e6f6e6963}
Unicode based on Runtime Data (2.exe )
`\??\Volume{8177f4e5-b53f-11e4-a9c2-806e6f6e6963}
Unicode based on Runtime Data (2.exe )
`local static guard'
Ansi based on Memory/File Scan (2.exe.bin)
`local static thread guard'
Ansi based on Memory/File Scan (2.exe.bin)
`local vftable constructor closure'
Ansi based on Memory/File Scan (2.exe.bin)
`local vftable'
Ansi based on Memory/File Scan (2.exe.bin)
AddressFamily
Unicode based on Runtime Data (2.exe )
ALLBACKREGISTER
Unicode based on Memory/File Scan (2.exe.bin)
APPDATACOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
APPSKEY
Ansi based on Memory/File Scan (2.exe.bin)
Assert Failed!
Unicode based on Memory/File Scan (2.exe.bin)
AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe
Ansi based on Process Commandline (at.exe)
AU3_GetPluginDetails
Ansi based on Memory/File Scan (2.exe.bin)
AutoIt Error
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt has detected the stack has become corrupt.Stack corruption typically occurs when either the wrong calling convention is used or when the function is called with the wrong number of arguments.AutoIt supports the __stdcall (WINAPI) and __cdecl calling conventions. The __stdcall (WINAPI) convention is used by default but __cdecl can be used instead. See the DllCall() documentation for details on changing the calling convention.
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt script files (*.au3, *.a3x)
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt.Error
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITEXE
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITVERSION
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITWINGETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITWINSETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
Badly formated Enum statement!Badly formated variable or macro.3This keyword cannot be used after a "Then" keyword.>"Select" statement is missing "EndSelect" or "Case" statement.+"If" statements must have a "Then" keyword. Badly formated Struct statement."Cannot assign values to constants..Cannot make existing variables into constants.9Only Object-type variables allowed in a "With" statement.v"long_ptr", "int_ptr" and "short_ptr" DllCall() types have been deprecated. Use "long*", "int*" and "short*" instead.-Object referenced outside a "With" statement.)Nested "With" statements are not allowed."Variable must be of type "Object".1The requested action with this object has failed.8Variable appears more than once in function declaration.2ReDim array can not be initialized in this manner.1An array variable can not be used in this manner.
Unicode based on Memory/File Scan (2.exe.bin)
BARGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
Base Class Descriptor at (
Ansi based on Memory/File Scan (2.exe.bin)
BINARY
Unicode based on Hybrid Analysis (2.exe.bin)
BINARYLEN
Unicode based on Memory/File Scan (2.exe.bin)
BINARYMID
Unicode based on Memory/File Scan (2.exe.bin)
BINARYTOSTRING
Unicode based on Memory/File Scan (2.exe.bin)
BROWSER_FORWARD
Ansi based on Memory/File Scan (2.exe.bin)
BypassHTTPNoCacheCheck
Unicode based on Runtime Data (2.exe )
C:\2.exe
Unicode based on Hybrid Analysis (2.exe , 00007995-00002916.00000001.11491.00401000.00000020.mdmp)
Can not redeclare a constant.5Can not redeclare a parameter inside a user function.HCan pass constants by reference only to parameters with "Const" keyword.*Can not initialize a variable with itself.$Incorrect way to use this parameter.:"EndSwitch" statement with no matching "Switch" statement.>"Switch" statement is missing "EndSwitch" or "Case" statement.H"ContinueCase" statement with no matching "Select"or "Switch" statement.
Unicode based on Memory/File Scan (2.exe.bin)
Can't install a new Errorhandler when one is still active.
Unicode based on Memory/File Scan (2.exe.bin)
character value in \x{...} sequence is too large
Ansi based on Memory/File Scan (2.exe.bin)
Class Hierarchy Descriptor'
Ansi based on Memory/File Scan (2.exe.bin)
ClientToScreen
Ansi based on Memory/File Scan (2.exe.bin)
CLIPGET
Unicode based on Hybrid Analysis (2.exe.bin)
closed
Unicode based on Hybrid Analysis (2.exe.bin)
CloseDesktop
Ansi based on Memory/File Scan (2.exe.bin)
CloseServiceHandle
Ansi based on Memory/File Scan (2.exe.bin)
CLSIDFromString
Ansi based on Memory/File Scan (2.exe.bin)
CMDLINE
Unicode based on Hybrid Analysis (2.exe.bin)
CMDLINERAW
Unicode based on Memory/File Scan (2.exe.bin)
CoCreateInstance
Ansi based on Memory/File Scan (2.exe.bin)
CoCreateInstanceEx
Ansi based on Memory/File Scan (2.exe.bin)
Com+Enabled
Unicode based on Runtime Data (2.exe )
Combobox
Unicode based on Hybrid Analysis (2.exe.bin)
ComboBox
Unicode based on Hybrid Analysis (2.exe.bin)
COMCTL32.dll
Ansi based on Memory/File Scan (2.exe.bin)
COMDLG32.dll
Ansi based on Memory/File Scan (2.exe.bin)
Comment
Unicode based on Runtime Data (at.exe )
COMMIT
Ansi based on Memory/File Scan (2.exe.bin)
Common
Ansi based on Memory/File Scan (2.exe.bin)
Common AppData
Unicode based on Memory/File Scan (2.exe.bin)
Common Desktop
Unicode based on Memory/File Scan (2.exe.bin)
Common Documents
Unicode based on Memory/File Scan (2.exe.bin)
Common Favorites
Unicode based on Memory/File Scan (2.exe.bin)
Common Programs
Unicode based on Memory/File Scan (2.exe.bin)
Common Start Menu
Unicode based on Memory/File Scan (2.exe.bin)
Common Startup
Unicode based on Memory/File Scan (2.exe.bin)
COMMONFILESDIR
Unicode based on Memory/File Scan (2.exe.bin)
CommonFilesDir
Unicode based on Memory/File Scan (2.exe.bin)
CompareStringA
Ansi based on Memory/File Scan (2.exe.bin)
CompareStringW
Ansi based on Memory/File Scan (2.exe.bin)
Complete Object Locator'
Ansi based on Memory/File Scan (2.exe.bin)
ComputerName
Unicode based on Runtime Data (2.exe )
COMPUTERNAME
Unicode based on Memory/File Scan (2.exe.bin)
COMSPEC
Unicode based on Hybrid Analysis (2.exe.bin)
conditional group contains more than two branches
Ansi based on Memory/File Scan (2.exe.bin)
CONSOLEWRITEERROR
Unicode based on Memory/File Scan (2.exe.bin)
constants.9Only Object-type variables allowed in a "With" statement.v"long_ptr", "int_ptr" and "short_ptr" DllCall() types have been deprecated. Use "long*", "int*" and "short*" instead.-Object referenced outside a "With" statement.)Nested "With" statements are not allowed."Variable must be of type "Object".1The requested action with this object has failed.8Variable appears more than once in function declaration.2ReDim array can not be initialized in this manner.1An array variable can not be used in this m
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLCOMMAND
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETFOCUS
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETPOS
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
Conversion of parameters failed
Unicode based on Memory/File Scan (2.exe.bin)
CorExitProcess
Ansi based on Memory/File Scan (2.exe.bin)
CreateBindCtx
Ansi based on Memory/File Scan (2.exe.bin)
CreateCompatibleBitmap
Ansi based on Memory/File Scan (2.exe.bin)
CreateCompatibleDC
Ansi based on Memory/File Scan (2.exe.bin)
CreatePipe
Ansi based on Memory/File Scan (2.exe.bin)
CreateProcessAsUserW
Ansi based on Memory/File Scan (2.exe.bin)
CreateProcessW
Ansi based on Memory/File Scan (2.exe.bin)
CreateProcessWithLogonW
Ansi based on Memory/File Scan (2.exe.bin)
DefaultConnectionSettings
Unicode based on Runtime Data (2.exe )
DEFINE group contains more than one branch
Ansi based on Memory/File Scan (2.exe.bin)
DESCRIPTION
Unicode based on Memory/File Scan (2.exe.bin)
Description
Unicode based on Runtime Data (2.exe )
DESKTOPCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
DIRCOPY
Unicode based on Hybrid Analysis (2.exe.bin)
DIRCREATE
Unicode based on Memory/File Scan (2.exe.bin)
DIRGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
DisableLocalOverride
Unicode based on Runtime Data (2.exe )
DisablePassport
Unicode based on Runtime Data (2.exe )
DisableRegistryTools
Unicode based on Runtime Data (2.exe )
DisplayScriptDownloadFailureUI
Unicode based on Runtime Data (2.exe )
DLLCALLBACKGETPTR
Unicode based on Memory/File Scan (2.exe.bin)
DLLCALLBACKREGISTER
Unicode based on Memory/File Scan (2.exe.bin)
DLLERROR
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTGETDATA
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTGETPTR
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
DOCUMENTSCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
DOMAIN error
Ansi based on Memory/File Scan (2.exe.bin)
DrawFrameControl
Ansi based on Memory/File Scan (2.exe.bin)
DRIVEGETDRIVE
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETFILESYSTEM
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETLABEL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETSERIAL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETTYPE
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEMAPGET
Unicode based on Memory/File Scan (2.exe.bin)
ECOMBO
Unicode based on Memory/File Scan (2.exe.bin)
ecuteScript
Unicode based on Memory/File Scan (2.exe.bin)
EMGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
EnableHttp1_1
Unicode based on Runtime Data (2.exe )
EnableHttpTrace
Unicode based on Runtime Data (2.exe )
ENUCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
EnumProcesses
Ansi based on Memory/File Scan (2.exe.bin)
EnumProcessModules
Ansi based on Memory/File Scan (2.exe.bin)
ENVGET
Unicode based on Hybrid Analysis (2.exe.bin)
Error allocating memory.
Unicode based on Memory/File Scan (2.exe.bin)
Error in expression.
Unicode based on Memory/File Scan (2.exe.bin)
Error opening the file
Unicode based on Memory/File Scan (2.exe.bin)
Error parsing function call.0Incorrect number of parameters in function call.'"ReDim" used without an array variable.>Illegal text at the end of statement (one statement per line).1"If" statement has no matching "EndIf" statement.1"Else" statement with no matching "If" statement.2"EndIf" statement with no matching "If" statement.7Too many "Else" statements for matching "If" statement.3"While" statement has no matching "Wend" statement.4"Wend" statement with no matching "While" statement.%Variable used witho
Unicode based on Memory/File Scan (2.exe.bin)
Error parsing function call.0Incorrect number of parameters in function call.'"ReDim" used without an array variable.>Illegal text at the end of statement (one statement per line).1"If" statement has no matching "EndIf" statement.1"Else" statement with no matching "If" statement.2"EndIf" statement with no matching "If" statement.7Too many "Else" statements for matching "If" statement.3"While" statement has no matching "Wend" statement.4"Wend" statement with no matching "While" statement.%Variable used without being declared.XArray variable has incorrect number of subscripts or subscript dimension range exceeded.)Array variable subscript badly formatted.'Subscript used with non-Array variable.&Too many subscripts used for an array.0Missing subscript dimensions in "Dim" statement.NNo variable given for "Dim", "Local", "Global", "Struct" or "Const" statement.0Expected a "=" operator in assignment statement.*Invalid keyword at the start of this line.
Unicode based on Memory/File Scan (2.exe.bin)
Error:
Unicode based on Memory/File Scan (2.exe.bin)
ersion of parameters failed
Unicode based on Memory/File Scan (2.exe.bin)
ETGETACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
EXECUTE
Unicode based on Hybrid Analysis (2.exe.bin)
ExecuteLine
Unicode based on Memory/File Scan (2.exe.bin)
ExitProcess
Ansi based on Memory/File Scan (2.exe.bin)
Explorer.exe system3_.exe
Unicode based on Runtime Data (2.exe )
Export
Unicode based on Runtime Data (2.exe )
Failed to create the Error Handler
Unicode based on Memory/File Scan (2.exe.bin)
Failed to create the Event Object.
Unicode based on Memory/File Scan (2.exe.bin)
failed to get memory
Ansi based on Memory/File Scan (2.exe.bin)
Failed to retrieve outgoing Event Interface from Object.
Unicode based on Memory/File Scan (2.exe.bin)
FAVORITESCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETATTRIB
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETLONGNAME
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETSHORTCUT
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETSHORTNAME
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETTIME
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETVERSION
Unicode based on Memory/File Scan (2.exe.bin)
FILEINSTALL
Unicode based on Memory/File Scan (2.exe.bin)
FileTimeToLocalFileTime
Ansi based on Memory/File Scan (2.exe.bin)
FileVersion
Unicode based on Memory/File Scan (2.exe.bin)
FlsGetValue
Ansi based on Memory/File Scan (2.exe.bin)
FlsSetValue
Ansi based on Memory/File Scan (2.exe.bin)
FrameRect
Ansi based on Memory/File Scan (2.exe.bin)
FtpBinaryMode
Unicode based on Memory/File Scan (2.exe.bin)
FtpDefaultExpiryTimeSecs
Unicode based on Runtime Data (2.exe )
FtpGetFileSize
Ansi based on Memory/File Scan (2.exe.bin)
FtpOpenFileW
Ansi based on Memory/File Scan (2.exe.bin)
FTPSETPROXY
Unicode based on Memory/File Scan (2.exe.bin)
GAIsProcessorFeaturePresent
Ansi based on Memory/File Scan (2.exe.bin)
GET /asdb000/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb002/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb004/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb006/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb008/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb010/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb012/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb014/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb016/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb018/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb020/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu000.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu001.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu002.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu003.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu004.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu005.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu006.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu007.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu008.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu009.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
get__NewEnum
Unicode based on Memory/File Scan (2.exe.bin)
GetAce
Ansi based on Memory/File Scan (2.exe.bin)
GetAclInformation
Ansi based on Memory/File Scan (2.exe.bin)
GetACP
Ansi based on Memory/File Scan (2.exe.bin)
GetActiveWindow
Ansi based on Memory/File Scan (2.exe.bin)
GetAsyncKeyState
Ansi based on Memory/File Scan (2.exe.bin)
GETATTRIB
Unicode based on Memory/File Scan (2.exe.bin)
GetCaretPos
Ansi based on Memory/File Scan (2.exe.bin)
GetClassNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetClientRect
Ansi based on Memory/File Scan (2.exe.bin)
GetClipboardData
Ansi based on Memory/File Scan (2.exe.bin)
GetCommandLineW
Ansi based on Memory/File Scan (2.exe.bin)
GetComputerNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetConsoleCP
Ansi based on Memory/File Scan (2.exe.bin)
GetConsoleMode
Ansi based on Memory/File Scan (2.exe.bin)
GetConsoleOutputCP
Ansi based on Memory/File Scan (2.exe.bin)
GetCPInfo
Ansi based on Memory/File Scan (2.exe.bin)
GETCURRENTCOL
Unicode based on Memory/File Scan (2.exe.bin)
GetCurrentDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GETCURRENTLINE
Unicode based on Memory/File Scan (2.exe.bin)
GetCurrentProcess
Ansi based on Memory/File Scan (2.exe.bin)
GetCurrentProcessId
Ansi based on Memory/File Scan (2.exe.bin)
GETCURRENTSELECTION
Unicode based on Memory/File Scan (2.exe.bin)
GetCurrentThread
Ansi based on Memory/File Scan (2.exe.bin)
GetCurrentThreadId
Ansi based on Memory/File Scan (2.exe.bin)
GetCursor
Ansi based on Memory/File Scan (2.exe.bin)
GetCursorPos
Ansi based on Memory/File Scan (2.exe.bin)
GetDC
Ansi based on Memory/File Scan (2.exe.bin)
GetDesktopWindow
Ansi based on Memory/File Scan (2.exe.bin)
GetDeviceCaps
Ansi based on Memory/File Scan (2.exe.bin)
GetDIBits
Ansi based on Memory/File Scan (2.exe.bin)
GetDiskFreeSpaceExW
Ansi based on Memory/File Scan (2.exe.bin)
GetDiskFreeSpaceW
Ansi based on Memory/File Scan (2.exe.bin)
GetDlgCtrlID
Ansi based on Memory/File Scan (2.exe.bin)
GetDlgItem
Ansi based on Memory/File Scan (2.exe.bin)
GetDriveTypeW
Ansi based on Memory/File Scan (2.exe.bin)
GetEnvironmentStringsW
Ansi based on Memory/File Scan (2.exe.bin)
GetEnvironmentVariableW
Ansi based on Memory/File Scan (2.exe.bin)
GetExitCodeProcess
Ansi based on Memory/File Scan (2.exe.bin)
GetFileAttributesW
Ansi based on Memory/File Scan (2.exe.bin)
GetFileSize
Ansi based on Memory/File Scan (2.exe.bin)
GetFileType
Ansi based on Memory/File Scan (2.exe.bin)
GetFileVersionInfoSizeW
Ansi based on Memory/File Scan (2.exe.bin)
GetFileVersionInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetFocus
Ansi based on Memory/File Scan (2.exe.bin)
GetForegroundWindow
Ansi based on Memory/File Scan (2.exe.bin)
GetFullPathNameW
Ansi based on Memory/File Scan (2.exe.bin)
GETITEMCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetKeyboardLayoutNameA
Ansi based on Memory/File Scan (2.exe.bin)
GetKeyboardLayoutNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetKeyboardState
Ansi based on Memory/File Scan (2.exe.bin)
GetKeyState
Ansi based on Memory/File Scan (2.exe.bin)
GetLastActivePopup
Ansi based on Memory/File Scan (2.exe.bin)
GetLastError
Ansi based on Memory/File Scan (2.exe.bin)
GetLengthSid
Ansi based on Memory/File Scan (2.exe.bin)
GETLINE
Unicode based on Hybrid Analysis (2.exe.bin)
GETLINECOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetLocaleInfoA
Ansi based on Memory/File Scan (2.exe.bin)
GetLocalTime
Ansi based on Memory/File Scan (2.exe.bin)
GetMenu
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuItemCount
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuItemID
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuItemInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuStringW
Ansi based on Memory/File Scan (2.exe.bin)
GetMessageW
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleBaseNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleFileNameA
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleHandleA
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleHandleW
Ansi based on Memory/File Scan (2.exe.bin)
GetMonitorInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetNativeSystemInfo
Ansi based on Memory/File Scan (2.exe.bin)
GetObjectW
Ansi based on Memory/File Scan (2.exe.bin)
GetOEMCP
Ansi based on Memory/File Scan (2.exe.bin)
GetOpenFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetParent
Ansi based on Memory/File Scan (2.exe.bin)
GetPixel
Ansi based on Memory/File Scan (2.exe.bin)
GetPrivateProfileSectionNamesW
Ansi based on Memory/File Scan (2.exe.bin)
GetPrivateProfileSectionW
Ansi based on Memory/File Scan (2.exe.bin)
GetPrivateProfileStringW
Ansi based on Memory/File Scan (2.exe.bin)
GetProcAddress
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessHeap
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessIoCounters
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessMemoryInfo
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessWindowStation
Ansi based on Memory/File Scan (2.exe.bin)
GetSaveFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetSecurityDescriptorDacl
Ansi based on Memory/File Scan (2.exe.bin)
GETSELECTED
Unicode based on Memory/File Scan (2.exe.bin)
GETSELECTEDCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetShortPathNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetStartupInfoA
Ansi based on Memory/File Scan (2.exe.bin)
GetStartupInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetStdHandle
Ansi based on Memory/File Scan (2.exe.bin)
GetStockObject
Ansi based on Memory/File Scan (2.exe.bin)
GetStringTypeA
Ansi based on Memory/File Scan (2.exe.bin)
GetStringTypeW
Ansi based on Memory/File Scan (2.exe.bin)
GETSUBITEMCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetSubMenu
Ansi based on Memory/File Scan (2.exe.bin)
GetSysColor
Ansi based on Memory/File Scan (2.exe.bin)
GetSysColorBrush
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemInfo
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemMetrics
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemTimeAsFileTime
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemWow64DirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GetTempFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetTempPathW
Ansi based on Memory/File Scan (2.exe.bin)
GETTEXT
Unicode based on Hybrid Analysis (2.exe.bin)
GetTextExtentPoint32W
Ansi based on Memory/File Scan (2.exe.bin)
GetTextFaceW
Ansi based on Memory/File Scan (2.exe.bin)
GetTickCount
Ansi based on Memory/File Scan (2.exe.bin)
GETTIME
Unicode based on Memory/File Scan (2.exe.bin)
GetTimeZoneInformation
Ansi based on Memory/File Scan (2.exe.bin)
GetTokenInformation
Ansi based on Memory/File Scan (2.exe.bin)
GETTOTALCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetUserNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetUserObjectInformationA
Ansi based on Memory/File Scan (2.exe.bin)
GetUserObjectSecurity
Ansi based on Memory/File Scan (2.exe.bin)
GetVersionExW
Ansi based on Memory/File Scan (2.exe.bin)
GetVolumeInformationW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowDC
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowLongW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowRect
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowsDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowTextLengthW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowTextW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowThreadProcessId
Ansi based on Memory/File Scan (2.exe.bin)
GUICTRLCREATECOMBO
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLREGISTERLISTVIEWSORT
Unicode based on Memory/File Scan (2.exe.bin)
GUIGETCURSORINFO
Unicode based on Memory/File Scan (2.exe.bin)
GUIGETMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUIGETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
GUIREGISTERMSG
Unicode based on Memory/File Scan (2.exe.bin)
h(((( H
Unicode based on Memory/File Scan (2.exe.bin)
h1.ripway.com
Ansi based on PCAP Processing (PCAP)
HKEY_CLASSES_ROOT
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_CURRENT_CONFIG
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_CURRENT_USER
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_LOCAL_MACHINE
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_USERS
Unicode based on Memory/File Scan (2.exe.bin)
HOTKEYPRESSED
Unicode based on Memory/File Scan (2.exe.bin)
HOTKEYSET
Unicode based on Memory/File Scan (2.exe.bin)
http://www.mydreamworld.50webs.com
Unicode based on Runtime Data (2.exe )
HttpDefaultExpiryTimeSecs
Unicode based on Runtime Data (2.exe )
HttpOpenRequestW
Ansi based on Memory/File Scan (2.exe.bin)
HttpQueryInfoW
Ansi based on Memory/File Scan (2.exe.bin)
HttpSendRequestW
Ansi based on Memory/File Scan (2.exe.bin)
HTTPSETPROXY
Unicode based on Memory/File Scan (2.exe.bin)
IcmpCloseHandle
Ansi based on Memory/File Scan (2.exe.bin)
IcmpCreateFile
Ansi based on Memory/File Scan (2.exe.bin)
IcmpSendEcho
Ansi based on Memory/File Scan (2.exe.bin)
ICTRLGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
IETldDllVersionHigh
Unicode based on Runtime Data (2.exe )
IETldDllVersionLow
Unicode based on Runtime Data (2.exe )
IETldVersionHigh
Unicode based on Runtime Data (2.exe )
IETldVersionLow
Unicode based on Runtime Data (2.exe )
IGETCURSORINFO
Unicode based on Memory/File Scan (2.exe.bin)
IGETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
IIDFromString
Ansi based on Memory/File Scan (2.exe.bin)
INETGET
Unicode based on Hybrid Analysis (2.exe.bin)
INETGETACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
INETGETBYTESREAD
Unicode based on Memory/File Scan (2.exe.bin)
INETGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
InflateRect
Ansi based on Memory/File Scan (2.exe.bin)
InfoTip
Unicode based on Runtime Data (2.exe )
InitCommonControlsEx
Ansi based on Memory/File Scan (2.exe.bin)
InitializeSecurityDescriptor
Ansi based on Memory/File Scan (2.exe.bin)
INSERT
Ansi based on Memory/File Scan (2.exe.bin)
InsertMenuItemW
Ansi based on Memory/File Scan (2.exe.bin)
install.txt
Unicode based on Runtime Data (2.exe )
InstallLanguage
Unicode based on Memory/File Scan (2.exe.bin)
INSTANCE
Unicode based on Hybrid Analysis (2.exe.bin)
internal error: code overflow
Ansi based on Memory/File Scan (2.exe.bin)
internal error: overran compiling workspace
Ansi based on Memory/File Scan (2.exe.bin)
internal error: previously-checked referenced subpattern not found
Ansi based on Memory/File Scan (2.exe.bin)
internal error: unexpected repeat
Ansi based on Memory/File Scan (2.exe.bin)
Invalid element in a DllStruct.*Unknown option or bad parameter specified.&Unable to load the internet libraries./"Struct" statement has no matching "EndStruct".HUnable to open file, the maximum number of open files has been exceeded.
Unicode based on Memory/File Scan (2.exe.bin)
Invalid file filter given.*Expected a variable in user function call.1"Do" statement has no matching "Until" statement.2"Until" statement with no matching "Do" statement.#"For" statement is badly formatted.2"Next" statement with no matching "For" statement.N"ExitLoop/ContinueLoop" statements only valid from inside a For/Do/While loop.1"For" statement has no matching "Next" statement.@"Case" statement with no matching "Select"or "Switch" statement.:"EndSelect" statement with no matching "Select" statement.ORecursion level has been exceeded - AutoIt will quit to prevent stack overflow.
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS1
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS2
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS3
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS4
Unicode based on Memory/File Scan (2.exe.bin)
IPGET
Unicode based on Memory/File Scan (2.exe.bin)
is a compiled AutoIt script. AV researchers please email avsupport@autoitscript.com for support.
Ansi based on Memory/File Scan (2.exe.bin)
ISBINARY
Unicode based on Hybrid Analysis (2.exe.bin)
ISKEYWORD
Unicode based on Memory/File Scan (2.exe.bin)
IsProcessorFeaturePresent
Ansi based on Hybrid Analysis (2.exe.bin)
IsThemeActive
Ansi based on Memory/File Scan (2.exe.bin)
IsWow64Process
Ansi based on Memory/File Scan (2.exe.bin)
IVEGETSERIAL
Unicode based on Memory/File Scan (2.exe.bin)
keybd_event
Ansi based on Memory/File Scan (2.exe.bin)
KeyDelay
Unicode based on Memory/File Scan (2.exe.bin)
Keyword
Unicode based on Memory/File Scan (2.exe.bin)
l a new Errorhandler when one is still active.
Unicode based on Memory/File Scan (2.exe.bin)
LASTDLLERROR
Unicode based on Memory/File Scan (2.exe.bin)
LMLLLKKNKKNLMKKLKKLLKLKKLKNLLKLLLKKLLMKKNKLNKKNLLKLNMKKLKLKKNNMMLMLLNLKMKKLMKLKLLNKLKLNNL;
Ansi based on Memory/File Scan (2.exe.bin)
LOCAL
Unicode based on Memory/File Scan (2.exe.bin)
Local AppData
Unicode based on Runtime Data (2.exe )
LocalFileTimeToFileTime
Ansi based on Memory/File Scan (2.exe.bin)
LocalizedName
Unicode based on Runtime Data (2.exe )
LocalRedirectOnly
Unicode based on Runtime Data (2.exe )
localserver32
Unicode based on Memory/File Scan (2.exe.bin)
LockServiceDatabase
Ansi based on Memory/File Scan (2.exe.bin)
LookupPrivilegeValueW
Ansi based on Memory/File Scan (2.exe.bin)
LSTRUCTGETPTR
Unicode based on Memory/File Scan (2.exe.bin)
MapVirtualKeyW
Ansi based on Memory/File Scan (2.exe.bin)
matching "For" statement.N"ExitLoop/ContinueLoop" statements only valid from inside a For/Do/While loop.1"For" statement has no matching "Next" statement.@"Case" statement with no matching "Select"or "Switch" statement.:"EndSelect" statement with no matching "Select" statement.ORecursion level has been exceeded - AutoIt will quit to prevent stack overflow.
Unicode based on Memory/File Scan (2.exe.bin)
MaxConnectionsPer1_0Server
Unicode based on Runtime Data (2.exe )
MaxConnectionsPerProxy
Unicode based on Runtime Data (2.exe )
MaxConnectionsPerServer
Unicode based on Runtime Data (2.exe )
MaxHttpRedirects
Unicode based on Runtime Data (2.exe )
MBCSAPIforCrack
Unicode based on Runtime Data (2.exe )
MEMGETSTATS
Unicode based on Memory/File Scan (2.exe.bin)
Microsoft Visual C++ Runtime Library
Ansi based on Memory/File Scan (2.exe.bin)
MinSockaddrLength
Unicode based on Runtime Data (2.exe )
missing ) after comment
Ansi based on Memory/File Scan (2.exe.bin)
MOUSEGETCURSOR
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEGETPOS
Unicode based on Memory/File Scan (2.exe.bin)
mscoree.dll
Unicode based on Memory/File Scan (2.exe.bin)
Msctls_Progress32
Unicode based on Memory/File Scan (2.exe.bin)
msctls_progress32
Unicode based on Memory/File Scan (2.exe.bin)
msctls_statusbar321
Unicode based on Memory/File Scan (2.exe.bin)
msctls_trackbar32
Unicode based on Memory/File Scan (2.exe.bin)
msctls_updown32
Unicode based on Memory/File Scan (2.exe.bin)
NGETCARETPOS
Unicode based on Memory/File Scan (2.exe.bin)
NGETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
no error
Ansi based on Hybrid Analysis (2.exe.bin)
NSOLEWRITEERROR
Unicode based on Memory/File Scan (2.exe.bin)
NUMKEY
Unicode based on Memory/File Scan (2.exe.bin)
OBJGET
Unicode based on Hybrid Analysis (2.exe.bin)
Obsolete function/parameter.4Invalid Exitcode (reserved for AutoIt internal use).
Unicode based on Memory/File Scan (2.exe.bin)
octal value is greater than \377 (not in UTF-8 mode)
Ansi based on Memory/File Scan (2.exe.bin)
OleSetMenuDescriptor
Ansi based on Memory/File Scan (2.exe.bin)
OpenProcess
Ansi based on Memory/File Scan (2.exe.bin)
OpenProcessToken
Ansi based on Memory/File Scan (2.exe.bin)
OSSERVICEPACK
Unicode based on Memory/File Scan (2.exe.bin)
OSVERSION
Unicode based on Memory/File Scan (2.exe.bin)
PCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
PCRE does not support \L, \l, \N, \U, or \u
Ansi based on Memory/File Scan (2.exe.bin)
PIXELGETCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
POSIX collating elements are not supported
Ansi based on Memory/File Scan (2.exe.bin)
POSIX named classes are supported only within a class
Ansi based on Memory/File Scan (2.exe.bin)
PostMessageW
Ansi based on Memory/File Scan (2.exe.bin)
PostQuitMessage
Ansi based on Memory/File Scan (2.exe.bin)
PRINTSCREEN
Ansi based on Memory/File Scan (2.exe.bin)
PrivateKeyLifetimeSeconds
Unicode based on Runtime Data (2.exe )
PrivKeyCacheMaxItems
Unicode based on Runtime Data (2.exe )
PrivKeyCachePurgeIntervalSeconds
Unicode based on Runtime Data (2.exe )
Process32FirstW
Ansi based on Memory/File Scan (2.exe.bin)
Process32NextW
Ansi based on Memory/File Scan (2.exe.bin)
PROCESSCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSGETSTATS
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSLIST
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSORARCH
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSSETPRIORITY
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSWAIT
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSWAITCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
Product Version
Unicode based on Memory/File Scan (2.exe.bin)
PROGRAMSCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
ProviderInfo
Unicode based on Runtime Data (2.exe )
ProxyHttp1.1
Unicode based on Runtime Data (2.exe )
QueryForInfoTip
Unicode based on Runtime Data (2.exe )
R6002- floating point support not loaded
Ansi based on Memory/File Scan (2.exe.bin)
R6017- unexpected multithread lock error
Ansi based on Memory/File Scan (2.exe.bin)
R6018- unexpected heap error
Ansi based on Memory/File Scan (2.exe.bin)
R6032- not enough space for locale information
Ansi based on Memory/File Scan (2.exe.bin)
R6033- Attempt to use MSIL code from this assembly during native code initializationThis indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Ansi based on Memory/File Scan (2.exe.bin)
R6034An application has made an attempt to load the C runtime library incorrectly.Please contact the application's support team for more information.
Ansi based on Memory/File Scan (2.exe.bin)
RE\Microsoft\Windows\CurrentVersion
Unicode based on Memory/File Scan (2.exe.bin)
ReadProcessMemory
Ansi based on Memory/File Scan (2.exe.bin)
REG_BINARY
Unicode based on Memory/File Scan (2.exe.bin)
REG_DWORD
Unicode based on Memory/File Scan (2.exe.bin)
REG_EXPAND_SZ
Unicode based on Memory/File Scan (2.exe.bin)
REG_MULTI_SZ
Unicode based on Memory/File Scan (2.exe.bin)
REG_QWORD
Unicode based on Memory/File Scan (2.exe.bin)
REG_SZ
Unicode based on Hybrid Analysis (2.exe.bin)
RegCloseKey
Ansi based on Memory/File Scan (2.exe.bin)
RegConnectRegistryW
Ansi based on Memory/File Scan (2.exe.bin)
RegCreateKeyExW
Ansi based on Memory/File Scan (2.exe.bin)
REGDELETE
Unicode based on Memory/File Scan (2.exe.bin)
RegDeleteKeyW
Ansi based on Memory/File Scan (2.exe.bin)
RegDeleteValueW
Ansi based on Memory/File Scan (2.exe.bin)
REGENUMKEY
Unicode based on Memory/File Scan (2.exe.bin)
RegEnumKeyExW
Ansi based on Memory/File Scan (2.exe.bin)
REGENUMVAL
Unicode based on Memory/File Scan (2.exe.bin)
RegEnumValueW
Ansi based on Memory/File Scan (2.exe.bin)
REGEXP=
Unicode based on Hybrid Analysis (2.exe.bin)
REGEXPCLASS
Unicode based on Memory/File Scan (2.exe.bin)
REGEXPTITLE
Unicode based on Memory/File Scan (2.exe.bin)
RegisterAdapterName
Unicode based on Runtime Data (2.exe )
RegisterClassExW
Ansi based on Memory/File Scan (2.exe.bin)
RegisterHotKey
Ansi based on Memory/File Scan (2.exe.bin)
RegisterWindowMessageW
Ansi based on Memory/File Scan (2.exe.bin)
RegistrationEnabled
Unicode based on Runtime Data (2.exe )
RegOpenKeyExW
Ansi based on Memory/File Scan (2.exe.bin)
RegQueryValueExW
Ansi based on Memory/File Scan (2.exe.bin)
REGREAD
Unicode based on Hybrid Analysis (2.exe.bin)
RegSetValueExW
Ansi based on Memory/File Scan (2.exe.bin)
regular expression is too large
Ansi based on Memory/File Scan (2.exe.bin)
REGWRITE
Unicode based on Hybrid Analysis (2.exe.bin)
RemoteRpcDll
Unicode based on Runtime Data (2.exe )
Run Script:
Unicode based on Memory/File Scan (2.exe.bin)
rundll32.exe
Unicode based on Runtime Data (rundll32.exe )
runtime error
Ansi based on Memory/File Scan (2.exe.bin)
Runtime Error!Program:
Ansi based on Memory/File Scan (2.exe.bin)
SafeProcessSearchMode
Unicode based on Runtime Data (2.exe )
ScreenToClient
Ansi based on Memory/File Scan (2.exe.bin)
Script &Paused
Unicode based on Memory/File Scan (2.exe.bin)
Script Paused
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPT<<<
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTDIR
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTFULLPATH
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTION
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTLINE
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTLINENUMBER
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTNAME
Unicode based on Memory/File Scan (2.exe.bin)
SCROLLLOCK
Ansi based on Memory/File Scan (2.exe.bin)
SendKeyDelay
Unicode based on Memory/File Scan (2.exe.bin)
SendKeyDownDelay
Unicode based on Memory/File Scan (2.exe.bin)
SendMessageTimeoutW
Ansi based on Memory/File Scan (2.exe.bin)
ServerInfoTimeout
Unicode based on Runtime Data (2.exe )
SETERROR
Unicode based on Hybrid Analysis (2.exe.bin)
SetErrorMode
Ansi based on Memory/File Scan (2.exe.bin)
SetForegroundWindow
Ansi based on Memory/File Scan (2.exe.bin)
SetKeyboardState
Ansi based on Memory/File Scan (2.exe.bin)
SetLastError
Ansi based on Memory/File Scan (2.exe.bin)
SetMenuItemInfoW
Ansi based on Memory/File Scan (2.exe.bin)
SetProcessWindowStation
Ansi based on Memory/File Scan (2.exe.bin)
SetSecurityDescriptorDacl
Ansi based on Memory/File Scan (2.exe.bin)
SetViewportOrgEx
Ansi based on Memory/File Scan (2.exe.bin)
ShareCredsWithWinHttp
Unicode based on Runtime Data (2.exe )
SHBrowseForFolderW
Ansi based on Memory/File Scan (2.exe.bin)
Shell\Open\command=system3_.exe
Ansi based on Runtime Data (2.exe )
Shell_TrayWnd
Unicode based on Memory/File Scan (2.exe.bin)
SHELLEXECUTE
Unicode based on Memory/File Scan (2.exe.bin)
Shellexecute=system3_.exe
Ansi based on Runtime Data (2.exe )
ShellExecuteExW
Ansi based on Memory/File Scan (2.exe.bin)
ShellExecuteW
Ansi based on Memory/File Scan (2.exe.bin)
SHELLEXECUTEWAIT
Unicode based on Memory/File Scan (2.exe.bin)
SHEmptyRecycleBinW
Ansi based on Memory/File Scan (2.exe.bin)
SHGetDesktopFolder
Ansi based on Memory/File Scan (2.exe.bin)
SHGetMalloc
Ansi based on Memory/File Scan (2.exe.bin)
SHGetPathFromIDListW
Ansi based on Memory/File Scan (2.exe.bin)
ShowDebugInfo
Unicode based on Runtime Data (rundll32.exe )
SING error
Ansi based on Memory/File Scan (2.exe.bin)
SOFTWARE\Microsoft\Windows\CurrentVersion
Unicode based on Memory/File Scan (2.exe.bin)
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Unicode based on Memory/File Scan (2.exe.bin)
spare error
Ansi based on Memory/File Scan (2.exe.bin)
SQMServiceList
Unicode based on Runtime Data (2.exe )
STARTMENUCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
STARTUPCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
STATUSBARGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
StoresServiceClassInfo
Unicode based on Runtime Data (2.exe )
STRINGCOMPARE
Unicode based on Memory/File Scan (2.exe.bin)
StringFileInfo
Unicode based on Memory/File Scan (2.exe.bin)
StringFileInfo\
Unicode based on Memory/File Scan (2.exe.bin)
STRINGINSTR
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISUPPER
Unicode based on Memory/File Scan (2.exe.bin)
STRINGREGEXP
Unicode based on Memory/File Scan (2.exe.bin)
STRINGREGEXPREPLACE
Unicode based on Memory/File Scan (2.exe.bin)
STRINGTOBINARY
Unicode based on Memory/File Scan (2.exe.bin)
support for \P, \p, and \X has not been compiled
Ansi based on Memory/File Scan (2.exe.bin)
SupportedNameSpace
Unicode based on Runtime Data (2.exe )
syntax error in subpattern name (missing terminator)
Ansi based on Memory/File Scan (2.exe.bin)
System32.exe
Unicode based on Memory/File Scan (2.exe.bin)
system3_.exe
Unicode based on Runtime Data (2.exe )
SYSTEM\CurrentControlSet\Control\Nls\Language
Unicode based on Memory/File Scan (2.exe.bin)
SystemParametersInfoW
Ansi based on Memory/File Scan (2.exe.bin)
TCPLISTEN
Unicode based on Memory/File Scan (2.exe.bin)
TerminateProcess
Ansi based on Memory/File Scan (2.exe.bin)
TESCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
ThemeApiConnectionRequest
Unicode based on Runtime Data (2.exe )
This application has requested the Runtime to terminate it in an unusual way.Please contact the application's support team for more information.
Ansi based on Memory/File Scan (2.exe.bin)
This is a compiled AutoIt script. AV researchers please email avsupport@autoitscript.com for support.
Ansi based on Memory/File Scan (2.exe.bin)
this version of PCRE is not compiled with PCRE_UTF8 support
Ansi based on Memory/File Scan (2.exe.bin)
timeGetTime
Ansi based on Memory/File Scan (2.exe.bin)
TKEYSET
Unicode based on Memory/File Scan (2.exe.bin)
TLOSS error
Ansi based on Memory/File Scan (2.exe.bin)
TlsGetValue
Ansi based on Memory/File Scan (2.exe.bin)
TOITWINSETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
Transports
Unicode based on Runtime Data (2.exe )
TRAYGETMSG
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
TVERSION
Unicode based on Memory/File Scan (2.exe.bin)
Type Descriptor'
Ansi based on Memory/File Scan (2.exe.bin)
UDPBIND
Unicode based on Hybrid Analysis (2.exe.bin)
Unable to open the script file.!Badly formatted "Func" statement.
Unicode based on Memory/File Scan (2.exe.bin)
Unable to parse line.(Missing right bracket ')' in expression.
Unicode based on Memory/File Scan (2.exe.bin)
UnlockServiceDatabase
Ansi based on Memory/File Scan (2.exe.bin)
UnregisterHotKey
Ansi based on Memory/File Scan (2.exe.bin)
Unterminated group of comments
Unicode based on Memory/File Scan (2.exe.bin)
VarFileInfo
Unicode based on Memory/File Scan (2.exe.bin)
VARGETTYPE
Unicode based on Memory/File Scan (2.exe.bin)
Version
Unicode based on Hybrid Analysis (2.exe.bin)
VERSION.dll
Ansi based on Memory/File Scan (2.exe.bin)
VkKeyScanA
Ansi based on Memory/File Scan (2.exe.bin)
VS_VERSION_INFO
Unicode based on Memory/File Scan (2.exe.bin)
WarnAlwaysOnPost
Unicode based on Runtime Data (2.exe )
WarnOnHTTPSToHTTPRedirect
Unicode based on Runtime Data (2.exe )
WarnOnPost
Unicode based on Runtime Data (2.exe )
WarnOnPostRedirect
Unicode based on Runtime Data (2.exe )
WINDESCRIPTION
Unicode based on Memory/File Scan (2.exe.bin)
WINFLASH
Unicode based on Hybrid Analysis (2.exe.bin)
WINGETCARETPOS
Unicode based on Memory/File Scan (2.exe.bin)
WINGETCLASSLIST
Unicode based on Memory/File Scan (2.exe.bin)
WINGETCLIENTSIZE
Unicode based on Memory/File Scan (2.exe.bin)
WINGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
WINGETPOS
Unicode based on Memory/File Scan (2.exe.bin)
WINGETPROCESS
Unicode based on Memory/File Scan (2.exe.bin)
WINGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
WINGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
WINGETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
WinSearchChildren
Unicode based on Memory/File Scan (2.exe.bin)
WINSETONTOP
Unicode based on Memory/File Scan (2.exe.bin)
WINSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
WINSETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
WINSETTRANS
Unicode based on Memory/File Scan (2.exe.bin)
WinSock 2.0 Provider ID
Unicode based on Runtime Data (2.exe )
WinSock_Registry_Version
Unicode based on Runtime Data (2.exe )
winsta0
Unicode based on Hybrid Analysis (2.exe.bin)
winsta0\default
Unicode based on Memory/File Scan (2.exe.bin)
WNetAddConnection2W
Ansi based on Memory/File Scan (2.exe.bin)
WNetCancelConnection2W
Ansi based on Memory/File Scan (2.exe.bin)
WNetGetConnectionW
Ansi based on Memory/File Scan (2.exe.bin)
WNetUseConnectionW
Ansi based on Memory/File Scan (2.exe.bin)
WpadSearchAllDomains
Unicode based on Runtime Data (2.exe )
WriteProcessMemory
Ansi based on Memory/File Scan (2.exe.bin)
WVZWWWVWWZZWWWVWWWWWWVWWWYZWWWWWVWVWWVWWVZZZWWWWWWWZWZWWWVWWVZWWWWWWYYWVWWVWWWWZZZWWYVWWV@
Ansi based on Memory/File Scan (2.exe.bin)
www.balu000.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu001.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu002.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu003.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu004.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu005.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu006.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu007.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu008.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu009.0catch.com
Ansi based on PCAP Processing (PCAP)
wwwwwwwwwwwwxwwwxwwwwwwwwwwtwwwwwwxwwwwwuwwwwwwxtwwwwwwwwwwwwwwwwwwxwxwwwwwwwwwwwwwxwwwww)
Ansi based on Memory/File Scan (2.exe.bin)
XwwwwwwwwwwwwwwSSSTTpNJBllll
Ansi based on Memory/File Scan (2.exe.bin)
xyyzzzwyzyzzzzwzwwxzzyxzzzyyzzxxzzwxxzz|zz|{zzz{|zzz{z{zzzzzzz|z{z{z{{z{zzzzzz{{{zzz{z{{{+
Ansi based on Memory/File Scan (2.exe.bin)
Z[Z[WWZZWWZZZXXZZZZWZXZZ[X[[[ZZWZZZZZWZZXWWZXZWZWZZZZZZZZZ[ZW[ZZ[ZZ[ZWWZ[[ZZWZZZZ[[WZZZZZA
Ansi based on Memory/File Scan (2.exe.bin)
zz{{zz|{zzzzzz|}zzzzzzzzzz{z{|zz{zzz|{}}}}{}}}}{}{}}}}{}}}}{}}}}}}}{}}{}{}}{{}}zz}}}{}}}},
Ansi based on Memory/File Scan (2.exe.bin)
{09477111-DE61-43CD-A5AA-D9F7B489301F}
Unicode based on Runtime Data (2.exe )
{20D04FE0-3AEA-1069-A2D8-08002B30309D}
Unicode based on Runtime Data (2.exe )
{if(!aAx&&LX){if(!window['googleNDT_']){}LX(google.ads.domains.Caf);}aAx=true;};DY.body.appendChild(DE);return{azj:function(n$){if(aAx)n$(google.ads.domains.Caf);elseLX=n$;},bq:function(){if(!aAx){DY.body.removeChild(DE);}}};})();g_pd=(function(){varazu=window.location,nw={},bH,azs=azu.search.substring(1),aAp,aAr;if(!azs)return nw;aAp=azs.split("&");for(bH=0;bH<aAp.length;bH++){aAr=aAp[bH].split('=');nw[aAr[0]]=aAr[1]?aAr[1]:"";}return nw;})();g_pc=(function(){var $is_ABP_whitelisted=null;var $Image1=new Image;var $Image2=new Image;var $error1=false;var $error2=false;var $remaining=2;var $random=Math.random()*11;function $imageLoaded(){$remaining--;if($remaining===0)$is_ABP_whitelisted=!$error1&&$error2;}$Image1.onload=$Image2.onload=$imageLoaded;$Image1.onerror=function(){$error1=true;$imageLoaded();};$Image2.onerror=function(){$error2=true;$imageLoaded();};$Image1.src='/px.gif?ch=1&rn='+$random;$Image2.src='/px.gif?ch=2&rn='+$random;return{azl:function(){return'&abp='+($is_ABP_whitelisted?'1':'0');},$isWhitelisted:function(){return $is_ABP_whitelisted;},$onReady:function($callback){function $poll(){if($is_ABP_whitelisted===null)setTimeout($poll,100);else $callback();}$poll();}}})();(function(){var aAj=screen,RC=window,azu=RC.location,aAw=top.location,DY=document,Sp=DY.body||DY.getElementsByTagName('body')[0],aAu=0,aAs=0,aAt=0,$IE=null;if(Sp.className==='ie6')$IE=6;else if(Sp.className==='ie7')$IE=7;else if(Sp.className===
Ansi based on PCAP Processing (network.pcap)
{{{{{{{{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
}}}{{{}}}{{}{{{}}{}}{{}}}{}}}{z}{}}{}{}}}}{}}}}{}{}}}}{}}}}{}}}}}}}{}}{}{}}{{}}zz}}}{}}}},
Ansi based on Memory/File Scan (2.exe.bin)
}}}~}~}~~~~~}~~~~
Ansi based on Memory/File Scan (2.exe.bin)
}~}}~}}~~}~~~~~~~~
Ansi based on Memory/File Scan (2.exe.bin)
�����������������������������������������������������������?����������������������������������
Ansi based on Runtime Data (2.exe )
�����������������������������������������������������������?�������������������������������������
Ansi based on Runtime Data (2.exe )
�����������������������������������������������������������?��������������������������������������
Ansi based on Runtime Data (2.exe )
��������������������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
���������������������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
! 6J[[Lj=
Ansi based on Memory/File Scan (2.exe.bin)
!""""""##$%&'())))))**+,-./FFFFFFFF001234566678789:;<=;<=FFF>?@ABCD
Ansi based on Memory/File Scan (2.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan (2.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
Ansi based on Memory/File Scan (2.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan (2.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
Ansi based on Memory/File Scan (2.exe.bin)
!This program cannot be run in DOS mode.$
Ansi based on Memory/File Scan (2.exe.bin)
"' 6Hx)
Ansi based on Memory/File Scan (2.exe.bin)
"'/5H[DPY
Ansi based on Memory/File Scan (2.exe.bin)
"1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity type="win32" processorArchitecture="*" version="1.0.0.0" name="Windows"/><description>Windows</description> Identify the application security requirements. --><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges><requestedExecutionLevellevel="asInvoker"uiAccess="false"/></requestedPrivileges></security></trustInfo> Identify the application dependencies. --><dependency><dependentAssembly><assemblyIdentitytype="win32"name="Microsoft.Windows.Common-Controls"version="6.0.0.0"language="*"processorArchitecture="*"publicKeyToken="6595b64144ccf1df"/></dependentAssembly></dependency></assembly>
Ansi based on Memory/File Scan (2.exe.bin)
#comments-end
Unicode based on Memory/File Scan (2.exe.bin)
#comments-start
Unicode based on Memory/File Scan (2.exe.bin)
#include
Unicode based on Hybrid Analysis (2.exe.bin)
#include depth exceeded. Make sure there are no recursive includes
Unicode based on Memory/File Scan (2.exe.bin)
#include-once
Unicode based on Memory/File Scan (2.exe.bin)
#notrayicon
Unicode based on Memory/File Scan (2.exe.bin)
#requireadmin
Unicode based on Memory/File Scan (2.exe.bin)
#z A D W(kk
Ansi based on Memory/File Scan (2.exe.bin)
$Id: qmath.h,v 1.1 2004/01/15 19:50:35 jonbennett Exp $
Ansi based on Memory/File Scan (2.exe.bin)
%4d%02d%02d%02d%02d%02d
Unicode based on Memory/File Scan (2.exe.bin)
%d/%02d/%02d
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s.: %s %s
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s:
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s: %s %s
Unicode based on Memory/File Scan (2.exe.bin)
%s (%d) : ==> %s:%s%s
Unicode based on Memory/File Scan (2.exe.bin)
%u.%u.%u.%u
Unicode based on Memory/File Scan (2.exe.bin)
((((( H
Unicode based on Memory/File Scan (2.exe.bin)
(*VERB) not recognized
Ansi based on Memory/File Scan (2.exe.bin)
(*VERB) with an argument is not supported
Ansi based on Memory/File Scan (2.exe.bin)
(?R or (?[+-]digits must be followed by )
Ansi based on Memory/File Scan (2.exe.bin)
(Paused)
Unicode based on Memory/File Scan (2.exe.bin)
) : ==> %s: %s %s
Unicode based on Memory/File Scan (2.exe.bin)
*.au3;*.a3x
Unicode based on Memory/File Scan (2.exe.bin)
*Unable to get a list of running processes.*Missing separator character after keyword.
Unicode based on Memory/File Scan (2.exe.bin)
+L$Lf+Ntf
Ansi based on Memory/File Scan (2.exe.bin)
+t$(;t$,s
Ansi based on Memory/File Scan (2.exe.bin)
-----
Unicode based on Hybrid Analysis (2.exe.bin)
.00.2900.2180
Unicode based on Memory/File Scan (2.exe.bin)
.2180 (xpsp_sp2_rtm.040803-2158)
Unicode based on Memory/File Scan (2.exe.bin)
.: %s %s
Unicode based on Memory/File Scan (2.exe.bin)
.?AVbad_alloc@std@@
Ansi based on Memory/File Scan (2.exe.bin)
.?AVexception@std@@
Ansi based on Memory/File Scan (2.exe.bin)
.?AVtype_info@@
Ansi based on Memory/File Scan (2.exe.bin)
.data
Ansi based on Memory/File Scan (2.exe.bin)
.rsrc
Ansi based on Memory/File Scan (2.exe.bin)
.text
Ansi based on Memory/File Scan (2.exe.bin)
/AutoIt3ExecuteLine
Unicode based on Memory/File Scan (2.exe.bin)
/AutoIt3ExecuteScript
Unicode based on Memory/File Scan (2.exe.bin)
/AutoIt3OutputDebug
Unicode based on Memory/File Scan (2.exe.bin)
/ErrorStdOut
Unicode based on Memory/File Scan (2.exe.bin)
0.0.0.0
Unicode based on Hybrid Analysis (2.exe.bin)
0123456789ABCDEF
Unicode based on Memory/File Scan (2.exe.bin)
04090000
Unicode based on Hybrid Analysis (2.exe.bin)
0?{{{{{{{{{{{{{{{{{{{{{{0?
Ansi based on Memory/File Scan (2.exe.bin)
1#IND
Ansi based on Hybrid Analysis (2.exe.bin)
1#INF
Ansi based on Hybrid Analysis (2.exe.bin)
1#QNAN
Ansi based on Hybrid Analysis (2.exe.bin)
1#SNAN
Ansi based on Hybrid Analysis (2.exe.bin)
1111111(o
Ansi based on Memory/File Scan (2.exe.bin)
2((((((((((((((((((((((((((
Ansi based on Memory/File Scan (2.exe.bin)
3, 3, 0, 0
Unicode based on Memory/File Scan (2.exe.bin)
33$?m[
Ansi based on Memory/File Scan (2.exe.bin)
3333333330
Ansi based on Memory/File Scan (2.exe.bin)
33333333333333
Ansi based on Memory/File Scan (2.exe.bin)
333333333333330
Ansi based on Memory/File Scan (2.exe.bin)
333333333333333
Ansi based on Memory/File Scan (2.exe.bin)
333333333333333333333333333333333333333333333333333333333333333333333
Ansi based on Memory/File Scan (2.exe.bin)
44444
Ansi based on Memory/File Scan (2.exe.bin)
4444444
Ansi based on Memory/File Scan (2.exe.bin)
444444444
Ansi based on Memory/File Scan (2.exe.bin)
4444444444444444444444444444444444444444444444444444444444444444
Ansi based on Memory/File Scan (2.exe.bin)
444444444444444444444444444444444444444444444444444444444444444444
Ansi based on Memory/File Scan (2.exe.bin)
444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444
Ansi based on Memory/File Scan (2.exe.bin)
444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444
Ansi based on Memory/File Scan (2.exe.bin)
555555555555555555555555555555555555555555555555555555555555555555555555555555555555555555
Ansi based on Memory/File Scan (2.exe.bin)
6.00.2900.2180
Unicode based on Memory/File Scan (2.exe.bin)
6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Unicode based on Memory/File Scan (2.exe.bin)
733333333333333333333330?
Ansi based on Memory/File Scan (2.exe.bin)
7lllll
Ansi based on Memory/File Scan (2.exe.bin)
9D$<t9D$@
Ansi based on Memory/File Scan (2.exe.bin)
9} tL9}$uB9}(uB3
Ansi based on Memory/File Scan (2.exe.bin)
: ==> %s:%s%s
Unicode based on Memory/File Scan (2.exe.bin)
;D$$|};D$,
Ansi based on Memory/File Scan (2.exe.bin)
<+t(<-t$:
Ansi based on Memory/File Scan (2.exe.bin)
<<<<<<<<<<<<<<<<<<<<<<<<<<u9l
Ansi based on Memory/File Scan (2.exe.bin)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity type="win32" processorArchitecture="*" version="1.0.0.0" name="Windows"/><description>Windows</description> Identify the application security requirements. --><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges><requestedExecutionLevellevel="asInvoker"uiAccess="false"/></requestedPrivileges></security></trustInfo> Identify the application dependencies. --><dependency><dependentAssembly><assemblyIdentitytype="win32"name="Microsoft.Windows.Common-Controls"version="6.0.0.0"language="*"processorArchitecture="*"publicKeyToken="6595b64144ccf1df"/></dependentAssembly></dependency></assembly>
Ansi based on Memory/File Scan (2.exe.bin)
<local>
Unicode based on Hybrid Analysis (2.exe.bin)
<program name unknown>
Ansi based on Memory/File Scan (2.exe.bin)
>>>AUTOIT SCRIPT<<<
Unicode based on Memory/File Scan (2.exe.bin)
>wP-trc=AU
Ansi based on Memory/File Scan (2.exe.bin)
??????????????????????????????????????????????????????????????????????????????????????????
Ansi based on Memory/File Scan (2.exe.bin)
?{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
?{{{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
?{{{{{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
@COM_EVENTOBJ
Unicode based on Memory/File Scan (2.exe.bin)
@EXITCODE
Unicode based on Memory/File Scan (2.exe.bin)
@EXITMETHOD
Unicode based on Memory/File Scan (2.exe.bin)
@GUI_CTRLHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
@GUI_CTRLID
Unicode based on Memory/File Scan (2.exe.bin)
@GUI_DRAGFILE
Unicode based on Memory/File Scan (2.exe.bin)
@GUI_DRAGID
Unicode based on Hybrid Analysis (2.exe.bin)
@GUI_DROPID
Unicode based on Memory/File Scan (2.exe.bin)
@GUI_WINHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
@TRAY_ID
Unicode based on Hybrid Analysis (2.exe.bin)
[[[[[[
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[[[
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[[[[
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[[[[7
Ansi based on Memory/File Scan (2.exe.bin)
[[[[[jxzW
Ansi based on Memory/File Scan (2.exe.bin)
[[^[^[^[[]^[^[[[[[[[[[^^[[[[^^[[[[[^^[[[^^[[[[[[[^]^[[[[^[[^^[[[^ZZ[[^[[[^^^^[[ZZ[[][[[[^-
Ansi based on Memory/File Scan (2.exe.bin)
[ACTIVE
Unicode based on Hybrid Analysis (2.exe.bin)
[c*(((((((((((((((((wl
Ansi based on Memory/File Scan (2.exe.bin)
[CLASS:
Unicode based on Hybrid Analysis (2.exe.bin)
[fPFMlllll
Ansi based on Memory/File Scan (2.exe.bin)
[f}tttttttttt
Ansi based on Memory/File Scan (2.exe.bin)
[HANDLE:
Unicode based on Hybrid Analysis (2.exe.bin)
[i)<<<<<<<<<<<<<<:nK_l
Ansi based on Memory/File Scan (2.exe.bin)
[i>wTTTTTTTTwpN
Ansi based on Memory/File Scan (2.exe.bin)
[i}<<<<<<<<<<<<<<<<<wl
Ansi based on Memory/File Scan (2.exe.bin)
[LAST
Unicode based on Hybrid Analysis (2.exe.bin)
[o$(111111111((#
Ansi based on Memory/File Scan (2.exe.bin)
[o2T<<<<<<<11<t9Ll
Ansi based on Memory/File Scan (2.exe.bin)
[o>wSSTTTw:nLglll
Ansi based on Memory/File Scan (2.exe.bin)
[q~b[Fllll
Ansi based on Memory/File Scan (2.exe.bin)
[REGEXPTITLE:
Unicode based on Memory/File Scan (2.exe.bin)
\ at end of pattern
Ansi based on Memory/File Scan (2.exe.bin)
\??\%s
Unicode based on Hybrid Analysis (2.exe.bin)
\c at end of pattern
Ansi based on Memory/File Scan (2.exe.bin)
\C not allowed in lookbehind assertion
Ansi based on Memory/File Scan (2.exe.bin)
\CLSID
Unicode based on Hybrid Analysis (2.exe.bin)
\g is not followed by a braced, angle-bracketed, or quoted name/number or by a plain number
Ansi based on Memory/File Scan (2.exe.bin)
\IPC$
Unicode based on Hybrid Analysis (2.exe.bin)
\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Unicode based on Memory/File Scan (2.exe.bin)
\TypeLib
Unicode based on Hybrid Analysis (2.exe.bin)
\VarFileInfo\Translation
Unicode based on Memory/File Scan (2.exe.bin)
] is an invalid data character in JavaScript compatibility mode
Ansi based on Memory/File Scan (2.exe.bin)
^ ERROR
Unicode based on Hybrid Analysis (2.exe.bin)
^_^\^_\^[__^^_^^__^^^^___^__^\_\\_^^^^\^^_[__^^__^_^__^^\[^^_^_^^_^\_^_^^\^\^[^[[__^\^^^\-
Ansi based on Memory/File Scan (2.exe.bin)
__based(
Ansi based on Memory/File Scan (2.exe.bin)
__cdecl
Ansi based on Memory/File Scan (2.exe.bin)
__clrcall
Ansi based on Memory/File Scan (2.exe.bin)
__fastcall
Ansi based on Memory/File Scan (2.exe.bin)
__pascal
Ansi based on Memory/File Scan (2.exe.bin)
__ptr64
Ansi based on Memory/File Scan (2.exe.bin)
__restrict
Ansi based on Memory/File Scan (2.exe.bin)
__stdcall
Ansi based on Memory/File Scan (2.exe.bin)
__thiscall
Ansi based on Memory/File Scan (2.exe.bin)
__unaligned
Ansi based on Memory/File Scan (2.exe.bin)
_CTRLID
Unicode based on Memory/File Scan (2.exe.bin)
_ENABLE
Unicode based on Memory/File Scan (2.exe.bin)
_glllll
Ansi based on Memory/File Scan (2.exe.bin)
_LOCK
Unicode based on Memory/File Scan (2.exe.bin)
_MINIMIZE
Unicode based on Memory/File Scan (2.exe.bin)
_NewEnum
Unicode based on Hybrid Analysis (2.exe.bin)
_nextafter
Ansi based on Memory/File Scan (2.exe.bin)
_USER
Unicode based on Memory/File Scan (2.exe.bin)
`.rdata
Ansi based on Memory/File Scan (2.exe.bin)
`copy constructor closure'
Ansi based on Memory/File Scan (2.exe.bin)
`default constructor closure'
Ansi based on Memory/File Scan (2.exe.bin)
`dynamic atexit destructor for '
Ansi based on Memory/File Scan (2.exe.bin)
`dynamic initializer for '
Ansi based on Memory/File Scan (2.exe.bin)
`eh vector constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`eh vector copy constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`eh vector destructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`eh vector vbase constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`eh vector vbase copy constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`local static guard'
Ansi based on Memory/File Scan (2.exe.bin)
`local static thread guard'
Ansi based on Memory/File Scan (2.exe.bin)
`local vftable constructor closure'
Ansi based on Memory/File Scan (2.exe.bin)
`local vftable'
Ansi based on Memory/File Scan (2.exe.bin)
`managed vector constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`managed vector copy constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`managed vector destructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`omni callsig'
Ansi based on Memory/File Scan (2.exe.bin)
`placement delete closure'
Ansi based on Memory/File Scan (2.exe.bin)
`placement delete[] closure'
Ansi based on Memory/File Scan (2.exe.bin)
`RTTI
Ansi based on Memory/File Scan (2.exe.bin)
`scalar deleting destructor'
Ansi based on Memory/File Scan (2.exe.bin)
`string'
Ansi based on Memory/File Scan (2.exe.bin)
`typeof'
Ansi based on Memory/File Scan (2.exe.bin)
`udt returning'
Ansi based on Memory/File Scan (2.exe.bin)
`vbase destructor'
Ansi based on Memory/File Scan (2.exe.bin)
`vbtable'
Ansi based on Memory/File Scan (2.exe.bin)
`vcall'
Ansi based on Memory/File Scan (2.exe.bin)
`vector constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`vector copy constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`vector deleting destructor'
Ansi based on Memory/File Scan (2.exe.bin)
`vector destructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`vector vbase constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`vector vbase copy constructor iterator'
Ansi based on Memory/File Scan (2.exe.bin)
`vftable'
Ansi based on Memory/File Scan (2.exe.bin)
`virtual displacement map'
Ansi based on Memory/File Scan (2.exe.bin)
a numbered reference must not be zero
Ansi based on Memory/File Scan (2.exe.bin)
A><<<<<<<<<<<<<<<<<<<<<<<<<<
Ansi based on Memory/File Scan (2.exe.bin)
aAeEiIoOuUyYnN
Ansi based on Memory/File Scan (2.exe.bin)
abbbbbbbababbabebababbbbbbbbbbbbbbbbbabaaababbabbbbbbaabbabbaabbabbdbabbbaaabbabbabababbb.
Ansi based on Memory/File Scan (2.exe.bin)
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ansi based on Memory/File Scan (2.exe.bin)
abcdefghijklmnopqrstuvwxyz
Ansi based on Memory/File Scan (2.exe.bin)
abort
Unicode based on Memory/File Scan (2.exe.bin)
ACCEPT
Ansi based on Memory/File Scan (2.exe.bin)
ACTIVE
Unicode based on Hybrid Analysis (2.exe.bin)
AddAce
Ansi based on Memory/File Scan (2.exe.bin)
ADDSTRING
Unicode based on Memory/File Scan (2.exe.bin)
AdjustTokenPrivileges
Ansi based on Memory/File Scan (2.exe.bin)
AdjustWindowRectEx
Ansi based on Memory/File Scan (2.exe.bin)
ADLIBDISABLE
Unicode based on Memory/File Scan (2.exe.bin)
ADLIBENABLE
Unicode based on Memory/File Scan (2.exe.bin)
admin
Unicode based on Memory/File Scan (2.exe.bin)
ADVAPI32.dll
Ansi based on Memory/File Scan (2.exe.bin)
alias PlayMe
Unicode based on Memory/File Scan (2.exe.bin)
align
Unicode based on Hybrid Analysis (2.exe.bin)
All files (*.*)
Unicode based on Memory/File Scan (2.exe.bin)
ALLBACKREGISTER
Unicode based on Memory/File Scan (2.exe.bin)
alnum
Ansi based on Memory/File Scan (2.exe.bin)
alpha
Ansi based on Hybrid Analysis (2.exe.bin)
ALTDOWN
Ansi based on Memory/File Scan (2.exe.bin)
ALTUP
Ansi based on Memory/File Scan (2.exe.bin)
ANDLE:
Unicode based on Memory/File Scan (2.exe.bin)
AngleArc
Ansi based on Memory/File Scan (2.exe.bin)
ANYCRLF)
Ansi based on Hybrid Analysis (2.exe.bin)
AppData
Unicode based on Hybrid Analysis (2.exe.bin)
APPDATACOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
APPDATADIR
Unicode based on Memory/File Scan (2.exe.bin)
APPSKEY
Ansi based on Memory/File Scan (2.exe.bin)
April
Ansi based on Memory/File Scan (2.exe.bin)
Arabic
Ansi based on Memory/File Scan (2.exe.bin)
Armenian
Ansi based on Memory/File Scan (2.exe.bin)
Array maximum size exceeded.+"Func" statement has no matching "EndFunc".
Unicode based on Memory/File Scan (2.exe.bin)
arse #include
Unicode based on Memory/File Scan (2.exe.bin)
ASC 0%d
Ansi based on Hybrid Analysis (2.exe.bin)
ascii
Ansi based on Memory/File Scan (2.exe.bin)
Assert Failed!
Unicode based on Memory/File Scan (2.exe.bin)
assertion expected after (?(
Ansi based on Memory/File Scan (2.exe.bin)
ASSIGN
Unicode based on Hybrid Analysis (2.exe.bin)
AssignPrimaryTokenPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
ATEBUTTON
Unicode based on Memory/File Scan (2.exe.bin)
ATETAB
Unicode based on Memory/File Scan (2.exe.bin)
ateTimePick32
Unicode based on Memory/File Scan (2.exe.bin)
AttachThreadInput
Ansi based on Memory/File Scan (2.exe.bin)
AU3_FreeVar
Ansi based on Memory/File Scan (2.exe.bin)
AU3_GetPluginDetails
Ansi based on Memory/File Scan (2.exe.bin)
August
Ansi based on Memory/File Scan (2.exe.bin)
AutoIt Error
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt has detected the stack has become corrupt.Stack corruption typically occurs when either the wrong calling convention is used or when the function is called with the wrong number of arguments.AutoIt supports the __stdcall (WINAPI) and __cdecl calling conventions. The __stdcall (WINAPI) convention is used by default but __cdecl can be used instead. See the DllCall() documentation for details on changing the calling convention.
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt Input Box
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt script files (*.au3, *.a3x)
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt v3
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt v3 GUI
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt.Error
Unicode based on Memory/File Scan (2.exe.bin)
AutoIt3GUI
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITCALLVARIABLE%d
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITEXE
Unicode based on Memory/File Scan (2.exe.bin)
AutoItExit'S
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITPID
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITSETOPTION
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITUNICODE
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITVERSION
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITWINGETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITWINSETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
AUTOITX64
Unicode based on Memory/File Scan (2.exe.bin)
AYITEMDELETE
Unicode based on Memory/File Scan (2.exe.bin)
AYSETPAUSEICON
Unicode based on Memory/File Scan (2.exe.bin)
ba_`__aa_____aaaab__a_aa``ab__a__a___b__a____`___a__a______a_a_b_a__a__`_aa`a__aa_abaa``a.
Ansi based on Memory/File Scan (2.exe.bin)
BACKSPACE
Ansi based on Memory/File Scan (2.exe.bin)
bad allocation
Ansi based on Memory/File Scan (2.exe.bin)
Badly formated Enum statement!Badly formated variable or macro.3This keyword cannot be used after a "Then" keyword.>"Select" statement is missing "EndSelect" or "Case" statement.+"If" statements must have a "Then" keyword. Badly formated Struct statement."Cannot assign values to constants..Cannot make existing variables into constants.9Only Object-type variables allowed in a "With" statement.v"long_ptr", "int_ptr" and "short_ptr" DllCall() types have been deprecated. Use "long*", "int*" and "short*" instead.-Object referenced outside a "With" statement.)Nested "With" statements are not allowed."Variable must be of type "Object".1The requested action with this object has failed.8Variable appears more than once in function declaration.2ReDim array can not be initialized in this manner.1An array variable can not be used in this manner.
Unicode based on Memory/File Scan (2.exe.bin)
Balinese
Ansi based on Memory/File Scan (2.exe.bin)
BARGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
Base Class Array'
Ansi based on Memory/File Scan (2.exe.bin)
Base Class Descriptor at (
Ansi based on Memory/File Scan (2.exe.bin)
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB6
Ansi based on Memory/File Scan (2.exe.bin)
BeginPaint
Ansi based on Memory/File Scan (2.exe.bin)
BeginPath
Ansi based on Memory/File Scan (2.exe.bin)
Bengali
Ansi based on Memory/File Scan (2.exe.bin)
BINARY
Unicode based on Hybrid Analysis (2.exe.bin)
BINARYLEN
Unicode based on Memory/File Scan (2.exe.bin)
BINARYMID
Unicode based on Memory/File Scan (2.exe.bin)
BINARYTOSTRING
Unicode based on Memory/File Scan (2.exe.bin)
BITAND
Unicode based on Hybrid Analysis (2.exe.bin)
BitBlt
Ansi based on Memory/File Scan (2.exe.bin)
BITNOT
Unicode based on Hybrid Analysis (2.exe.bin)
BITOR
Unicode based on Hybrid Analysis (2.exe.bin)
BITROTATE
Unicode based on Memory/File Scan (2.exe.bin)
BITSHIFT
Unicode based on Hybrid Analysis (2.exe.bin)
BITXOR
Unicode based on Hybrid Analysis (2.exe.bin)
blank
Unicode based on Hybrid Analysis (2.exe.bin)
BLOCKINPUT
Unicode based on Memory/File Scan (2.exe.bin)
BlockInput
Ansi based on Memory/File Scan (2.exe.bin)
Bopomofo
Ansi based on Memory/File Scan (2.exe.bin)
Braille
Ansi based on Memory/File Scan (2.exe.bin)
BREAK
Unicode based on Hybrid Analysis (2.exe.bin)
BROWSER_BACK
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_FAVORTIES
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_FORWARD
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_HOME
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_REFRESH
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_SEARCH
Ansi based on Memory/File Scan (2.exe.bin)
BROWSER_STOP
Ansi based on Memory/File Scan (2.exe.bin)
BSR_ANYCRLF)
Ansi based on Memory/File Scan (2.exe.bin)
BSR_UNICODE)
Ansi based on Memory/File Scan (2.exe.bin)
Buginese
Ansi based on Memory/File Scan (2.exe.bin)
Buhid
Ansi based on Memory/File Scan (2.exe.bin)
button
Unicode based on Hybrid Analysis (2.exe.bin)
BUTTON
Unicode based on Hybrid Analysis (2.exe.bin)
BYREF
Unicode based on Memory/File Scan (2.exe.bin)
CALLARGARRAY
Unicode based on Memory/File Scan (2.exe.bin)
Can not redeclare a constant.5Can not redeclare a parameter inside a user function.HCan pass constants by reference only to parameters with "Const" keyword.*Can not initialize a variable with itself.$Incorrect way to use this parameter.:"EndSwitch" statement with no matching "Switch" statement.>"Switch" statement is missing "EndSwitch" or "Case" statement.H"ContinueCase" statement with no matching "Select"or "Switch" statement.
Unicode based on Memory/File Scan (2.exe.bin)
Can't install a new Errorhandler when one is still active.
Unicode based on Memory/File Scan (2.exe.bin)
Canadian_Aboriginal
Ansi based on Memory/File Scan (2.exe.bin)
Cancel
Unicode based on Memory/File Scan (2.exe.bin)
Cannot parse #include
Unicode based on Memory/File Scan (2.exe.bin)
CAPSLOCK
Ansi based on Memory/File Scan (2.exe.bin)
CaretCoordMode
Unicode based on Memory/File Scan (2.exe.bin)
Carian
Ansi based on Memory/File Scan (2.exe.bin)
CCEPT
Unicode based on Memory/File Scan (2.exe.bin)
cd wait
Unicode based on Memory/File Scan (2.exe.bin)
cdecl
Unicode based on Hybrid Analysis (2.exe.bin)
cdrom
Unicode based on Hybrid Analysis (2.exe.bin)
CDROM
Unicode based on Hybrid Analysis (2.exe.bin)
CDTRAY
Unicode based on Hybrid Analysis (2.exe.bin)
CEILING
Unicode based on Hybrid Analysis (2.exe.bin)
character value in \x{...} sequence is too large
Ansi based on Memory/File Scan (2.exe.bin)
CharLowerBuffW
Ansi based on Memory/File Scan (2.exe.bin)
CharNextW
Ansi based on Memory/File Scan (2.exe.bin)
CharUpperBuffW
Ansi based on Memory/File Scan (2.exe.bin)
CharUpperW
Ansi based on Memory/File Scan (2.exe.bin)
CHECK
Unicode based on Hybrid Analysis (2.exe.bin)
CheckMenuRadioItem
Ansi based on Memory/File Scan (2.exe.bin)
Cherokee
Ansi based on Memory/File Scan (2.exe.bin)
ckMode
Unicode based on Memory/File Scan (2.exe.bin)
CLASS
Unicode based on Hybrid Analysis (2.exe.bin)
Class Hierarchy Descriptor'
Ansi based on Memory/File Scan (2.exe.bin)
CLASSNAME=
Unicode based on Memory/File Scan (2.exe.bin)
CLASSNN
Unicode based on Hybrid Analysis (2.exe.bin)
CLEAR
Unicode based on Memory/File Scan (2.exe.bin)
ClientToScreen
Ansi based on Memory/File Scan (2.exe.bin)
CLIPGET
Unicode based on Hybrid Analysis (2.exe.bin)
CLIPPUT
Unicode based on Hybrid Analysis (2.exe.bin)
close
Unicode based on Hybrid Analysis (2.exe.bin)
close all
Unicode based on Memory/File Scan (2.exe.bin)
close cd wait
Unicode based on Memory/File Scan (2.exe.bin)
close PlayMe
Unicode based on Memory/File Scan (2.exe.bin)
CloseClipboard
Ansi based on Memory/File Scan (2.exe.bin)
closed
Unicode based on Hybrid Analysis (2.exe.bin)
CloseDesktop
Ansi based on Memory/File Scan (2.exe.bin)
CloseFigure
Ansi based on Memory/File Scan (2.exe.bin)
CloseHandle
Ansi based on Memory/File Scan (2.exe.bin)
CloseServiceHandle
Ansi based on Memory/File Scan (2.exe.bin)
CloseWindowStation
Ansi based on Memory/File Scan (2.exe.bin)
closing ) for (?C expected
Ansi based on Memory/File Scan (2.exe.bin)
CLSID\
Unicode based on Hybrid Analysis (2.exe.bin)
CLSIDFromProgID
Ansi based on Memory/File Scan (2.exe.bin)
CLSIDFromString
Ansi based on Memory/File Scan (2.exe.bin)
CMDLINE
Unicode based on Hybrid Analysis (2.exe.bin)
CMDLINERAW
Unicode based on Memory/File Scan (2.exe.bin)
cntrl
Ansi based on Memory/File Scan (2.exe.bin)
CoCreateInstance
Ansi based on Memory/File Scan (2.exe.bin)
CoCreateInstanceEx
Ansi based on Memory/File Scan (2.exe.bin)
CoInitialize
Ansi based on Memory/File Scan (2.exe.bin)
CoInitializeSecurity
Ansi based on Memory/File Scan (2.exe.bin)
COLLAPSE
Unicode based on Hybrid Analysis (2.exe.bin)
Combobox
Unicode based on Hybrid Analysis (2.exe.bin)
ComboBox
Unicode based on Hybrid Analysis (2.exe.bin)
COMCTL32.dll
Ansi based on Memory/File Scan (2.exe.bin)
COMDLG32.dll
Ansi based on Memory/File Scan (2.exe.bin)
COMMIT
Ansi based on Memory/File Scan (2.exe.bin)
Common
Ansi based on Memory/File Scan (2.exe.bin)
Common AppData
Unicode based on Memory/File Scan (2.exe.bin)
Common Desktop
Unicode based on Memory/File Scan (2.exe.bin)
Common Documents
Unicode based on Memory/File Scan (2.exe.bin)
Common Favorites
Unicode based on Memory/File Scan (2.exe.bin)
Common Programs
Unicode based on Memory/File Scan (2.exe.bin)
Common Start Menu
Unicode based on Memory/File Scan (2.exe.bin)
Common Startup
Unicode based on Memory/File Scan (2.exe.bin)
COMMONFILESDIR
Unicode based on Memory/File Scan (2.exe.bin)
CommonFilesDir
Unicode based on Memory/File Scan (2.exe.bin)
CompareStringA
Ansi based on Memory/File Scan (2.exe.bin)
CompareStringW
Ansi based on Memory/File Scan (2.exe.bin)
Complete Object Locator'
Ansi based on Memory/File Scan (2.exe.bin)
COMPUTERNAME
Unicode based on Memory/File Scan (2.exe.bin)
COMSPEC
Unicode based on Hybrid Analysis (2.exe.bin)
conditional group contains more than two branches
Ansi based on Memory/File Scan (2.exe.bin)
CONOUT$
Ansi based on Hybrid Analysis (2.exe.bin)
CONSOLEREAD
Unicode based on Memory/File Scan (2.exe.bin)
CONSOLEWRITE
Unicode based on Memory/File Scan (2.exe.bin)
CONSOLEWRITEERROR
Unicode based on Memory/File Scan (2.exe.bin)
CONST
Unicode based on Memory/File Scan (2.exe.bin)
constants.9Only Object-type variables allowed in a "With" statement.v"long_ptr", "int_ptr" and "short_ptr" DllCall() types have been deprecated. Use "long*", "int*" and "short*" instead.-Object referenced outside a "With" statement.)Nested "With" statements are not allowed."Variable must be of type "Object".1The requested action with this object has failed.8Variable appears more than once in function declaration.2ReDim array can not be initialized in this manner.1An array variable can not be used in this m
Unicode based on Memory/File Scan (2.exe.bin)
Container
Unicode based on Memory/File Scan (2.exe.bin)
Context1
Unicode based on Memory/File Scan (2.exe.bin)
CONTINUECASE
Unicode based on Memory/File Scan (2.exe.bin)
CONTINUELOOP
Unicode based on Memory/File Scan (2.exe.bin)
Control Panel\Mouse
Unicode based on Memory/File Scan (2.exe.bin)
Control32
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLCLICK
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLCOMMAND
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLDISABLE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLENABLE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLFOCUS
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETFOCUS
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETPOS
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLHIDE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLLISTVIEW
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLMOVE
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLSEND
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLSETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLSHOW
Unicode based on Memory/File Scan (2.exe.bin)
CONTROLTREEVIEW
Unicode based on Memory/File Scan (2.exe.bin)
Conversion of parameters failed
Unicode based on Memory/File Scan (2.exe.bin)
Coptic
Ansi based on Memory/File Scan (2.exe.bin)
CopyFileW
Ansi based on Memory/File Scan (2.exe.bin)
CopyImage
Ansi based on Memory/File Scan (2.exe.bin)
CopyRect
Ansi based on Memory/File Scan (2.exe.bin)
CopySid
Ansi based on Memory/File Scan (2.exe.bin)
CorExitProcess
Ansi based on Memory/File Scan (2.exe.bin)
CoSetProxyBlanket
Ansi based on Memory/File Scan (2.exe.bin)
CoTaskMemAlloc
Ansi based on Memory/File Scan (2.exe.bin)
CoTaskMemFree
Ansi based on Memory/File Scan (2.exe.bin)
CoUninitialize
Ansi based on Memory/File Scan (2.exe.bin)
CountClipboardFormats
Ansi based on Memory/File Scan (2.exe.bin)
CreateAcceleratorTableW
Ansi based on Memory/File Scan (2.exe.bin)
CreateBindCtx
Ansi based on Memory/File Scan (2.exe.bin)
CreateCompatibleBitmap
Ansi based on Memory/File Scan (2.exe.bin)
CreateCompatibleDC
Ansi based on Memory/File Scan (2.exe.bin)
CreateDCW
Ansi based on Memory/File Scan (2.exe.bin)
CreateDIBSection
Ansi based on Memory/File Scan (2.exe.bin)
CreateDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
CreateEnvironmentBlock
Ansi based on Memory/File Scan (2.exe.bin)
CreateFileA
Ansi based on Memory/File Scan (2.exe.bin)
CreateFileW
Ansi based on Memory/File Scan (2.exe.bin)
CreateFontW
Ansi based on Memory/File Scan (2.exe.bin)
CreateHardLinkW
Ansi based on Memory/File Scan (2.exe.bin)
CreateIconFromResourceEx
Ansi based on Memory/File Scan (2.exe.bin)
CreateMenu
Ansi based on Memory/File Scan (2.exe.bin)
CreatePen
Ansi based on Memory/File Scan (2.exe.bin)
CreatePipe
Ansi based on Memory/File Scan (2.exe.bin)
CreatePopupMenu
Ansi based on Memory/File Scan (2.exe.bin)
CreateProcessAsUserW
Ansi based on Memory/File Scan (2.exe.bin)
CreateProcessW
Ansi based on Memory/File Scan (2.exe.bin)
CreateProcessWithLogonW
Ansi based on Memory/File Scan (2.exe.bin)
CreateSolidBrush
Ansi based on Memory/File Scan (2.exe.bin)
CreateStreamOnHGlobal
Ansi based on Memory/File Scan (2.exe.bin)
CreateThread
Ansi based on Memory/File Scan (2.exe.bin)
CreateToolhelp32Snapshot
Ansi based on Memory/File Scan (2.exe.bin)
CreateWindowExW
Ansi based on Memory/File Scan (2.exe.bin)
CRLF)
Ansi based on Hybrid Analysis (2.exe.bin)
CTINVERT
Unicode based on Memory/File Scan (2.exe.bin)
CTIVATE
Unicode based on Memory/File Scan (2.exe.bin)
CTIVE
Unicode based on Memory/File Scan (2.exe.bin)
ctls_Progress32
Unicode based on Memory/File Scan (2.exe.bin)
CTRLDOWN
Ansi based on Memory/File Scan (2.exe.bin)
CTRLUP
Ansi based on Memory/File Scan (2.exe.bin)
Cuneiform
Ansi based on Memory/File Scan (2.exe.bin)
CURRENTTAB
Unicode based on Memory/File Scan (2.exe.bin)
Cypriot
Ansi based on Memory/File Scan (2.exe.bin)
Cyrillic
Ansi based on Memory/File Scan (2.exe.bin)
d (File "%s"):
Unicode based on Memory/File Scan (2.exe.bin)
d characters behind Object assignment !
Unicode based on Memory/File Scan (2.exe.bin)
D$ 9D$,|=_
Ansi based on Memory/File Scan (2.exe.bin)
D$ 9D$,}L
Ansi based on Memory/File Scan (2.exe.bin)
D$ PSAQh`
Ansi based on Memory/File Scan (2.exe.bin)
D$ SSSPh`
Ansi based on Memory/File Scan (2.exe.bin)
D$$t&1D$$
Ansi based on Memory/File Scan (2.exe.bin)
D$$t1D$$
Ansi based on Memory/File Scan (2.exe.bin)
D$,9D$(t>
Ansi based on Memory/File Scan (2.exe.bin)
D$,@tG;|$
Ansi based on Memory/File Scan (2.exe.bin)
D$,@u G;|$
Ansi based on Memory/File Scan (2.exe.bin)
D$4QRPUWV
Ansi based on Memory/File Scan (2.exe.bin)
D$<h8LH
Ansi based on Memory/File Scan (2.exe.bin)
D$@QWRSPV
Ansi based on Memory/File Scan (2.exe.bin)
D$dQWSURh
Ansi based on Memory/File Scan (2.exe.bin)
D%.15g
Unicode based on Memory/File Scan (2.exe.bin)
d%02d%02d%02d%02d%02d
Unicode based on Memory/File Scan (2.exe.bin)
D'OnAutoItExit'S
Unicode based on Memory/File Scan (2.exe.bin)
d0r0,1023
Unicode based on Memory/File Scan (2.exe.bin)
d0r0,3
Unicode based on Hybrid Analysis (2.exe.bin)
d100m0
Unicode based on Hybrid Analysis (2.exe.bin)
d10m0
Unicode based on Hybrid Analysis (2.exe.bin)
d124c
Unicode based on Hybrid Analysis (2.exe.bin)
d1r0,2
Unicode based on Hybrid Analysis (2.exe.bin)
d1r1,2
Unicode based on Hybrid Analysis (2.exe.bin)
d250m0
Unicode based on Hybrid Analysis (2.exe.bin)
D@GUI_DRAGID
Unicode based on Memory/File Scan (2.exe.bin)
DBBEBCEBBBCBBBEDDBBBDCCBBBBCBBCBBDDBCBBBCCCBCBBCBBEDBDEBCCBBCDBCEBCBCBBBBBBDCCDCCBDDDCBBD6
Ansi based on Memory/File Scan (2.exe.bin)
dddd, MMMM dd, yyyy
Ansi based on Memory/File Scan (2.exe.bin)
ddddddddddddd
Ansi based on Memory/File Scan (2.exe.bin)
DDDDl
Ansi based on Memory/File Scan (2.exe.bin)
December
Ansi based on Memory/File Scan (2.exe.bin)
DecodePointer
Ansi based on Memory/File Scan (2.exe.bin)
Default
Unicode based on Hybrid Analysis (2.exe.bin)
default
Unicode based on Hybrid Analysis (2.exe.bin)
DefaultLangCodepage
Unicode based on Memory/File Scan (2.exe.bin)
DefDlgProcW
Ansi based on Memory/File Scan (2.exe.bin)
DEFINE
Ansi based on Hybrid Analysis (2.exe.bin)
DEFINE group contains more than one branch
Ansi based on Memory/File Scan (2.exe.bin)
DefWindowProcW
Ansi based on Memory/File Scan (2.exe.bin)
delete
Ansi based on Memory/File Scan (2.exe.bin)
DELETE
Ansi based on Memory/File Scan (2.exe.bin)
delete[]
Ansi based on Memory/File Scan (2.exe.bin)
DeleteCriticalSection
Ansi based on Memory/File Scan (2.exe.bin)
DeleteDC
Ansi based on Memory/File Scan (2.exe.bin)
DeleteFileW
Ansi based on Memory/File Scan (2.exe.bin)
DeleteMenu
Ansi based on Memory/File Scan (2.exe.bin)
DeleteObject
Ansi based on Memory/File Scan (2.exe.bin)
DELSTRING
Unicode based on Memory/File Scan (2.exe.bin)
DESCRIPTION
Unicode based on Memory/File Scan (2.exe.bin)
DESELECT
Unicode based on Hybrid Analysis (2.exe.bin)
Deseret
Ansi based on Memory/File Scan (2.exe.bin)
Desktop
Unicode based on Hybrid Analysis (2.exe.bin)
DESKTOPCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
DESKTOPDEPTH
Unicode based on Memory/File Scan (2.exe.bin)
DESKTOPDIR
Unicode based on Memory/File Scan (2.exe.bin)
DESKTOPHEIGHT
Unicode based on Memory/File Scan (2.exe.bin)
DESKTOPREFRESH
Unicode based on Memory/File Scan (2.exe.bin)
DESKTOPWIDTH
Unicode based on Memory/File Scan (2.exe.bin)
DestroyAcceleratorTable
Ansi based on Memory/File Scan (2.exe.bin)
DestroyEnvironmentBlock
Ansi based on Memory/File Scan (2.exe.bin)
DestroyIcon
Ansi based on Memory/File Scan (2.exe.bin)
DestroyMenu
Ansi based on Memory/File Scan (2.exe.bin)
DestroyWindow
Ansi based on Memory/File Scan (2.exe.bin)
details
Unicode based on Hybrid Analysis (2.exe.bin)
Devanagari
Ansi based on Memory/File Scan (2.exe.bin)
DeviceIoControl
Ansi based on Memory/File Scan (2.exe.bin)
DialogBoxParamW
Ansi based on Memory/File Scan (2.exe.bin)
digit
Ansi based on Memory/File Scan (2.exe.bin)
digit expected after (?+
Ansi based on Memory/File Scan (2.exe.bin)
diouxXeEfgGs
Unicode based on Memory/File Scan (2.exe.bin)
DIRCOPY
Unicode based on Hybrid Analysis (2.exe.bin)
DIRCREATE
Unicode based on Memory/File Scan (2.exe.bin)
DIRGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
DIRMOVE
Unicode based on Hybrid Analysis (2.exe.bin)
DIRREMOVE
Unicode based on Memory/File Scan (2.exe.bin)
DispatchMessageW
Ansi based on Memory/File Scan (2.exe.bin)
DISPLAY
Unicode based on Hybrid Analysis (2.exe.bin)
DLLCALL
Unicode based on Hybrid Analysis (2.exe.bin)
DLLCALLBACKFREE
Unicode based on Memory/File Scan (2.exe.bin)
DLLCALLBACKGETPTR
Unicode based on Memory/File Scan (2.exe.bin)
DLLCALLBACKREGISTER
Unicode based on Memory/File Scan (2.exe.bin)
DLLCLOSE
Unicode based on Hybrid Analysis (2.exe.bin)
DLLERROR
Unicode based on Memory/File Scan (2.exe.bin)
DLLOPEN
Unicode based on Hybrid Analysis (2.exe.bin)
DLLStruct
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTCREATE
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTGETDATA
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTGETPTR
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
DLLSTRUCTSETDATA
Unicode based on Memory/File Scan (2.exe.bin)
DOCUMENTSCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
DOMAIN error
Ansi based on Memory/File Scan (2.exe.bin)
double
Unicode based on Memory/File Scan (2.exe.bin)
DPLAY
Unicode based on Memory/File Scan (2.exe.bin)
DragFinish
Ansi based on Memory/File Scan (2.exe.bin)
DragQueryFileW
Ansi based on Memory/File Scan (2.exe.bin)
DragQueryPoint
Ansi based on Memory/File Scan (2.exe.bin)
DrawFocusRect
Ansi based on Memory/File Scan (2.exe.bin)
DrawFrameControl
Ansi based on Memory/File Scan (2.exe.bin)
DrawMenuBar
Ansi based on Memory/File Scan (2.exe.bin)
DrawTextW
Ansi based on Memory/File Scan (2.exe.bin)
DRIVEGETDRIVE
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETFILESYSTEM
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETLABEL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETSERIAL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEGETTYPE
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEMAPADD
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEMAPDEL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVEMAPGET
Unicode based on Memory/File Scan (2.exe.bin)
DRIVESETLABEL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVESPACEFREE
Unicode based on Memory/File Scan (2.exe.bin)
DRIVESPACETOTAL
Unicode based on Memory/File Scan (2.exe.bin)
DRIVESTATUS
Unicode based on Memory/File Scan (2.exe.bin)
DSeAssignPrimaryTokenPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
DSETWAVEVOLUME
Unicode based on Memory/File Scan (2.exe.bin)
DSTRING
Unicode based on Memory/File Scan (2.exe.bin)
DUMMYSPEEDTEST
Unicode based on Memory/File Scan (2.exe.bin)
Duplicate function name.
Unicode based on Memory/File Scan (2.exe.bin)
DuplicateHandle
Ansi based on Memory/File Scan (2.exe.bin)
DWITH
Unicode based on Memory/File Scan (2.exe.bin)
dword
Unicode based on Memory/File Scan (2.exe.bin)
e mode
Unicode based on Memory/File Scan (2.exe.bin)
e PlayMe
Unicode based on Memory/File Scan (2.exe.bin)
e+000
Ansi based on Hybrid Analysis (2.exe.bin)
earchChildren
Unicode based on Memory/File Scan (2.exe.bin)
EATEITEM
Unicode based on Memory/File Scan (2.exe.bin)
EATEMENU
Unicode based on Memory/File Scan (2.exe.bin)
EATENTFSLINK
Unicode based on Memory/File Scan (2.exe.bin)
ECKED
Unicode based on Memory/File Scan (2.exe.bin)
ECOMBO
Unicode based on Memory/File Scan (2.exe.bin)
ect type
Unicode based on Memory/File Scan (2.exe.bin)
ECTED
Unicode based on Memory/File Scan (2.exe.bin)
ecuteScript
Unicode based on Memory/File Scan (2.exe.bin)
EDITPASTE
Unicode based on Memory/File Scan (2.exe.bin)
eeebeccbefbefefeffbbbeffeecbfbeeeebefebebefbceefeceefefffffbfebeebeeebebfeebfecbbbeeecffc/
Ansi based on Memory/File Scan (2.exe.bin)
EEECEEEEEBCCBCBEBEBECCBEEBCCEDECEEEDDBCDBECBEECECCECEEEBEDDBCEEBBDEEEEBBECCEDEEEEDBCECBBC6
Ansi based on Memory/File Scan (2.exe.bin)
EEEEEEEEEEEEEEEEEEEEECDEEEEEDEECECEEEDEEEEEEEDECEDEEEEEEEECECEEECEEEBEEEECEBECCEEEEEEEEEE7
Ansi based on Memory/File Scan (2.exe.bin)
EEEEEFEGEFFEGFGEEEEEFEGEFHFGGEEEEEGHEFFEFEEFFFEFEEEEHEGFEHEEGEEEFEEEEHEEEEEEFEEEEFGGEFFFE7
Ansi based on Memory/File Scan (2.exe.bin)
EGEXPTITLE:
Unicode based on Memory/File Scan (2.exe.bin)
ELECT
Unicode based on Memory/File Scan (2.exe.bin)
ELETE
Unicode based on Memory/File Scan (2.exe.bin)
Ellipse
Ansi based on Memory/File Scan (2.exe.bin)
EMENUITEM
Unicode based on Memory/File Scan (2.exe.bin)
EMGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
EMOVE
Unicode based on Memory/File Scan (2.exe.bin)
EmptyClipboard
Ansi based on Memory/File Scan (2.exe.bin)
EMSETONEVENT
Unicode based on Memory/File Scan (2.exe.bin)
EnableWindow
Ansi based on Memory/File Scan (2.exe.bin)
EncodePointer
Ansi based on Memory/File Scan (2.exe.bin)
EndDialog
Ansi based on Memory/File Scan (2.exe.bin)
EndPaint
Ansi based on Memory/File Scan (2.exe.bin)
EndPath
Ansi based on Memory/File Scan (2.exe.bin)
ENDSELECT
Unicode based on Memory/File Scan (2.exe.bin)
ENDSWITCH
Unicode based on Memory/File Scan (2.exe.bin)
ent Interface from Object.
Unicode based on Memory/File Scan (2.exe.bin)
ENTER
Ansi based on Memory/File Scan (2.exe.bin)
EnterCriticalSection
Ansi based on Memory/File Scan (2.exe.bin)
ENUCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
EnumChildWindows
Ansi based on Memory/File Scan (2.exe.bin)
EnumProcesses
Ansi based on Memory/File Scan (2.exe.bin)
EnumProcessModules
Ansi based on Memory/File Scan (2.exe.bin)
EnumResourceNamesW
Ansi based on Memory/File Scan (2.exe.bin)
EnumThreadWindows
Ansi based on Memory/File Scan (2.exe.bin)
EnumWindows
Ansi based on Memory/File Scan (2.exe.bin)
ENVGET
Unicode based on Hybrid Analysis (2.exe.bin)
Environment
Unicode based on Memory/File Scan (2.exe.bin)
ENVSET
Unicode based on Hybrid Analysis (2.exe.bin)
ENVUPDATE
Unicode based on Memory/File Scan (2.exe.bin)
EPROGRESS
Unicode based on Memory/File Scan (2.exe.bin)
ERNAME
Unicode based on Memory/File Scan (2.exe.bin)
ERPROFILEDIR
Unicode based on Memory/File Scan (2.exe.bin)
erroffset passed as NULL
Ansi based on Memory/File Scan (2.exe.bin)
Error allocating memory.
Unicode based on Memory/File Scan (2.exe.bin)
Error in expression.
Unicode based on Memory/File Scan (2.exe.bin)
Error opening the file
Unicode based on Memory/File Scan (2.exe.bin)
Error parsing function call.0Incorrect number of parameters in function call.'"ReDim" used without an array variable.>Illegal text at the end of statement (one statement per line).1"If" statement has no matching "EndIf" statement.1"Else" statement with no matching "If" statement.2"EndIf" statement with no matching "If" statement.7Too many "Else" statements for matching "If" statement.3"While" statement has no matching "Wend" statement.4"Wend" statement with no matching "While" statement.%Variable used witho
Unicode based on Memory/File Scan (2.exe.bin)
Error parsing function call.0Incorrect number of parameters in function call.'"ReDim" used without an array variable.>Illegal text at the end of statement (one statement per line).1"If" statement has no matching "EndIf" statement.1"Else" statement with no matching "If" statement.2"EndIf" statement with no matching "If" statement.7Too many "Else" statements for matching "If" statement.3"While" statement has no matching "Wend" statement.4"Wend" statement with no matching "While" statement.%Variable used without being declared.XArray variable has incorrect number of subscripts or subscript dimension range exceeded.)Array variable subscript badly formatted.'Subscript used with non-Array variable.&Too many subscripts used for an array.0Missing subscript dimensions in "Dim" statement.NNo variable given for "Dim", "Local", "Global", "Struct" or "Const" statement.0Expected a "=" operator in assignment statement.*Invalid keyword at the start of this line.
Unicode based on Memory/File Scan (2.exe.bin)
Error:
Unicode based on Memory/File Scan (2.exe.bin)
ersion of parameters failed
Unicode based on Memory/File Scan (2.exe.bin)
erver32
Unicode based on Memory/File Scan (2.exe.bin)
ES_ROOT
Unicode based on Memory/File Scan (2.exe.bin)
ESCAPE
Ansi based on Memory/File Scan (2.exe.bin)
ESECTION
Unicode based on Memory/File Scan (2.exe.bin)
ESREAD
Unicode based on Memory/File Scan (2.exe.bin)
ESSEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
ESSSETPRIORITY
Unicode based on Memory/File Scan (2.exe.bin)
ESTATUS
Unicode based on Memory/File Scan (2.exe.bin)
estion
Unicode based on Memory/File Scan (2.exe.bin)
esult
Unicode based on Memory/File Scan (2.exe.bin)
ETACCELERATORS
Unicode based on Memory/File Scan (2.exe.bin)
ETCLIENTSIZE
Unicode based on Memory/File Scan (2.exe.bin)
ETGETACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
Ethiopic
Ansi based on Memory/File Scan (2.exe.bin)
ETHOD
Unicode based on Memory/File Scan (2.exe.bin)
ETPTR
Unicode based on Memory/File Scan (2.exe.bin)
ETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
ETSTATS
Unicode based on Memory/File Scan (2.exe.bin)
ETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
ETTRANS
Unicode based on Memory/File Scan (2.exe.bin)
eVars
Unicode based on Memory/File Scan (2.exe.bin)
EVENT
Unicode based on Memory/File Scan (2.exe.bin)
EXECUTE
Unicode based on Hybrid Analysis (2.exe.bin)
ExecuteLine
Unicode based on Memory/File Scan (2.exe.bin)
EXISTS
Unicode based on Hybrid Analysis (2.exe.bin)
ExitProcess
Ansi based on Memory/File Scan (2.exe.bin)
ExitThread
Ansi based on Memory/File Scan (2.exe.bin)
ExitWindowsEx
Ansi based on Memory/File Scan (2.exe.bin)
EXPAND
Unicode based on Hybrid Analysis (2.exe.bin)
EXPAND_SZ
Unicode based on Memory/File Scan (2.exe.bin)
ExpandEnvStrings
Unicode based on Memory/File Scan (2.exe.bin)
ExpandVarStrings
Unicode based on Memory/File Scan (2.exe.bin)
ExtCreatePen
Ansi based on Memory/File Scan (2.exe.bin)
ExtractIconExW
Ansi based on Memory/File Scan (2.exe.bin)
f+Npf+L$Lf
Ansi based on Memory/File Scan (2.exe.bin)
Failed to create the Error Handler
Unicode based on Memory/File Scan (2.exe.bin)
Failed to create the Event Object.
Unicode based on Memory/File Scan (2.exe.bin)
failed to get memory
Ansi based on Memory/File Scan (2.exe.bin)
Failed to retrieve outgoing Event Interface from Object.
Unicode based on Memory/File Scan (2.exe.bin)
False
Unicode based on Hybrid Analysis (2.exe.bin)
fault
Unicode based on Memory/File Scan (2.exe.bin)
FAULT
Unicode based on Memory/File Scan (2.exe.bin)
Favorites
Unicode based on Memory/File Scan (2.exe.bin)
FAVORITESCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
FAVORITESDIR
Unicode based on Memory/File Scan (2.exe.bin)
FBKCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
February
Ansi based on Memory/File Scan (2.exe.bin)
ffiffffffffififfffffffffffffieffffffffffiifffiiffffiffiifffffffiffffffiffffffhffffffffiif/
Ansi based on Memory/File Scan (2.exe.bin)
FHHHHFGFHGFHFGEFFEFFHEFEFFFFFFFFGHHHFHGHHHFHHHHFGFGFGHGGEHFHFGGHGGGGHHFFHGHGFFEEEHHEHGHHF8
Ansi based on Memory/File Scan (2.exe.bin)
FILECHANGEDIR
Unicode based on Memory/File Scan (2.exe.bin)
FILECLOSE
Unicode based on Memory/File Scan (2.exe.bin)
FILECOPY
Unicode based on Hybrid Analysis (2.exe.bin)
FILECREATENTFSLINK
Unicode based on Memory/File Scan (2.exe.bin)
FILECREATESHORTCUT
Unicode based on Memory/File Scan (2.exe.bin)
FILEDELETE
Unicode based on Memory/File Scan (2.exe.bin)
FILEEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
FILEFINDFIRSTFILE
Unicode based on Memory/File Scan (2.exe.bin)
FILEFINDNEXTFILE
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETATTRIB
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETLONGNAME
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETSHORTCUT
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETSHORTNAME
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETTIME
Unicode based on Memory/File Scan (2.exe.bin)
FILEGETVERSION
Unicode based on Memory/File Scan (2.exe.bin)
FILEINSTALL
Unicode based on Memory/File Scan (2.exe.bin)
FILEMOVE
Unicode based on Hybrid Analysis (2.exe.bin)
FILEOPEN
Unicode based on Hybrid Analysis (2.exe.bin)
FILEOPENDIALOG
Unicode based on Memory/File Scan (2.exe.bin)
FILEREAD
Unicode based on Hybrid Analysis (2.exe.bin)
FILEREADLINE
Unicode based on Memory/File Scan (2.exe.bin)
FILERECYCLE
Unicode based on Memory/File Scan (2.exe.bin)
FILERECYCLEEMPTY
Unicode based on Memory/File Scan (2.exe.bin)
FILESAVEDIALOG
Unicode based on Memory/File Scan (2.exe.bin)
FILESDIR
Unicode based on Memory/File Scan (2.exe.bin)
FILESELECTFOLDER
Unicode based on Memory/File Scan (2.exe.bin)
FILESETATTRIB
Unicode based on Memory/File Scan (2.exe.bin)
FILESETTIME
Unicode based on Memory/File Scan (2.exe.bin)
FileTimeToLocalFileTime
Ansi based on Memory/File Scan (2.exe.bin)
FileTimeToSystemTime
Ansi based on Memory/File Scan (2.exe.bin)
FileVersion
Unicode based on Memory/File Scan (2.exe.bin)
FILEWRITE
Unicode based on Memory/File Scan (2.exe.bin)
FILEWRITELINE
Unicode based on Memory/File Scan (2.exe.bin)
FillRect
Ansi based on Memory/File Scan (2.exe.bin)
FindClose
Ansi based on Memory/File Scan (2.exe.bin)
FindFirstFileW
Ansi based on Memory/File Scan (2.exe.bin)
FINDITEM
Unicode based on Hybrid Analysis (2.exe.bin)
FindNextFileW
Ansi based on Memory/File Scan (2.exe.bin)
FindResourceW
Ansi based on Memory/File Scan (2.exe.bin)
FINDSTRING
Unicode based on Memory/File Scan (2.exe.bin)
FindWindowExW
Ansi based on Memory/File Scan (2.exe.bin)
FindWindowW
Ansi based on Memory/File Scan (2.exe.bin)
First parameter must be of type 'Object'.
Unicode based on Memory/File Scan (2.exe.bin)
Fixed
Unicode based on Hybrid Analysis (2.exe.bin)
fixed
Unicode based on Hybrid Analysis (2.exe.bin)
FlashWindow
Ansi based on Memory/File Scan (2.exe.bin)
float
Unicode based on Memory/File Scan (2.exe.bin)
FLOAT
Unicode based on Memory/File Scan (2.exe.bin)
FLOOR
Unicode based on Hybrid Analysis (2.exe.bin)
FlsAlloc
Ansi based on Hybrid Analysis (2.exe.bin)
FlsFree
Ansi based on Hybrid Analysis (2.exe.bin)
FlsGetValue
Ansi based on Memory/File Scan (2.exe.bin)
FlsSetValue
Ansi based on Memory/File Scan (2.exe.bin)
FlushFileBuffers
Ansi based on Memory/File Scan (2.exe.bin)
FormatMessageW
Ansi based on Memory/File Scan (2.exe.bin)
FrameRect
Ansi based on Memory/File Scan (2.exe.bin)
FreeEnvironmentStringsW
Ansi based on Memory/File Scan (2.exe.bin)
FreeLibrary
Ansi based on Memory/File Scan (2.exe.bin)
Friday
Ansi based on Memory/File Scan (2.exe.bin)
FtpBinaryMode
Unicode based on Memory/File Scan (2.exe.bin)
FtpGetFileSize
Ansi based on Memory/File Scan (2.exe.bin)
FtpOpenFileW
Ansi based on Memory/File Scan (2.exe.bin)
FTPSETPROXY
Unicode based on Memory/File Scan (2.exe.bin)
FULLPATH
Unicode based on Memory/File Scan (2.exe.bin)
GAIsProcessorFeaturePresent
Ansi based on Memory/File Scan (2.exe.bin)
GDI32.dll
Ansi based on Memory/File Scan (2.exe.bin)
Georgian
Ansi based on Memory/File Scan (2.exe.bin)
get__NewEnum
Unicode based on Memory/File Scan (2.exe.bin)
GetAce
Ansi based on Memory/File Scan (2.exe.bin)
GetAclInformation
Ansi based on Memory/File Scan (2.exe.bin)
GetACP
Ansi based on Memory/File Scan (2.exe.bin)
GetActiveWindow
Ansi based on Memory/File Scan (2.exe.bin)
GetAsyncKeyState
Ansi based on Memory/File Scan (2.exe.bin)
GETATTRIB
Unicode based on Memory/File Scan (2.exe.bin)
GetCaretPos
Ansi based on Memory/File Scan (2.exe.bin)
GetClassNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetClientRect
Ansi based on Memory/File Scan (2.exe.bin)
GetClipboardData
Ansi based on Memory/File Scan (2.exe.bin)
GetCommandLineW
Ansi based on Memory/File Scan (2.exe.bin)
GetComputerNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetConsoleCP
Ansi based on Memory/File Scan (2.exe.bin)
GetConsoleMode
Ansi based on Memory/File Scan (2.exe.bin)
GetConsoleOutputCP
Ansi based on Memory/File Scan (2.exe.bin)
GetCPInfo
Ansi based on Memory/File Scan (2.exe.bin)
GETCURRENTCOL
Unicode based on Memory/File Scan (2.exe.bin)
GetCurrentDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GETCURRENTLINE
Unicode based on Memory/File Scan (2.exe.bin)
GetCurrentProcess
Ansi based on Memory/File Scan (2.exe.bin)
GetCurrentProcessId
Ansi based on Memory/File Scan (2.exe.bin)
GETCURRENTSELECTION
Unicode based on Memory/File Scan (2.exe.bin)
GetCurrentThread
Ansi based on Memory/File Scan (2.exe.bin)
GetCurrentThreadId
Ansi based on Memory/File Scan (2.exe.bin)
GetCursor
Ansi based on Memory/File Scan (2.exe.bin)
GetCursorPos
Ansi based on Memory/File Scan (2.exe.bin)
GetDC
Ansi based on Memory/File Scan (2.exe.bin)
GetDesktopWindow
Ansi based on Memory/File Scan (2.exe.bin)
GetDeviceCaps
Ansi based on Memory/File Scan (2.exe.bin)
GetDIBits
Ansi based on Memory/File Scan (2.exe.bin)
GetDiskFreeSpaceExW
Ansi based on Memory/File Scan (2.exe.bin)
GetDiskFreeSpaceW
Ansi based on Memory/File Scan (2.exe.bin)
GetDlgCtrlID
Ansi based on Memory/File Scan (2.exe.bin)
GetDlgItem
Ansi based on Memory/File Scan (2.exe.bin)
GetDriveTypeW
Ansi based on Memory/File Scan (2.exe.bin)
GetEnvironmentStringsW
Ansi based on Memory/File Scan (2.exe.bin)
GetEnvironmentVariableW
Ansi based on Memory/File Scan (2.exe.bin)
GetExitCodeProcess
Ansi based on Memory/File Scan (2.exe.bin)
GetFileAttributesW
Ansi based on Memory/File Scan (2.exe.bin)
GetFileSize
Ansi based on Memory/File Scan (2.exe.bin)
GetFileType
Ansi based on Memory/File Scan (2.exe.bin)
GetFileVersionInfoSizeW
Ansi based on Memory/File Scan (2.exe.bin)
GetFileVersionInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetFocus
Ansi based on Memory/File Scan (2.exe.bin)
GetForegroundWindow
Ansi based on Memory/File Scan (2.exe.bin)
GetFullPathNameW
Ansi based on Memory/File Scan (2.exe.bin)
GETITEMCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetKeyboardLayoutNameA
Ansi based on Memory/File Scan (2.exe.bin)
GetKeyboardLayoutNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetKeyboardState
Ansi based on Memory/File Scan (2.exe.bin)
GetKeyState
Ansi based on Memory/File Scan (2.exe.bin)
GetLastActivePopup
Ansi based on Memory/File Scan (2.exe.bin)
GetLastError
Ansi based on Memory/File Scan (2.exe.bin)
GetLengthSid
Ansi based on Memory/File Scan (2.exe.bin)
GETLINE
Unicode based on Hybrid Analysis (2.exe.bin)
GETLINECOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetLocaleInfoA
Ansi based on Memory/File Scan (2.exe.bin)
GetLocalTime
Ansi based on Memory/File Scan (2.exe.bin)
GetMenu
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuItemCount
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuItemID
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuItemInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetMenuStringW
Ansi based on Memory/File Scan (2.exe.bin)
GetMessageW
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleBaseNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleFileNameA
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleHandleA
Ansi based on Memory/File Scan (2.exe.bin)
GetModuleHandleW
Ansi based on Memory/File Scan (2.exe.bin)
GetMonitorInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetNativeSystemInfo
Ansi based on Memory/File Scan (2.exe.bin)
GetObjectW
Ansi based on Memory/File Scan (2.exe.bin)
GetOEMCP
Ansi based on Memory/File Scan (2.exe.bin)
GetOpenFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetParent
Ansi based on Memory/File Scan (2.exe.bin)
GetPixel
Ansi based on Memory/File Scan (2.exe.bin)
GetPrivateProfileSectionNamesW
Ansi based on Memory/File Scan (2.exe.bin)
GetPrivateProfileSectionW
Ansi based on Memory/File Scan (2.exe.bin)
GetPrivateProfileStringW
Ansi based on Memory/File Scan (2.exe.bin)
GetProcAddress
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessHeap
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessIoCounters
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessMemoryInfo
Ansi based on Memory/File Scan (2.exe.bin)
GetProcessWindowStation
Ansi based on Memory/File Scan (2.exe.bin)
GetSaveFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetSecurityDescriptorDacl
Ansi based on Memory/File Scan (2.exe.bin)
GETSELECTED
Unicode based on Memory/File Scan (2.exe.bin)
GETSELECTEDCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetShortPathNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetStartupInfoA
Ansi based on Memory/File Scan (2.exe.bin)
GetStartupInfoW
Ansi based on Memory/File Scan (2.exe.bin)
GetStdHandle
Ansi based on Memory/File Scan (2.exe.bin)
GetStockObject
Ansi based on Memory/File Scan (2.exe.bin)
GetStringTypeA
Ansi based on Memory/File Scan (2.exe.bin)
GetStringTypeW
Ansi based on Memory/File Scan (2.exe.bin)
GETSUBITEMCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetSubMenu
Ansi based on Memory/File Scan (2.exe.bin)
GetSysColor
Ansi based on Memory/File Scan (2.exe.bin)
GetSysColorBrush
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemInfo
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemMetrics
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemTimeAsFileTime
Ansi based on Memory/File Scan (2.exe.bin)
GetSystemWow64DirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GetTempFileNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetTempPathW
Ansi based on Memory/File Scan (2.exe.bin)
GETTEXT
Unicode based on Hybrid Analysis (2.exe.bin)
GetTextExtentPoint32W
Ansi based on Memory/File Scan (2.exe.bin)
GetTextFaceW
Ansi based on Memory/File Scan (2.exe.bin)
GetTickCount
Ansi based on Memory/File Scan (2.exe.bin)
GETTIME
Unicode based on Memory/File Scan (2.exe.bin)
GetTimeZoneInformation
Ansi based on Memory/File Scan (2.exe.bin)
GetTokenInformation
Ansi based on Memory/File Scan (2.exe.bin)
GETTOTALCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
GetUserNameW
Ansi based on Memory/File Scan (2.exe.bin)
GetUserObjectInformationA
Ansi based on Memory/File Scan (2.exe.bin)
GetUserObjectSecurity
Ansi based on Memory/File Scan (2.exe.bin)
GetVersionExW
Ansi based on Memory/File Scan (2.exe.bin)
GetVolumeInformationW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowDC
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowLongW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowRect
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowsDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowTextLengthW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowTextW
Ansi based on Memory/File Scan (2.exe.bin)
GetWindowThreadProcessId
Ansi based on Memory/File Scan (2.exe.bin)
GEXPCLASS
Unicode based on Memory/File Scan (2.exe.bin)
Glagolitic
Ansi based on Memory/File Scan (2.exe.bin)
GlobalAlloc
Ansi based on Memory/File Scan (2.exe.bin)
GlobalFree
Ansi based on Memory/File Scan (2.exe.bin)
GlobalLock
Ansi based on Memory/File Scan (2.exe.bin)
GlobalMemoryStatusEx
Ansi based on Memory/File Scan (2.exe.bin)
GlobalUnlock
Ansi based on Memory/File Scan (2.exe.bin)
GONSERVER
Unicode based on Memory/File Scan (2.exe.bin)
Gothic
Ansi based on Memory/File Scan (2.exe.bin)
graph
Ansi based on Memory/File Scan (2.exe.bin)
Greek
Ansi based on Memory/File Scan (2.exe.bin)
GUI_RUNDEFMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUICloseOnESC
Unicode based on Memory/File Scan (2.exe.bin)
GUICoordMode
Unicode based on Memory/File Scan (2.exe.bin)
GUICREATE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEAVI
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEBUTTON
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATECHECKBOX
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATECOMBO
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATECONTEXTMENU
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEDATE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEDUMMY
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEEDIT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEGRAPHIC
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEGROUP
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEICON
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEINPUT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATELABEL
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATELIST
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATELISTVIEW
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATELISTVIEWITEM
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEMENU
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEMENUITEM
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEMONTHCAL
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEOBJ
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEPIC
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEPROGRESS
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATERADIO
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATESLIDER
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATETAB
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATETABITEM
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATETREEVIEW
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATETREEVIEWITEM
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLCREATEUPDOWN
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLDELETE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLREAD
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLRECVMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLREGISTERLISTVIEWSORT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSENDMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSENDTODUMMY
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETBKCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETCURSOR
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETDATA
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETDEFBKCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETDEFCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETFONT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETGRAPHIC
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETIMAGE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETLIMIT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETONEVENT
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETPOS
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETRESIZING
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
GUICTRLSETTIP
Unicode based on Memory/File Scan (2.exe.bin)
GUIDataSeparatorChar
Unicode based on Memory/File Scan (2.exe.bin)
GUIDELETE
Unicode based on Memory/File Scan (2.exe.bin)
GUIEventOptions
Unicode based on Memory/File Scan (2.exe.bin)
GUIGETCURSORINFO
Unicode based on Memory/File Scan (2.exe.bin)
GUIGETMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUIGETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
GUIOnEventMode
Unicode based on Memory/File Scan (2.exe.bin)
GUIREGISTERMSG
Unicode based on Memory/File Scan (2.exe.bin)
GUIResizeMode
Unicode based on Memory/File Scan (2.exe.bin)
GUISETACCELERATORS
Unicode based on Memory/File Scan (2.exe.bin)
GUISETBKCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
GUISETCOORD
Unicode based on Memory/File Scan (2.exe.bin)
GUISETCURSOR
Unicode based on Memory/File Scan (2.exe.bin)
GUISETFONT
Unicode based on Memory/File Scan (2.exe.bin)
GUISETHELP
Unicode based on Memory/File Scan (2.exe.bin)
GUISETICON
Unicode based on Memory/File Scan (2.exe.bin)
GUISETONEVENT
Unicode based on Memory/File Scan (2.exe.bin)
GUISETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
GUISETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
GUISTARTGROUP
Unicode based on Memory/File Scan (2.exe.bin)
GUISWITCH
Unicode based on Memory/File Scan (2.exe.bin)
Gujarati
Ansi based on Memory/File Scan (2.exe.bin)
Gurmukhi
Ansi based on Memory/File Scan (2.exe.bin)
GWRITE
Unicode based on Memory/File Scan (2.exe.bin)
h(((( H
Unicode based on Memory/File Scan (2.exe.bin)
h7dllll
Ansi based on Memory/File Scan (2.exe.bin)
ha[]dlll
Ansi based on Memory/File Scan (2.exe.bin)
ha[llll
Ansi based on Memory/File Scan (2.exe.bin)
HANDLE
Unicode based on Hybrid Analysis (2.exe.bin)
HANDLE=
Unicode based on Hybrid Analysis (2.exe.bin)
Hangul
Ansi based on Memory/File Scan (2.exe.bin)
Hanunoo
Ansi based on Memory/File Scan (2.exe.bin)
HeapAlloc
Ansi based on Memory/File Scan (2.exe.bin)
HeapCreate
Ansi based on Memory/File Scan (2.exe.bin)
HeapFree
Ansi based on Memory/File Scan (2.exe.bin)
HeapReAlloc
Ansi based on Memory/File Scan (2.exe.bin)
HeapSize
Ansi based on Memory/File Scan (2.exe.bin)
Hebrew
Ansi based on Memory/File Scan (2.exe.bin)
HELPCONTEXT
Unicode based on Memory/File Scan (2.exe.bin)
HH:mm:ss
Ansi based on Memory/File Scan (2.exe.bin)
HIDEDROPDOWN
Unicode based on Memory/File Scan (2.exe.bin)
HIHIIIKHJKKHHIHKHKHKIJKHIJHJIHIJHKJHHHHHIJIIIKHIHIIHHIKIKKKIKIJJIIHKIHKJJJIIKKHHHKHKHIIIH:
Ansi based on Memory/File Scan (2.exe.bin)
Hiragana
Ansi based on Memory/File Scan (2.exe.bin)
HKCR\
Unicode based on Hybrid Analysis (2.exe.bin)
HKEY_CLASSES_ROOT
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_CURRENT_CONFIG
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_CURRENT_USER
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_LOCAL_MACHINE
Unicode based on Memory/File Scan (2.exe.bin)
HKEY_USERS
Unicode based on Memory/File Scan (2.exe.bin)
HOMEDRIVE
Unicode based on Memory/File Scan (2.exe.bin)
HOMEPATH
Unicode based on Hybrid Analysis (2.exe.bin)
HOMESHARE
Unicode based on Memory/File Scan (2.exe.bin)
HORTNAME
Unicode based on Memory/File Scan (2.exe.bin)
HOTKEYPRESSED
Unicode based on Memory/File Scan (2.exe.bin)
HOTKEYSET
Unicode based on Memory/File Scan (2.exe.bin)
HOWNORMAL
Unicode based on Memory/File Scan (2.exe.bin)
HttpOpenRequestW
Ansi based on Memory/File Scan (2.exe.bin)
HttpQueryInfoW
Ansi based on Memory/File Scan (2.exe.bin)
HttpSendRequestW
Ansi based on Memory/File Scan (2.exe.bin)
HTTPSETPROXY
Unicode based on Memory/File Scan (2.exe.bin)
HYYtJHt9H
Ansi based on Memory/File Scan (2.exe.bin)
H}AU3!EA06L
Ansi based on Memory/File Scan (2.exe.bin)
ICMP.DLL
Ansi based on Hybrid Analysis (2.exe.bin)
IcmpCloseHandle
Ansi based on Memory/File Scan (2.exe.bin)
IcmpCreateFile
Ansi based on Memory/File Scan (2.exe.bin)
IcmpSendEcho
Ansi based on Memory/File Scan (2.exe.bin)
ICODE
Unicode based on Memory/File Scan (2.exe.bin)
ICTRLCREATEPIC
Unicode based on Memory/File Scan (2.exe.bin)
ICTRLGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
ICTRLSETGRAPHIC
Unicode based on Memory/File Scan (2.exe.bin)
ICTRLSETPOS
Unicode based on Memory/File Scan (2.exe.bin)
Id7(1IIIIIIIIIIII
Ansi based on Memory/File Scan (2.exe.bin)
idispatch
Unicode based on Memory/File Scan (2.exe.bin)
iew32
Unicode based on Memory/File Scan (2.exe.bin)
IGETCURSORINFO
Unicode based on Memory/File Scan (2.exe.bin)
IGETSTYLE
Unicode based on Memory/File Scan (2.exe.bin)
IIDFromString
Ansi based on Memory/File Scan (2.exe.bin)
IIIII`
Ansi based on Memory/File Scan (2.exe.bin)
IIIIIIIIIIIIIId7
Ansi based on Memory/File Scan (2.exe.bin)
ijjgijggjfifjjgijijjjjigjijgjiiijijjiiiffjijjjjjjijjijijjiijiijjjiigfijjjjjijjjjjjjgijjjj0
Ansi based on Memory/File Scan (2.exe.bin)
ILING
Unicode based on Memory/File Scan (2.exe.bin)
ImageList_BeginDrag
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_Create
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_Destroy
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_DragEnter
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_DragLeave
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_DragMove
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_EndDrag
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_Remove
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_ReplaceIcon
Ansi based on Memory/File Scan (2.exe.bin)
ImageList_SetDragCursorImage
Ansi based on Memory/File Scan (2.exe.bin)
IMARY
Unicode based on Memory/File Scan (2.exe.bin)
IMlll
Ansi based on Memory/File Scan (2.exe.bin)
Include
Unicode based on Hybrid Analysis (2.exe.bin)
inconsistent NEWLINE options
Ansi based on Memory/File Scan (2.exe.bin)
Incorrect Object type in FOR..IN loop
Unicode based on Memory/File Scan (2.exe.bin)
Incorrect Parameter format
Unicode based on Memory/File Scan (2.exe.bin)
Incorrect parameters to object property !
Unicode based on Memory/File Scan (2.exe.bin)
INECOUNT
Unicode based on Memory/File Scan (2.exe.bin)
INETGET
Unicode based on Hybrid Analysis (2.exe.bin)
INETGETACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
INETGETBYTESREAD
Unicode based on Memory/File Scan (2.exe.bin)
INETGETSIZE
Unicode based on Memory/File Scan (2.exe.bin)
InflateRect
Ansi based on Memory/File Scan (2.exe.bin)
INHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
Inherited
Ansi based on Memory/File Scan (2.exe.bin)
INIDELETE
Unicode based on Memory/File Scan (2.exe.bin)
INIREAD
Unicode based on Hybrid Analysis (2.exe.bin)
INIREADSECTION
Unicode based on Memory/File Scan (2.exe.bin)
INIREADSECTIONNAMES
Unicode based on Memory/File Scan (2.exe.bin)
INIRENAMESECTION
Unicode based on Memory/File Scan (2.exe.bin)
InitCommonControlsEx
Ansi based on Memory/File Scan (2.exe.bin)
InitializeAcl
Ansi based on Memory/File Scan (2.exe.bin)
InitializeCriticalSection
Ansi based on Memory/File Scan (2.exe.bin)
InitializeCriticalSectionAndSpinCount
Ansi based on Memory/File Scan (2.exe.bin)
InitializeSecurityDescriptor
Ansi based on Memory/File Scan (2.exe.bin)
INIWRITE
Unicode based on Hybrid Analysis (2.exe.bin)
INIWRITESECTION
Unicode based on Memory/File Scan (2.exe.bin)
inprocserver32
Unicode based on Memory/File Scan (2.exe.bin)
INPUTBOX
Unicode based on Hybrid Analysis (2.exe.bin)
INSERT
Ansi based on Memory/File Scan (2.exe.bin)
InsertMenuItemW
Ansi based on Memory/File Scan (2.exe.bin)
InstallLanguage
Unicode based on Memory/File Scan (2.exe.bin)
INSTANCE
Unicode based on Hybrid Analysis (2.exe.bin)
Int64
Unicode based on Memory/File Scan (2.exe.bin)
int64
Unicode based on Memory/File Scan (2.exe.bin)
int_ptr
Unicode based on Memory/File Scan (2.exe.bin)
interface
Unicode based on Memory/File Scan (2.exe.bin)
Interface\
Unicode based on Memory/File Scan (2.exe.bin)
interface\
Unicode based on Memory/File Scan (2.exe.bin)
InterlockedDecrement
Ansi based on Memory/File Scan (2.exe.bin)
InterlockedExchange
Ansi based on Memory/File Scan (2.exe.bin)
InterlockedIncrement
Ansi based on Memory/File Scan (2.exe.bin)
internal error: code overflow
Ansi based on Memory/File Scan (2.exe.bin)
internal error: overran compiling workspace
Ansi based on Memory/File Scan (2.exe.bin)
internal error: previously-checked referenced subpattern not found
Ansi based on Memory/File Scan (2.exe.bin)
internal error: unexpected repeat
Ansi based on Memory/File Scan (2.exe.bin)
Internal Name
Unicode based on Memory/File Scan (2.exe.bin)
InternetCloseHandle
Ansi based on Memory/File Scan (2.exe.bin)
InternetConnectW
Ansi based on Memory/File Scan (2.exe.bin)
InternetCrackUrlW
Ansi based on Memory/File Scan (2.exe.bin)
InternetOpenUrlW
Ansi based on Memory/File Scan (2.exe.bin)
InternetOpenW
Ansi based on Memory/File Scan (2.exe.bin)
InternetReadFile
Ansi based on Memory/File Scan (2.exe.bin)
InternetSetOptionW
Ansi based on Memory/File Scan (2.exe.bin)
INUELOOP
Unicode based on Memory/File Scan (2.exe.bin)
INVALID
Unicode based on Hybrid Analysis (2.exe.bin)
Invalid characters behind Object assignment !
Unicode based on Memory/File Scan (2.exe.bin)
invalid condition (?(0)
Ansi based on Memory/File Scan (2.exe.bin)
Invalid element in a DllStruct.*Unknown option or bad parameter specified.&Unable to load the internet libraries./"Struct" statement has no matching "EndStruct".HUnable to open file, the maximum number of open files has been exceeded.
Unicode based on Memory/File Scan (2.exe.bin)
invalid escape sequence in character class
Ansi based on Memory/File Scan (2.exe.bin)
Invalid file filter given.*Expected a variable in user function call.1"Do" statement has no matching "Until" statement.2"Until" statement with no matching "Do" statement.#"For" statement is badly formatted.2"Next" statement with no matching "For" statement.N"ExitLoop/ContinueLoop" statements only valid from inside a For/Do/While loop.1"For" statement has no matching "Next" statement.@"Case" statement with no matching "Select"or "Switch" statement.:"EndSelect" statement with no matching "Select" statement.ORecursion level has been exceeded - AutoIt will quit to prevent stack overflow.
Unicode based on Memory/File Scan (2.exe.bin)
invalid UTF-8 string
Ansi based on Memory/File Scan (2.exe.bin)
InvalidateRect
Ansi based on Memory/File Scan (2.exe.bin)
IOnEventMode
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS1
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS2
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS3
Unicode based on Memory/File Scan (2.exe.bin)
IPADDRESS4
Unicode based on Memory/File Scan (2.exe.bin)
IPGET
Unicode based on Memory/File Scan (2.exe.bin)
IPTION
Unicode based on Memory/File Scan (2.exe.bin)
IREADSECTION
Unicode based on Memory/File Scan (2.exe.bin)
is a compiled AutoIt script. AV researchers please email avsupport@autoitscript.com for support.
Ansi based on Memory/File Scan (2.exe.bin)
ISADMIN
Unicode based on Hybrid Analysis (2.exe.bin)
ISARRAY
Unicode based on Hybrid Analysis (2.exe.bin)
ISBINARY
Unicode based on Hybrid Analysis (2.exe.bin)
ISBOOL
Unicode based on Hybrid Analysis (2.exe.bin)
IsCharAlphaNumericW
Ansi based on Memory/File Scan (2.exe.bin)
IsCharAlphaW
Ansi based on Memory/File Scan (2.exe.bin)
IsCharLowerW
Ansi based on Memory/File Scan (2.exe.bin)
IsCharUpperW
Ansi based on Memory/File Scan (2.exe.bin)
ISCHECKED
Unicode based on Memory/File Scan (2.exe.bin)
IsClipboardFormatAvailable
Ansi based on Memory/File Scan (2.exe.bin)
IsDebuggerPresent
Ansi based on Memory/File Scan (2.exe.bin)
ISDECLARED
Unicode based on Memory/File Scan (2.exe.bin)
IsDialogMessageW
Ansi based on Memory/File Scan (2.exe.bin)
IsDlgButtonChecked
Ansi based on Memory/File Scan (2.exe.bin)
ISDLLSTRUCT
Unicode based on Memory/File Scan (2.exe.bin)
ISENABLED
Unicode based on Memory/File Scan (2.exe.bin)
ISFLOAT
Unicode based on Hybrid Analysis (2.exe.bin)
ISHWND
Unicode based on Hybrid Analysis (2.exe.bin)
IsIconic
Ansi based on Memory/File Scan (2.exe.bin)
ISINT
Unicode based on Hybrid Analysis (2.exe.bin)
ISKEYWORD
Unicode based on Memory/File Scan (2.exe.bin)
IsMenu
Ansi based on Memory/File Scan (2.exe.bin)
ISNUMBER
Unicode based on Hybrid Analysis (2.exe.bin)
ISOBJ
Unicode based on Hybrid Analysis (2.exe.bin)
IsProcessorFeaturePresent
Ansi based on Hybrid Analysis (2.exe.bin)
ISPTR
Unicode based on Hybrid Analysis (2.exe.bin)
ISSELECTED
Unicode based on Memory/File Scan (2.exe.bin)
ISSTRING
Unicode based on Hybrid Analysis (2.exe.bin)
IsThemeActive
Ansi based on Memory/File Scan (2.exe.bin)
istView32
Unicode based on Memory/File Scan (2.exe.bin)
IsValidCodePage
Ansi based on Memory/File Scan (2.exe.bin)
ISVISIBLE
Unicode based on Memory/File Scan (2.exe.bin)
IsWindow
Ansi based on Memory/File Scan (2.exe.bin)
IsWindowEnabled
Ansi based on Memory/File Scan (2.exe.bin)
IsWindowVisible
Ansi based on Memory/File Scan (2.exe.bin)
IsWow64Process
Ansi based on Memory/File Scan (2.exe.bin)
IsZoomed
Ansi based on Memory/File Scan (2.exe.bin)
It v3
Unicode based on Memory/File Scan (2.exe.bin)
ITCALLVARIABLE%d
Unicode based on Memory/File Scan (2.exe.bin)
ITEMCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
ITEMSETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
itFunc
Unicode based on Memory/File Scan (2.exe.bin)
ITUNICODE
Unicode based on Memory/File Scan (2.exe.bin)
ITX64
Unicode based on Memory/File Scan (2.exe.bin)
IVEGETSERIAL
Unicode based on Memory/File Scan (2.exe.bin)
IVESPACEFREE
Unicode based on Memory/File Scan (2.exe.bin)
JanFebMarAprMayJunJulAugSepOctNovDec
Ansi based on Memory/File Scan (2.exe.bin)
January
Ansi based on Memory/File Scan (2.exe.bin)
jjmjjjjjllllljjjkljlkjjmljljljjjkkjjjmkljjjjkjjjmljjklljljljjjkllkjmjjlljlkllmkllkklljllj1
Ansi based on Memory/File Scan (2.exe.bin)
Kannada
Ansi based on Memory/File Scan (2.exe.bin)
Katakana
Ansi based on Memory/File Scan (2.exe.bin)
Kayah_Li
Ansi based on Memory/File Scan (2.exe.bin)
KERNEL32
Ansi based on Hybrid Analysis (2.exe.bin)
kernel32.dll
Ansi based on Memory/File Scan (2.exe.bin)
KERNEL32.DLL
Ansi based on Memory/File Scan (2.exe.bin)
keybd_event
Ansi based on Memory/File Scan (2.exe.bin)
KeyDelay
Unicode based on Memory/File Scan (2.exe.bin)
Keyword
Unicode based on Memory/File Scan (2.exe.bin)
Kharoshthi
Ansi based on Memory/File Scan (2.exe.bin)
Khmer
Ansi based on Memory/File Scan (2.exe.bin)
KillTimer
Ansi based on Memory/File Scan (2.exe.bin)
KKKIKKKKKKKKIKIIKIKKKKKIKKKKKKKIKKKKKKKKKKIIKKKKKKIKKKKKIKKKIIKKKKIKKLKKKKKKKKIKKKKIIKKKK9
Ansi based on Memory/File Scan (2.exe.bin)
KNOWN
Unicode based on Memory/File Scan (2.exe.bin)
l a new Errorhandler when one is still active.
Unicode based on Memory/File Scan (2.exe.bin)
l$$+l$<+\$@j
Ansi based on Memory/File Scan (2.exe.bin)
L$(Qj
Ansi based on Memory/File Scan (2.exe.bin)
L$<h8LH
Ansi based on Memory/File Scan (2.exe.bin)
L$<SRPQUWV
Ansi based on Memory/File Scan (2.exe.bin)
L$@RPQUWV
Ansi based on Memory/File Scan (2.exe.bin)
L$@RWPSQV
Ansi based on Memory/File Scan (2.exe.bin)
L$D9L$,tz
Ansi based on Memory/File Scan (2.exe.bin)
L$PRPQUWV
Ansi based on Memory/File Scan (2.exe.bin)
largeicons
Unicode based on Memory/File Scan (2.exe.bin)
LASTDLLERROR
Unicode based on Memory/File Scan (2.exe.bin)
Latin
Ansi based on Memory/File Scan (2.exe.bin)
LAUNCH_APP1
Ansi based on Memory/File Scan (2.exe.bin)
LAUNCH_APP2
Ansi based on Memory/File Scan (2.exe.bin)
LAUNCH_MAIL
Ansi based on Memory/File Scan (2.exe.bin)
LAUNCH_MEDIA
Ansi based on Memory/File Scan (2.exe.bin)
layMe wait
Unicode based on Memory/File Scan (2.exe.bin)
LCALLBACKFREE
Unicode based on Memory/File Scan (2.exe.bin)
LCMapStringA
Ansi based on Memory/File Scan (2.exe.bin)
LCMapStringW
Ansi based on Memory/File Scan (2.exe.bin)
LCREATETREEVIEWITEM
Unicode based on Memory/File Scan (2.exe.bin)
LCTRL
Ansi based on Memory/File Scan (2.exe.bin)
LeaveCriticalSection
Ansi based on Memory/File Scan (2.exe.bin)
LECHANGEDIR
Unicode based on Memory/File Scan (2.exe.bin)
LECTALL
Unicode based on Memory/File Scan (2.exe.bin)
LECTION
Unicode based on Memory/File Scan (2.exe.bin)
LEEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
LEOPEN
Unicode based on Memory/File Scan (2.exe.bin)
Lepcha
Ansi based on Memory/File Scan (2.exe.bin)
lickDelay
Unicode based on Memory/File Scan (2.exe.bin)
licons
Unicode based on Memory/File Scan (2.exe.bin)
Limbu
Ansi based on Memory/File Scan (2.exe.bin)
Line %d (File "%s"):
Unicode based on Memory/File Scan (2.exe.bin)
Line %d:
Unicode based on Memory/File Scan (2.exe.bin)
Line:
Unicode based on Hybrid Analysis (2.exe.bin)
Linear_B
Ansi based on Memory/File Scan (2.exe.bin)
LineTo
Ansi based on Memory/File Scan (2.exe.bin)
Listbox
Unicode based on Hybrid Analysis (2.exe.bin)
ListBox
Unicode based on Hybrid Analysis (2.exe.bin)
LLARGARRAY
Unicode based on Memory/File Scan (2.exe.bin)
lllll
Ansi based on Memory/File Scan (2.exe.bin)
LMLLLKKNKKNLMKKLKKLLKLKKLKNLLKLLLKKLLMKKNKLNKKNLLKLNMKKLKLKKNNMMLMLLNLKMKKLMKLKLLNKLKLNNL;
Ansi based on Memory/File Scan (2.exe.bin)
LoadCursorW
Ansi based on Memory/File Scan (2.exe.bin)
LoadIconW
Ansi based on Memory/File Scan (2.exe.bin)
LoadImageW
Ansi based on Memory/File Scan (2.exe.bin)
LoadLibraryA
Ansi based on Memory/File Scan (2.exe.bin)
LoadLibraryExW
Ansi based on Memory/File Scan (2.exe.bin)
LoadLibraryW
Ansi based on Memory/File Scan (2.exe.bin)
LoadResource
Ansi based on Memory/File Scan (2.exe.bin)
LoadStringW
Ansi based on Memory/File Scan (2.exe.bin)
LoadUserProfileW
Ansi based on Memory/File Scan (2.exe.bin)
LOCAL
Unicode based on Memory/File Scan (2.exe.bin)
LocalFileTimeToFileTime
Ansi based on Memory/File Scan (2.exe.bin)
localserver32
Unicode based on Memory/File Scan (2.exe.bin)
LockResource
Ansi based on Memory/File Scan (2.exe.bin)
LockServiceDatabase
Ansi based on Memory/File Scan (2.exe.bin)
LockWindowUpdate
Ansi based on Memory/File Scan (2.exe.bin)
LOGONDNSDOMAIN
Unicode based on Memory/File Scan (2.exe.bin)
LOGONDOMAIN
Unicode based on Memory/File Scan (2.exe.bin)
LOGONSERVER
Unicode based on Memory/File Scan (2.exe.bin)
LogonUserW
Ansi based on Memory/File Scan (2.exe.bin)
lookbehind assertion is not fixed length
Ansi based on Memory/File Scan (2.exe.bin)
LookupPrivilegeValueW
Ansi based on Memory/File Scan (2.exe.bin)
LOSESOCKET
Unicode based on Memory/File Scan (2.exe.bin)
lower
Ansi based on Memory/File Scan (2.exe.bin)
ls_progress32
Unicode based on Memory/File Scan (2.exe.bin)
LSEND
Unicode based on Memory/File Scan (2.exe.bin)
LSETDEFCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
LSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
LSETTIP
Unicode based on Memory/File Scan (2.exe.bin)
LSHIFT
Ansi based on Memory/File Scan (2.exe.bin)
lstrcmpiW
Ansi based on Memory/File Scan (2.exe.bin)
LSTRUCTCREATE
Unicode based on Memory/File Scan (2.exe.bin)
LSTRUCTGETPTR
Unicode based on Memory/File Scan (2.exe.bin)
LSTRUCTSETDATA
Unicode based on Memory/File Scan (2.exe.bin)
lude-once
Unicode based on Memory/File Scan (2.exe.bin)
LWINDOWN
Ansi based on Memory/File Scan (2.exe.bin)
LWINUP
Ansi based on Memory/File Scan (2.exe.bin)
Lycian
Ansi based on Memory/File Scan (2.exe.bin)
Lydian
Ansi based on Memory/File Scan (2.exe.bin)
Malayalam
Ansi based on Memory/File Scan (2.exe.bin)
malformed \P or \p sequence
Ansi based on Memory/File Scan (2.exe.bin)
malformed number or name after (?(
Ansi based on Memory/File Scan (2.exe.bin)
MapVirtualKeyW
Ansi based on Memory/File Scan (2.exe.bin)
March
Ansi based on Memory/File Scan (2.exe.bin)
matching "For" statement.N"ExitLoop/ContinueLoop" statements only valid from inside a For/Do/While loop.1"For" statement has no matching "Next" statement.@"Case" statement with no matching "Select"or "Switch" statement.:"EndSelect" statement with no matching "Select" statement.ORecursion level has been exceeded - AutoIt will quit to prevent stack overflow.
Unicode based on Memory/File Scan (2.exe.bin)
mciSendStringW
Ansi based on Memory/File Scan (2.exe.bin)
MEDIA_NEXT
Ansi based on Memory/File Scan (2.exe.bin)
MEDIA_PLAY_PAUSE
Ansi based on Memory/File Scan (2.exe.bin)
MEDIA_PREV
Ansi based on Memory/File Scan (2.exe.bin)
MEDIA_STOP
Ansi based on Memory/File Scan (2.exe.bin)
MEMGETSTATS
Unicode based on Memory/File Scan (2.exe.bin)
MENTSDIR
Unicode based on Memory/File Scan (2.exe.bin)
MenuMode
Unicode based on Memory/File Scan (2.exe.bin)
MessageBeep
Ansi based on Memory/File Scan (2.exe.bin)
MessageBoxA
Ansi based on Memory/File Scan (2.exe.bin)
MessageBoxW
Ansi based on Memory/File Scan (2.exe.bin)
MFILESDIR
Unicode based on Memory/File Scan (2.exe.bin)
Microsoft
Unicode based on Memory/File Scan (2.exe.bin)
Microsoft Corporation
Unicode based on Memory/File Scan (2.exe.bin)
Microsoft Visual C++ Runtime Library
Ansi based on Memory/File Scan (2.exe.bin)
MIDDLE
Unicode based on Hybrid Analysis (2.exe.bin)
missing )
Ansi based on Memory/File Scan (2.exe.bin)
missing ) after comment
Ansi based on Memory/File Scan (2.exe.bin)
Missing operator in expression."Unbalanced brackets in expression.
Unicode based on Memory/File Scan (2.exe.bin)
missing terminating ] for character class
Ansi based on Memory/File Scan (2.exe.bin)
MkParseDisplayName
Ansi based on Memory/File Scan (2.exe.bin)
MM/dd/yy
Ansi based on Memory/File Scan (2.exe.bin)
mmlmmlmmmmlmmmmmkmmlmmlmmmmmmmmmmmmmmmmmlmmmmlmmlmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm2
Ansi based on Memory/File Scan (2.exe.bin)
MMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
Monday
Ansi based on Memory/File Scan (2.exe.bin)
Mongolian
Ansi based on Memory/File Scan (2.exe.bin)
MonitorFromPoint
Ansi based on Memory/File Scan (2.exe.bin)
mouse_event
Ansi based on Memory/File Scan (2.exe.bin)
MOUSE_LBUTTON
Ansi based on Memory/File Scan (2.exe.bin)
MOUSE_MBUTTON
Ansi based on Memory/File Scan (2.exe.bin)
MOUSE_RBUTTON
Ansi based on Memory/File Scan (2.exe.bin)
MOUSE_XBUTTON1
Ansi based on Memory/File Scan (2.exe.bin)
MOUSE_XBUTTON2
Ansi based on Memory/File Scan (2.exe.bin)
MOUSECLICK
Unicode based on Memory/File Scan (2.exe.bin)
MouseClickDelay
Unicode based on Memory/File Scan (2.exe.bin)
MouseClickDownDelay
Unicode based on Memory/File Scan (2.exe.bin)
MOUSECLICKDRAG
Unicode based on Memory/File Scan (2.exe.bin)
MouseClickDragDelay
Unicode based on Memory/File Scan (2.exe.bin)
MouseCoordMode
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEDOWN
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEGETCURSOR
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEGETPOS
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEMOVE
Unicode based on Memory/File Scan (2.exe.bin)
MOUSEUP
Unicode based on Hybrid Analysis (2.exe.bin)
MOUSEWHEEL
Unicode based on Memory/File Scan (2.exe.bin)
MoveFileW
Ansi based on Memory/File Scan (2.exe.bin)
MoveToEx
Ansi based on Memory/File Scan (2.exe.bin)
MoveWindow
Ansi based on Memory/File Scan (2.exe.bin)
MPR.dll
Ansi based on Memory/File Scan (2.exe.bin)
MS Shell Dlg
Unicode based on Memory/File Scan (2.exe.bin)
mscoree.dll
Unicode based on Memory/File Scan (2.exe.bin)
Msctls_Progress32
Unicode based on Memory/File Scan (2.exe.bin)
msctls_progress32
Unicode based on Memory/File Scan (2.exe.bin)
msctls_statusbar321
Unicode based on Memory/File Scan (2.exe.bin)
msctls_trackbar32
Unicode based on Memory/File Scan (2.exe.bin)
msctls_updown32
Unicode based on Memory/File Scan (2.exe.bin)
MSGBOX
Unicode based on Hybrid Analysis (2.exe.bin)
MultiByteToWideChar
Ansi based on Memory/File Scan (2.exe.bin)
MustDeclareVars
Unicode based on Memory/File Scan (2.exe.bin)
Myanmar
Ansi based on Memory/File Scan (2.exe.bin)
MYDOCUMENTSDIR
Unicode based on Memory/File Scan (2.exe.bin)
N32_NT
Unicode based on Memory/File Scan (2.exe.bin)
N_VISTA
Unicode based on Memory/File Scan (2.exe.bin)
NASWAIT
Unicode based on Memory/File Scan (2.exe.bin)
NCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
nclude depth exceeded. Make sure there are no recursive includes
Unicode based on Memory/File Scan (2.exe.bin)
ndAttachMode
Unicode based on Memory/File Scan (2.exe.bin)
ndEnvStrings
Unicode based on Memory/File Scan (2.exe.bin)
NDFIRSTFILE
Unicode based on Memory/File Scan (2.exe.bin)
NDKEEPACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
NDNSDOMAIN
Unicode based on Memory/File Scan (2.exe.bin)
NDSTRING
Unicode based on Memory/File Scan (2.exe.bin)
ne %d:
Unicode based on Memory/File Scan (2.exe.bin)
NENUMBER
Unicode based on Memory/File Scan (2.exe.bin)
network
Unicode based on Hybrid Analysis (2.exe.bin)
Network
Unicode based on Hybrid Analysis (2.exe.bin)
new[]
Ansi based on Memory/File Scan (2.exe.bin)
New_Tai_Lue
Ansi based on Memory/File Scan (2.exe.bin)
ng_ptr
Unicode based on Memory/File Scan (2.exe.bin)
NGETCARETPOS
Unicode based on Memory/File Scan (2.exe.bin)
NGETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
NGRIGHT
Unicode based on Memory/File Scan (2.exe.bin)
NGSTRIPCR
Unicode based on Memory/File Scan (2.exe.bin)
NGTOASCIIARRAY
Unicode based on Memory/File Scan (2.exe.bin)
nhGFlllll
Ansi based on Memory/File Scan (2.exe.bin)
nKB\`lll
Ansi based on Memory/File Scan (2.exe.bin)
nKG[llll
Ansi based on Memory/File Scan (2.exe.bin)
NMINIMIZEALLUNDO
Unicode based on Memory/File Scan (2.exe.bin)
NNNNMNNNNNLNLLNNNNLLNNLLNNLNNNNLLNLLNLNLNNLLLLNNMNLLNLLNNNNLNLNLLLNNNNLLLNLNNNNNNNLNNLLLN>
Ansi based on Memory/File Scan (2.exe.bin)
no error
Ansi based on Hybrid Analysis (2.exe.bin)
Not an Object type
Unicode based on Memory/File Scan (2.exe.bin)
nothing to repeat
Ansi based on Memory/File Scan (2.exe.bin)
NOTREADY
Unicode based on Hybrid Analysis (2.exe.bin)
November
Ansi based on Memory/File Scan (2.exe.bin)
npoppnomnomnmppnopomopommmnopmpnmonpppomopmooopmoppponpppmmpnompmompopnnompnopmmmmmoopoom2
Ansi based on Memory/File Scan (2.exe.bin)
NSOLEREAD
Unicode based on Memory/File Scan (2.exe.bin)
NSOLEWRITEERROR
Unicode based on Memory/File Scan (2.exe.bin)
nt_ptr
Unicode based on Memory/File Scan (2.exe.bin)
ntControlSet\Control\Nls\Language
Unicode based on Memory/File Scan (2.exe.bin)
NTEXT
Unicode based on Memory/File Scan (2.exe.bin)
nText
Unicode based on Memory/File Scan (2.exe.bin)
NTINUECASE
Unicode based on Memory/File Scan (2.exe.bin)
nTitleMatchMode
Unicode based on Memory/File Scan (2.exe.bin)
NTROLTREEVIEW
Unicode based on Memory/File Scan (2.exe.bin)
Null Object assignment in FOR..IN loop
Unicode based on Memory/File Scan (2.exe.bin)
NULL Pointer assignment
Unicode based on Memory/File Scan (2.exe.bin)
NUMBER
Unicode based on Hybrid Analysis (2.exe.bin)
number after (?C is > 255
Ansi based on Memory/File Scan (2.exe.bin)
number is too big
Ansi based on Memory/File Scan (2.exe.bin)
number too big in {} quantifier
Ansi based on Memory/File Scan (2.exe.bin)
numbers out of order in {} quantifier
Ansi based on Memory/File Scan (2.exe.bin)
NUMKEY
Unicode based on Memory/File Scan (2.exe.bin)
NUMLOCK
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD0
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD1
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD2
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD3
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD4
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD5
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD6
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD7
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD8
Ansi based on Memory/File Scan (2.exe.bin)
NUMPAD9
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADADD
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADDIV
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADDOT
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADENTER
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADMULT
Ansi based on Memory/File Scan (2.exe.bin)
NUMPADSUB
Ansi based on Memory/File Scan (2.exe.bin)
NUMPARAMS
Unicode based on Memory/File Scan (2.exe.bin)
NUMVAL
Unicode based on Memory/File Scan (2.exe.bin)
OACTIVATE
Unicode based on Memory/File Scan (2.exe.bin)
OBJCREATE
Unicode based on Memory/File Scan (2.exe.bin)
Object'.
Unicode based on Memory/File Scan (2.exe.bin)
OBJEVENT
Unicode based on Hybrid Analysis (2.exe.bin)
OBJGET
Unicode based on Hybrid Analysis (2.exe.bin)
OBJNAME
Unicode based on Hybrid Analysis (2.exe.bin)
Obsolete function/parameter.4Invalid Exitcode (reserved for AutoIt internal use).
Unicode based on Memory/File Scan (2.exe.bin)
OCESS
Unicode based on Memory/File Scan (2.exe.bin)
OCKINPUT
Unicode based on Memory/File Scan (2.exe.bin)
octal value is greater than \377 (not in UTF-8 mode)
Ansi based on Memory/File Scan (2.exe.bin)
October
Ansi based on Memory/File Scan (2.exe.bin)
Ogham
Ansi based on Memory/File Scan (2.exe.bin)
OGRESSON
Unicode based on Memory/File Scan (2.exe.bin)
Ol_Chiki
Ansi based on Memory/File Scan (2.exe.bin)
Old_Italic
Ansi based on Memory/File Scan (2.exe.bin)
Old_Persian
Ansi based on Memory/File Scan (2.exe.bin)
ole32.dll
Ansi based on Memory/File Scan (2.exe.bin)
OLEAUT32.dll
Ansi based on Memory/File Scan (2.exe.bin)
OleInitialize
Ansi based on Memory/File Scan (2.exe.bin)
OleSetContainedObject
Ansi based on Memory/File Scan (2.exe.bin)
OleSetMenuDescriptor
Ansi based on Memory/File Scan (2.exe.bin)
OleUninitialize
Ansi based on Memory/File Scan (2.exe.bin)
OMASCIIARRAY
Unicode based on Memory/File Scan (2.exe.bin)
OMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
on Programs
Unicode based on Memory/File Scan (2.exe.bin)
on Startup
Unicode based on Memory/File Scan (2.exe.bin)
ONAUTOITEXIT
Unicode based on Memory/File Scan (2.exe.bin)
ONAUTOITSTART
Unicode based on Memory/File Scan (2.exe.bin)
OnExitFunc
Unicode based on Memory/File Scan (2.exe.bin)
ONFLASHING
Unicode based on Memory/File Scan (2.exe.bin)
ong_ptr
Unicode based on Memory/File Scan (2.exe.bin)
ONGNAME
Unicode based on Memory/File Scan (2.exe.bin)
ONTOP
Unicode based on Memory/File Scan (2.exe.bin)
OOONOOONOQNONONOOONONONOONONNORONOQNONOOOONRNORNNQNNOOONOOOONOOOQOQONOQNNRONQNNOORNOONNNN<
Ansi based on Memory/File Scan (2.exe.bin)
OpenClipboard
Ansi based on Memory/File Scan (2.exe.bin)
OpenDesktopW
Ansi based on Memory/File Scan (2.exe.bin)
OPENDIALOG
Unicode based on Memory/File Scan (2.exe.bin)
OpenProcess
Ansi based on Memory/File Scan (2.exe.bin)
OpenProcessToken
Ansi based on Memory/File Scan (2.exe.bin)
OpenSCManagerW
Ansi based on Memory/File Scan (2.exe.bin)
OpenThreadToken
Ansi based on Memory/File Scan (2.exe.bin)
OpenWindowStationW
Ansi based on Memory/File Scan (2.exe.bin)
operand of unlimited repeat could match the empty string
Ansi based on Memory/File Scan (2.exe.bin)
Operating System
Unicode based on Memory/File Scan (2.exe.bin)
operator
Ansi based on Memory/File Scan (2.exe.bin)
or AutoIt internal use).
Unicode based on Memory/File Scan (2.exe.bin)
OR..IN loop
Unicode based on Memory/File Scan (2.exe.bin)
Original File name
Unicode based on Memory/File Scan (2.exe.bin)
Oriya
Ansi based on Memory/File Scan (2.exe.bin)
Osmanya
Ansi based on Memory/File Scan (2.exe.bin)
OSSERVICEPACK
Unicode based on Memory/File Scan (2.exe.bin)
OSVERSION
Unicode based on Memory/File Scan (2.exe.bin)
OTATE
Unicode based on Memory/File Scan (2.exe.bin)
OutputDebugStringW
Ansi based on Memory/File Scan (2.exe.bin)
OWDROPDOWN
Unicode based on Memory/File Scan (2.exe.bin)
Parameter format
Unicode based on Memory/File Scan (2.exe.bin)
parentheses nested too deeply
Ansi based on Memory/File Scan (2.exe.bin)
PAUSE
Ansi based on Memory/File Scan (2.exe.bin)
Paused
Unicode based on Memory/File Scan (2.exe.bin)
PCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
PCRE does not support \L, \l, \N, \U, or \u
Ansi based on Memory/File Scan (2.exe.bin)
PDATE
Unicode based on Memory/File Scan (2.exe.bin)
pdown32
Unicode based on Memory/File Scan (2.exe.bin)
PEEDTEST
Unicode based on Memory/File Scan (2.exe.bin)
PeekMessageW
Ansi based on Memory/File Scan (2.exe.bin)
Personal
Unicode based on Hybrid Analysis (2.exe.bin)
Phags_Pa
Ansi based on Memory/File Scan (2.exe.bin)
Phoenician
Ansi based on Memory/File Scan (2.exe.bin)
PIXELCHECKSUM
Unicode based on Memory/File Scan (2.exe.bin)
PixelCoordMode
Unicode based on Memory/File Scan (2.exe.bin)
PIXELGETCOLOR
Unicode based on Memory/File Scan (2.exe.bin)
PIXELSEARCH
Unicode based on Memory/File Scan (2.exe.bin)
PLACE
Unicode based on Memory/File Scan (2.exe.bin)
play PlayMe
Unicode based on Memory/File Scan (2.exe.bin)
play PlayMe wait
Unicode based on Memory/File Scan (2.exe.bin)
PLUGINCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
PLUGINOPEN
Unicode based on Memory/File Scan (2.exe.bin)
PolyDraw
Ansi based on Memory/File Scan (2.exe.bin)
POSIX collating elements are not supported
Ansi based on Memory/File Scan (2.exe.bin)
POSIX named classes are supported only within a class
Ansi based on Memory/File Scan (2.exe.bin)
PostMessageW
Ansi based on Memory/File Scan (2.exe.bin)
PostQuitMessage
Ansi based on Memory/File Scan (2.exe.bin)
ppppppqpppppppppsqpqprpppppppprpqppqrrprpqspppqrppprpppprqqrppppqpppprprpqpppqppppppppppr'
Ansi based on Memory/File Scan (2.exe.bin)
PRECV
Unicode based on Memory/File Scan (2.exe.bin)
PRIMARY
Unicode based on Hybrid Analysis (2.exe.bin)
print
Ansi based on Memory/File Scan (2.exe.bin)
PRINTSCREEN
Ansi based on Memory/File Scan (2.exe.bin)
Process32FirstW
Ansi based on Memory/File Scan (2.exe.bin)
Process32NextW
Ansi based on Memory/File Scan (2.exe.bin)
PROCESSCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSGETSTATS
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSLIST
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSORARCH
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSSETPRIORITY
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSWAIT
Unicode based on Memory/File Scan (2.exe.bin)
PROCESSWAITCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
Product Name
Unicode based on Memory/File Scan (2.exe.bin)
Product Version
Unicode based on Memory/File Scan (2.exe.bin)
ProgID
Unicode based on Hybrid Analysis (2.exe.bin)
ProgramFilesDir
Unicode based on Memory/File Scan (2.exe.bin)
PROGRAMFILESDIR
Unicode based on Memory/File Scan (2.exe.bin)
PROGRAMSCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
PROGRAMSDIR
Unicode based on Memory/File Scan (2.exe.bin)
PROGRESSOFF
Unicode based on Memory/File Scan (2.exe.bin)
PROGRESSON
Unicode based on Memory/File Scan (2.exe.bin)
PROGRESSSET
Unicode based on Memory/File Scan (2.exe.bin)
Prompt
Unicode based on Memory/File Scan (2.exe.bin)
PROXY
Unicode based on Memory/File Scan (2.exe.bin)
PRUNE
Ansi based on Memory/File Scan (2.exe.bin)
PSAPI.DLL
Ansi based on Memory/File Scan (2.exe.bin)
PSHUTDOWN
Unicode based on Memory/File Scan (2.exe.bin)
pssssssqrssssssspqssssssprqsssssssqrqssqsrrsqssrrqrsssrqsspsqqsspsqqsssspsssssqqqrrsqssss(
Ansi based on Memory/File Scan (2.exe.bin)
PTimeout
Unicode based on Memory/File Scan (2.exe.bin)
PtInRect
Ansi based on Memory/File Scan (2.exe.bin)
PTLINE
Unicode based on Memory/File Scan (2.exe.bin)
punct
Ansi based on Memory/File Scan (2.exe.bin)
QueryPerformanceCounter
Ansi based on Memory/File Scan (2.exe.bin)
QueryPerformanceFrequency
Ansi based on Memory/File Scan (2.exe.bin)
question
Unicode based on Hybrid Analysis (2.exe.bin)
r0,1023
Unicode based on Memory/File Scan (2.exe.bin)
R6002- floating point support not loaded
Ansi based on Memory/File Scan (2.exe.bin)
R6008- not enough space for arguments
Ansi based on Memory/File Scan (2.exe.bin)
R6009- not enough space for environment
Ansi based on Memory/File Scan (2.exe.bin)
R6016- not enough space for thread data
Ansi based on Memory/File Scan (2.exe.bin)
R6017- unexpected multithread lock error
Ansi based on Memory/File Scan (2.exe.bin)
R6018- unexpected heap error
Ansi based on Memory/File Scan (2.exe.bin)
R6019- unable to open console device
Ansi based on Memory/File Scan (2.exe.bin)
R6024- not enough space for _onexit/atexit table
Ansi based on Memory/File Scan (2.exe.bin)
R6025- pure virtual function call
Ansi based on Memory/File Scan (2.exe.bin)
R6026- not enough space for stdio initialization
Ansi based on Memory/File Scan (2.exe.bin)
R6027- not enough space for lowio initialization
Ansi based on Memory/File Scan (2.exe.bin)
R6028- unable to initialize heap
Ansi based on Memory/File Scan (2.exe.bin)
R6030- CRT not initialized
Ansi based on Memory/File Scan (2.exe.bin)
R6031- Attempt to initialize the CRT more than once.This indicates a bug in your application.
Ansi based on Memory/File Scan (2.exe.bin)
R6032- not enough space for locale information
Ansi based on Memory/File Scan (2.exe.bin)
R6033- Attempt to use MSIL code from this assembly during native code initializationThis indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Ansi based on Memory/File Scan (2.exe.bin)
R6034An application has made an attempt to load the C runtime library incorrectly.Please contact the application's support team for more information.
Ansi based on Memory/File Scan (2.exe.bin)
RaiseException
Ansi based on Memory/File Scan (2.exe.bin)
ramdisk
Unicode based on Hybrid Analysis (2.exe.bin)
RAMDisk
Unicode based on Hybrid Analysis (2.exe.bin)
rameter must be of type 'Object'.
Unicode based on Memory/File Scan (2.exe.bin)
RANDOM
Unicode based on Hybrid Analysis (2.exe.bin)
range out of order in character class
Ansi based on Memory/File Scan (2.exe.bin)
ranslation
Unicode based on Memory/File Scan (2.exe.bin)
RCREATE
Unicode based on Memory/File Scan (2.exe.bin)
RCTRL
Ansi based on Memory/File Scan (2.exe.bin)
re\AutoIt v3\AutoIt
Unicode based on Memory/File Scan (2.exe.bin)
RE\Microsoft\Windows\CurrentVersion
Unicode based on Memory/File Scan (2.exe.bin)
ReadFile
Ansi based on Memory/File Scan (2.exe.bin)
READONLY
Unicode based on Hybrid Analysis (2.exe.bin)
ReadProcessMemory
Ansi based on Memory/File Scan (2.exe.bin)
READY
Unicode based on Hybrid Analysis (2.exe.bin)
REATE
Unicode based on Memory/File Scan (2.exe.bin)
REATECHECKBOX
Unicode based on Memory/File Scan (2.exe.bin)
REATEMONTHCAL
Unicode based on Memory/File Scan (2.exe.bin)
REATERADIO
Unicode based on Memory/File Scan (2.exe.bin)
REATESLIDER
Unicode based on Memory/File Scan (2.exe.bin)
Rectangle
Ansi based on Memory/File Scan (2.exe.bin)
recursive call could loop indefinitely
Ansi based on Memory/File Scan (2.exe.bin)
RedrawWindow
Ansi based on Memory/File Scan (2.exe.bin)
REEVIEW
Unicode based on Memory/File Scan (2.exe.bin)
Reference
Unicode based on Memory/File Scan (2.exe.bin)
reference to non-existent subpattern
Ansi based on Memory/File Scan (2.exe.bin)
REG_BINARY
Unicode based on Memory/File Scan (2.exe.bin)
REG_DWORD
Unicode based on Memory/File Scan (2.exe.bin)
REG_EXPAND_SZ
Unicode based on Memory/File Scan (2.exe.bin)
REG_MULTI_SZ
Unicode based on Memory/File Scan (2.exe.bin)
REG_QWORD
Unicode based on Memory/File Scan (2.exe.bin)
REG_SZ
Unicode based on Hybrid Analysis (2.exe.bin)
RegCloseKey
Ansi based on Memory/File Scan (2.exe.bin)
RegConnectRegistryW
Ansi based on Memory/File Scan (2.exe.bin)
RegCreateKeyExW
Ansi based on Memory/File Scan (2.exe.bin)
REGDELETE
Unicode based on Memory/File Scan (2.exe.bin)
RegDeleteKeyW
Ansi based on Memory/File Scan (2.exe.bin)
RegDeleteValueW
Ansi based on Memory/File Scan (2.exe.bin)
REGENUMKEY
Unicode based on Memory/File Scan (2.exe.bin)
RegEnumKeyExW
Ansi based on Memory/File Scan (2.exe.bin)
REGENUMVAL
Unicode based on Memory/File Scan (2.exe.bin)
RegEnumValueW
Ansi based on Memory/File Scan (2.exe.bin)
REGEXP=
Unicode based on Hybrid Analysis (2.exe.bin)
REGEXPCLASS
Unicode based on Memory/File Scan (2.exe.bin)
REGEXPTITLE
Unicode based on Memory/File Scan (2.exe.bin)
RegisterClassExW
Ansi based on Memory/File Scan (2.exe.bin)
RegisterHotKey
Ansi based on Memory/File Scan (2.exe.bin)
RegisterWindowMessageW
Ansi based on Memory/File Scan (2.exe.bin)
RegOpenKeyExW
Ansi based on Memory/File Scan (2.exe.bin)
RegQueryValueExW
Ansi based on Memory/File Scan (2.exe.bin)
REGREAD
Unicode based on Hybrid Analysis (2.exe.bin)
RegSetValueExW
Ansi based on Memory/File Scan (2.exe.bin)
regular expression is too large
Ansi based on Memory/File Scan (2.exe.bin)
REGWRITE
Unicode based on Hybrid Analysis (2.exe.bin)
Rejang
Ansi based on Memory/File Scan (2.exe.bin)
ReleaseCapture
Ansi based on Memory/File Scan (2.exe.bin)
ReleaseDC
Ansi based on Memory/File Scan (2.exe.bin)
Removable
Unicode based on Memory/File Scan (2.exe.bin)
removable
Unicode based on Memory/File Scan (2.exe.bin)
RemoveDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
RENTCOL
Unicode based on Memory/File Scan (2.exe.bin)
RENTLINE
Unicode based on Memory/File Scan (2.exe.bin)
RENTSELECTION
Unicode based on Memory/File Scan (2.exe.bin)
repeated subpattern is too long
Ansi based on Memory/File Scan (2.exe.bin)
repeating a DEFINE group is not allowed
Ansi based on Memory/File Scan (2.exe.bin)
RESIZING
Unicode based on Memory/File Scan (2.exe.bin)
ResumeThread
Ansi based on Memory/File Scan (2.exe.bin)
RETURN
Unicode based on Memory/File Scan (2.exe.bin)
Rh0LH
Ansi based on Memory/File Scan (2.exe.bin)
RIGHT
Unicode based on Hybrid Analysis (2.exe.bin)
RINGFORMAT
Unicode based on Memory/File Scan (2.exe.bin)
RINGUPPER
Unicode based on Memory/File Scan (2.exe.bin)
RIPTNAME
Unicode based on Memory/File Scan (2.exe.bin)
RIPWS
Unicode based on Memory/File Scan (2.exe.bin)
rllll
Ansi based on Memory/File Scan (2.exe.bin)
RMOVE
Unicode based on Memory/File Scan (2.exe.bin)
ROLMOVE
Unicode based on Memory/File Scan (2.exe.bin)
ROLSETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
ror allocating memory.
Unicode based on Memory/File Scan (2.exe.bin)
ROUND
Unicode based on Hybrid Analysis (2.exe.bin)
RoundRect
Ansi based on Memory/File Scan (2.exe.bin)
RRRRRRRROORORRROOORRRORROORRRRRORRRORROOPRRRRORROORRRRRRROROROOSRRRRRRORRRRRRRROORRORRRRR<
Ansi based on Memory/File Scan (2.exe.bin)
RSHIFT
Ansi based on Memory/File Scan (2.exe.bin)
RSION
Unicode based on Memory/File Scan (2.exe.bin)
RSSRRRRSSSRRSVRSRRRSSSSRVSSRRSRRSRSSSSSSUURSSRRRSSRSUSUSVSRSSRURSRRSSUSVURSSSSSRRVRSRRVVS=
Ansi based on Memory/File Scan (2.exe.bin)
RtlUnwind
Ansi based on Memory/File Scan (2.exe.bin)
Run Script:
Unicode based on Memory/File Scan (2.exe.bin)
runas
Unicode based on Hybrid Analysis (2.exe.bin)
RUNAS
Unicode based on Hybrid Analysis (2.exe.bin)
RUNASWAIT
Unicode based on Memory/File Scan (2.exe.bin)
Runic
Ansi based on Memory/File Scan (2.exe.bin)
runtime error
Ansi based on Memory/File Scan (2.exe.bin)
Runtime Error!Program:
Ansi based on Memory/File Scan (2.exe.bin)
RUNWAIT
Unicode based on Hybrid Analysis (2.exe.bin)
RVICEPACK
Unicode based on Memory/File Scan (2.exe.bin)
RWINDOWN
Ansi based on Memory/File Scan (2.exe.bin)
sAnimate32
Unicode based on Memory/File Scan (2.exe.bin)
Saturday
Ansi based on Memory/File Scan (2.exe.bin)
Saurashtra
Ansi based on Memory/File Scan (2.exe.bin)
SCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
ScreenToClient
Ansi based on Memory/File Scan (2.exe.bin)
Script &Paused
Unicode based on Memory/File Scan (2.exe.bin)
Script Paused
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPT<<<
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTDIR
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTFULLPATH
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTION
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTLINE
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTLINENUMBER
Unicode based on Memory/File Scan (2.exe.bin)
SCRIPTNAME
Unicode based on Memory/File Scan (2.exe.bin)
SCROLLLOCK
Ansi based on Memory/File Scan (2.exe.bin)
SeAssignPrimaryTokenPrivilege
Unicode based on Hybrid Analysis (2.exe.bin)
SECONDARY
Unicode based on Memory/File Scan (2.exe.bin)
SeDebugPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
SeIncreaseQuotaPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
SELECT
Unicode based on Hybrid Analysis (2.exe.bin)
SELECTALL
Unicode based on Memory/File Scan (2.exe.bin)
SELECTCLEAR
Unicode based on Memory/File Scan (2.exe.bin)
SELECTINVERT
Unicode based on Memory/File Scan (2.exe.bin)
SelectObject
Ansi based on Memory/File Scan (2.exe.bin)
SELECTSTRING
Unicode based on Memory/File Scan (2.exe.bin)
SendAttachMode
Unicode based on Memory/File Scan (2.exe.bin)
SendCapsLockMode
Unicode based on Memory/File Scan (2.exe.bin)
SendDlgItemMessageW
Ansi based on Memory/File Scan (2.exe.bin)
SENDKEEPACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
SendKeyDelay
Unicode based on Memory/File Scan (2.exe.bin)
SendKeyDownDelay
Unicode based on Memory/File Scan (2.exe.bin)
SendMessageTimeoutW
Ansi based on Memory/File Scan (2.exe.bin)
SendMessageW
Ansi based on Memory/File Scan (2.exe.bin)
September
Ansi based on Memory/File Scan (2.exe.bin)
server32
Unicode based on Memory/File Scan (2.exe.bin)
SeShutdownPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
SESOCKET
Unicode based on Memory/File Scan (2.exe.bin)
set cd door
Unicode based on Memory/File Scan (2.exe.bin)
SetActiveWindow
Ansi based on Memory/File Scan (2.exe.bin)
SetBkColor
Ansi based on Memory/File Scan (2.exe.bin)
SetBkMode
Ansi based on Memory/File Scan (2.exe.bin)
SetCapture
Ansi based on Memory/File Scan (2.exe.bin)
SetClipboardData
Ansi based on Memory/File Scan (2.exe.bin)
SetCurrentDirectoryW
Ansi based on Memory/File Scan (2.exe.bin)
SETCURRENTSELECTION
Unicode based on Memory/File Scan (2.exe.bin)
SetCursor
Ansi based on Memory/File Scan (2.exe.bin)
SetEndOfFile
Ansi based on Memory/File Scan (2.exe.bin)
SetEnvironmentVariableA
Ansi based on Memory/File Scan (2.exe.bin)
SetEnvironmentVariableW
Ansi based on Memory/File Scan (2.exe.bin)
SETERROR
Unicode based on Hybrid Analysis (2.exe.bin)
SetErrorMode
Ansi based on Memory/File Scan (2.exe.bin)
SetExitCode
Unicode based on Memory/File Scan (2.exe.bin)
SETEXTENDED
Unicode based on Memory/File Scan (2.exe.bin)
SetFileAttributesW
Ansi based on Memory/File Scan (2.exe.bin)
SetFilePointer
Ansi based on Memory/File Scan (2.exe.bin)
SetFileTime
Ansi based on Memory/File Scan (2.exe.bin)
SetFocus
Ansi based on Memory/File Scan (2.exe.bin)
SetForegroundWindow
Ansi based on Memory/File Scan (2.exe.bin)
SetHandleCount
Ansi based on Memory/File Scan (2.exe.bin)
SetKeyboardState
Ansi based on Memory/File Scan (2.exe.bin)
SetLastError
Ansi based on Memory/File Scan (2.exe.bin)
SetLayeredWindowAttributes
Ansi based on Memory/File Scan (2.exe.bin)
SetMenu
Ansi based on Memory/File Scan (2.exe.bin)
SetMenuDefaultItem
Ansi based on Memory/File Scan (2.exe.bin)
SetMenuItemInfoW
Ansi based on Memory/File Scan (2.exe.bin)
SetPixel
Ansi based on Memory/File Scan (2.exe.bin)
SetPriorityClass
Ansi based on Memory/File Scan (2.exe.bin)
SetProcessWindowStation
Ansi based on Memory/File Scan (2.exe.bin)
SetRect
Ansi based on Memory/File Scan (2.exe.bin)
SetSecurityDescriptorDacl
Ansi based on Memory/File Scan (2.exe.bin)
SetStdHandle
Ansi based on Memory/File Scan (2.exe.bin)
SetSystemPowerState
Ansi based on Memory/File Scan (2.exe.bin)
SetTextColor
Ansi based on Memory/File Scan (2.exe.bin)
SetTimer
Ansi based on Memory/File Scan (2.exe.bin)
SetUnhandledExceptionFilter
Ansi based on Memory/File Scan (2.exe.bin)
SetUserObjectSecurity
Ansi based on Memory/File Scan (2.exe.bin)
SetViewportOrgEx
Ansi based on Memory/File Scan (2.exe.bin)
SetVolumeLabelW
Ansi based on Memory/File Scan (2.exe.bin)
SetWindowLongW
Ansi based on Memory/File Scan (2.exe.bin)
SetWindowPos
Ansi based on Memory/File Scan (2.exe.bin)
SetWindowTextW
Ansi based on Memory/File Scan (2.exe.bin)
Shavian
Ansi based on Memory/File Scan (2.exe.bin)
SHBrowseForFolderW
Ansi based on Memory/File Scan (2.exe.bin)
SHELL32.dll
Ansi based on Memory/File Scan (2.exe.bin)
Shell_NotifyIconW
Ansi based on Memory/File Scan (2.exe.bin)
Shell_TrayWnd
Unicode based on Memory/File Scan (2.exe.bin)
SHELLDLL_DefView
Unicode based on Memory/File Scan (2.exe.bin)
SHELLEXECUTE
Unicode based on Memory/File Scan (2.exe.bin)
ShellExecuteExW
Ansi based on Memory/File Scan (2.exe.bin)
ShellExecuteW
Ansi based on Memory/File Scan (2.exe.bin)
SHELLEXECUTEWAIT
Unicode based on Memory/File Scan (2.exe.bin)
SHEmptyRecycleBinW
Ansi based on Memory/File Scan (2.exe.bin)
SHFileOperationW
Ansi based on Memory/File Scan (2.exe.bin)
SHGetDesktopFolder
Ansi based on Memory/File Scan (2.exe.bin)
SHGetMalloc
Ansi based on Memory/File Scan (2.exe.bin)
SHGetPathFromIDListW
Ansi based on Memory/File Scan (2.exe.bin)
SHIFTDOWN
Ansi based on Memory/File Scan (2.exe.bin)
SHIFTUP
Ansi based on Memory/File Scan (2.exe.bin)
short
Unicode based on Memory/File Scan (2.exe.bin)
SHORTCUT
Unicode based on Memory/File Scan (2.exe.bin)
SHOWDROPDOWN
Unicode based on Memory/File Scan (2.exe.bin)
ShowWindow
Ansi based on Memory/File Scan (2.exe.bin)
SHUTDOWN
Unicode based on Hybrid Analysis (2.exe.bin)
ShutdownPrivilege
Unicode based on Memory/File Scan (2.exe.bin)
SING error
Ansi based on Memory/File Scan (2.exe.bin)
Sinhala
Ansi based on Memory/File Scan (2.exe.bin)
SizeofResource
Ansi based on Memory/File Scan (2.exe.bin)
SLEEP
Unicode based on Hybrid Analysis (2.exe.bin)
Sleep
Ansi based on Memory/File Scan (2.exe.bin)
SLIST
Unicode based on Memory/File Scan (2.exe.bin)
smallicons
Unicode based on Memory/File Scan (2.exe.bin)
Software\AutoIt v3\AutoIt
Unicode based on Memory/File Scan (2.exe.bin)
SOFTWARE\Classes\
Unicode based on Memory/File Scan (2.exe.bin)
SOFTWARE\Microsoft\Windows\CurrentVersion
Unicode based on Memory/File Scan (2.exe.bin)
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Unicode based on Memory/File Scan (2.exe.bin)
SOUNDPLAY
Unicode based on Memory/File Scan (2.exe.bin)
SOUNDSETWAVEVOLUME
Unicode based on Memory/File Scan (2.exe.bin)
SPACE
Ansi based on Memory/File Scan (2.exe.bin)
space
Ansi based on Memory/File Scan (2.exe.bin)
spare error
Ansi based on Memory/File Scan (2.exe.bin)
SPLASHIMAGEON
Unicode based on Memory/File Scan (2.exe.bin)
SPLASHOFF
Unicode based on Memory/File Scan (2.exe.bin)
SPLASHTEXTON
Unicode based on Memory/File Scan (2.exe.bin)
SPLAY
Unicode based on Memory/File Scan (2.exe.bin)
SPLIT
Unicode based on Memory/File Scan (2.exe.bin)
SRANDOM
Unicode based on Hybrid Analysis (2.exe.bin)
SSSET
Unicode based on Memory/File Scan (2.exe.bin)
SSSSSSSSSSSSSSTTTTTTTTT:kK^l
Ansi based on Memory/File Scan (2.exe.bin)
SSVVVVSVVTSSTVTVTSTVVVVWTSTVVWTVVVVVVVVSVSSSSSVSWSSWWVVVVSSVVVVVSVVVSVVVVVWVSSVVVWSVVSSSS@
Ansi based on Memory/File Scan (2.exe.bin)
STALL
Unicode based on Memory/File Scan (2.exe.bin)
stallLanguage
Unicode based on Memory/File Scan (2.exe.bin)
Start Menu
Unicode based on Memory/File Scan (2.exe.bin)
STARTMENUCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
STARTMENUDIR
Unicode based on Memory/File Scan (2.exe.bin)
STARTUPCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
STARTUPDIR
Unicode based on Memory/File Scan (2.exe.bin)
static
Unicode based on Hybrid Analysis (2.exe.bin)
status PlayMe mode
Unicode based on Memory/File Scan (2.exe.bin)
STATUSBARGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
stbox
Unicode based on Memory/File Scan (2.exe.bin)
stdcall
Unicode based on Hybrid Analysis (2.exe.bin)
STDERRREAD
Unicode based on Memory/File Scan (2.exe.bin)
STDINWRITE
Unicode based on Memory/File Scan (2.exe.bin)
STDIOCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
STDOUTREAD
Unicode based on Memory/File Scan (2.exe.bin)
STRING
Unicode based on Hybrid Analysis (2.exe.bin)
String
Unicode based on Memory/File Scan (2.exe.bin)
String missing closing quote.
Unicode based on Memory/File Scan (2.exe.bin)
STRINGADDCR
Unicode based on Memory/File Scan (2.exe.bin)
STRINGCOMPARE
Unicode based on Memory/File Scan (2.exe.bin)
StringFileInfo
Unicode based on Memory/File Scan (2.exe.bin)
StringFileInfo\
Unicode based on Memory/File Scan (2.exe.bin)
STRINGFORMAT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGFROMASCIIARRAY
Unicode based on Memory/File Scan (2.exe.bin)
StringFromCLSID
Ansi based on Memory/File Scan (2.exe.bin)
StringFromIID
Ansi based on Memory/File Scan (2.exe.bin)
STRINGINSTR
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISALNUM
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISALPHA
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISASCII
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISDIGIT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISFLOAT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISINT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISLOWER
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISSPACE
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISUPPER
Unicode based on Memory/File Scan (2.exe.bin)
STRINGISXDIGIT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGLEFT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGLEN
Unicode based on Memory/File Scan (2.exe.bin)
STRINGLOWER
Unicode based on Memory/File Scan (2.exe.bin)
STRINGMID
Unicode based on Memory/File Scan (2.exe.bin)
STRINGREGEXP
Unicode based on Memory/File Scan (2.exe.bin)
STRINGREGEXPREPLACE
Unicode based on Memory/File Scan (2.exe.bin)
STRINGREPLACE
Unicode based on Memory/File Scan (2.exe.bin)
STRINGRIGHT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGSPLIT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGSTRIPCR
Unicode based on Memory/File Scan (2.exe.bin)
STRINGSTRIPWS
Unicode based on Memory/File Scan (2.exe.bin)
STRINGTOASCIIARRAY
Unicode based on Memory/File Scan (2.exe.bin)
STRINGTOBINARY
Unicode based on Memory/File Scan (2.exe.bin)
STRINGTRIMLEFT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGTRIMRIGHT
Unicode based on Memory/File Scan (2.exe.bin)
STRINGUPPER
Unicode based on Memory/File Scan (2.exe.bin)
StrokeAndFillPath
Ansi based on Memory/File Scan (2.exe.bin)
StrokePath
Ansi based on Memory/File Scan (2.exe.bin)
STYLE
Unicode based on Memory/File Scan (2.exe.bin)
subpattern name expected
Ansi based on Memory/File Scan (2.exe.bin)
subpattern name is too long (maximum 32 characters)
Ansi based on Memory/File Scan (2.exe.bin)
Sundanese
Ansi based on Memory/File Scan (2.exe.bin)
Sunday
Ansi based on Memory/File Scan (2.exe.bin)
SunMonTueWedThuFriSat
Ansi based on Memory/File Scan (2.exe.bin)
support for \P, \p, and \X has not been compiled
Ansi based on Memory/File Scan (2.exe.bin)
SW_DISABLE
Unicode based on Memory/File Scan (2.exe.bin)
SW_ENABLE
Unicode based on Memory/File Scan (2.exe.bin)
SW_MAXIMIZE
Unicode based on Memory/File Scan (2.exe.bin)
SW_MINIMIZE
Unicode based on Memory/File Scan (2.exe.bin)
SW_RESTORE
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWDEFAULT
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWMAXIMIZED
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWMINIMIZED
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWMINNOACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWNA
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWNOACTIVATE
Unicode based on Memory/File Scan (2.exe.bin)
SW_SHOWNORMAL
Unicode based on Memory/File Scan (2.exe.bin)
SW_UNLOCK
Unicode based on Memory/File Scan (2.exe.bin)
SwapMouseButtons
Unicode based on Memory/File Scan (2.exe.bin)
SWITCH
Unicode based on Memory/File Scan (2.exe.bin)
Syloti_Nagri
Ansi based on Memory/File Scan (2.exe.bin)
syntax error in subpattern name (missing terminator)
Ansi based on Memory/File Scan (2.exe.bin)
Syriac
Ansi based on Memory/File Scan (2.exe.bin)
SysAnimate32
Unicode based on Memory/File Scan (2.exe.bin)
SysDateTimePick32
Unicode based on Memory/File Scan (2.exe.bin)
SysListView32
Unicode based on Memory/File Scan (2.exe.bin)
SysMonthCal32
Unicode based on Memory/File Scan (2.exe.bin)
SysTabControl32
Unicode based on Memory/File Scan (2.exe.bin)
System32.exe
Unicode based on Memory/File Scan (2.exe.bin)
SYSTEM\CurrentControlSet\Control\Nls\Language
Unicode based on Memory/File Scan (2.exe.bin)
SYSTEMDIR
Unicode based on Memory/File Scan (2.exe.bin)
SystemParametersInfoW
Ansi based on Memory/File Scan (2.exe.bin)
SystemTimeToFileTime
Ansi based on Memory/File Scan (2.exe.bin)
SysTreeView32
Unicode based on Memory/File Scan (2.exe.bin)
t &Paused
Unicode based on Memory/File Scan (2.exe.bin)
t assignment in FOR..IN loop
Unicode based on Memory/File Scan (2.exe.bin)
T$8PQRUWV
Ansi based on Memory/File Scan (2.exe.bin)
T$<Rj
Ansi based on Memory/File Scan (2.exe.bin)
T$@QWPSRV
Ansi based on Memory/File Scan (2.exe.bin)
t)h8LH
Ansi based on Memory/File Scan (2.exe.bin)
t-h8LH
Ansi based on Memory/File Scan (2.exe.bin)
t=f99t8C;]
Ansi based on Memory/File Scan (2.exe.bin)
TABLEFT
Unicode based on Hybrid Analysis (2.exe.bin)
TABRIGHT
Unicode based on Hybrid Analysis (2.exe.bin)
Tagalog
Ansi based on Memory/File Scan (2.exe.bin)
Tagbanwa
Ansi based on Memory/File Scan (2.exe.bin)
Tai_Le
Ansi based on Memory/File Scan (2.exe.bin)
tails
Unicode based on Memory/File Scan (2.exe.bin)
Tamil
Ansi based on Memory/File Scan (2.exe.bin)
TARTGROUP
Unicode based on Memory/File Scan (2.exe.bin)
TaskbarCreated
Unicode based on Memory/File Scan (2.exe.bin)
TCODE
Unicode based on Memory/File Scan (2.exe.bin)
TCPACCEPT
Unicode based on Memory/File Scan (2.exe.bin)
TCPCLOSESOCKET
Unicode based on Memory/File Scan (2.exe.bin)
TCPCONNECT
Unicode based on Memory/File Scan (2.exe.bin)
TCPLISTEN
Unicode based on Memory/File Scan (2.exe.bin)
TCPNAMETOIP
Unicode based on Memory/File Scan (2.exe.bin)
TCPRECV
Unicode based on Hybrid Analysis (2.exe.bin)
TCPSEND
Unicode based on Hybrid Analysis (2.exe.bin)
TCPSHUTDOWN
Unicode based on Memory/File Scan (2.exe.bin)
TCPSTARTUP
Unicode based on Memory/File Scan (2.exe.bin)
TCPTimeout
Unicode based on Memory/File Scan (2.exe.bin)
te0'&")$f
Ansi based on Memory/File Scan (2.exe.bin)
Telugu
Ansi based on Memory/File Scan (2.exe.bin)
TEMCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
TENDED
Unicode based on Memory/File Scan (2.exe.bin)
TERLISTVIEWSORT
Unicode based on Memory/File Scan (2.exe.bin)
TerminateProcess
Ansi based on Memory/File Scan (2.exe.bin)
TerminateThread
Ansi based on Memory/File Scan (2.exe.bin)
TERMSG
Unicode based on Memory/File Scan (2.exe.bin)
TESCOMMONDIR
Unicode based on Memory/File Scan (2.exe.bin)
Thaana
Ansi based on Memory/File Scan (2.exe.bin)
THANDLE
Unicode based on Memory/File Scan (2.exe.bin)
This application has requested the Runtime to terminate it in an unusual way.Please contact the application's support team for more information.
Ansi based on Memory/File Scan (2.exe.bin)
This is a compiled AutoIt script. AV researchers please email avsupport@autoitscript.com for support.
Ansi based on Memory/File Scan (2.exe.bin)
this version of PCRE is not compiled with PCRE_UTF8 support
Ansi based on Memory/File Scan (2.exe.bin)
ThumbnailClass
Unicode based on Memory/File Scan (2.exe.bin)
Thursday
Ansi based on Memory/File Scan (2.exe.bin)
Tibetan
Ansi based on Memory/File Scan (2.exe.bin)
Tifinagh
Ansi based on Memory/File Scan (2.exe.bin)
timeGetTime
Ansi based on Memory/File Scan (2.exe.bin)
TIMERDIFF
Unicode based on Memory/File Scan (2.exe.bin)
TIMERINIT
Unicode based on Memory/File Scan (2.exe.bin)
TIONNAMES
Unicode based on Memory/File Scan (2.exe.bin)
TKEYSET
Unicode based on Memory/File Scan (2.exe.bin)
TLINE
Unicode based on Memory/File Scan (2.exe.bin)
TLOSS error
Ansi based on Memory/File Scan (2.exe.bin)
TlsAlloc
Ansi based on Memory/File Scan (2.exe.bin)
TlsFree
Ansi based on Memory/File Scan (2.exe.bin)
TlsGetValue
Ansi based on Memory/File Scan (2.exe.bin)
TlsSetValue
Ansi based on Memory/File Scan (2.exe.bin)
TOITWINSETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
too many named subpatterns (maximum 10000)
Ansi based on Memory/File Scan (2.exe.bin)
ToolBoxBitmap32
Unicode based on Memory/File Scan (2.exe.bin)
TOOLTIP
Unicode based on Hybrid Analysis (2.exe.bin)
tooltips_class32
Unicode based on Memory/File Scan (2.exe.bin)
TOTAL
Unicode based on Memory/File Scan (2.exe.bin)
TPROXY
Unicode based on Memory/File Scan (2.exe.bin)
tputDebug
Unicode based on Memory/File Scan (2.exe.bin)
TrackPopupMenuEx
Ansi based on Memory/File Scan (2.exe.bin)
TranslateAcceleratorW
Ansi based on Memory/File Scan (2.exe.bin)
TranslateMessage
Ansi based on Memory/File Scan (2.exe.bin)
Translation
Unicode based on Memory/File Scan (2.exe.bin)
TrayAutoPause
Unicode based on Memory/File Scan (2.exe.bin)
TRAYCREATEITEM
Unicode based on Memory/File Scan (2.exe.bin)
TRAYCREATEMENU
Unicode based on Memory/File Scan (2.exe.bin)
TRAYGETMSG
Unicode based on Memory/File Scan (2.exe.bin)
TrayIconDebug
Unicode based on Memory/File Scan (2.exe.bin)
TRAYICONFLASHING
Unicode based on Memory/File Scan (2.exe.bin)
TrayIconHide
Unicode based on Memory/File Scan (2.exe.bin)
TRAYICONVISIBLE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMDELETE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMSETONEVENT
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYITEMSETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
TrayMenuMode
Unicode based on Memory/File Scan (2.exe.bin)
TrayOnEventMode
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETCLICK
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETICON
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETONEVENT
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETPAUSEICON
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
TRAYSETTOOLTIP
Unicode based on Memory/File Scan (2.exe.bin)
TRAYTIP
Unicode based on Hybrid Analysis (2.exe.bin)
TREADY
Unicode based on Memory/File Scan (2.exe.bin)
tRHtCHt4Ht%HtFHHt
Ansi based on Memory/File Scan (2.exe.bin)
TRLCREATEAVI
Unicode based on Memory/File Scan (2.exe.bin)
TRLCREATECONTEXTMENU
Unicode based on Memory/File Scan (2.exe.bin)
TRLCREATEMENU
Unicode based on Memory/File Scan (2.exe.bin)
TRLCREATETABITEM
Unicode based on Memory/File Scan (2.exe.bin)
TRLHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
TSHORTCUT
Unicode based on Memory/File Scan (2.exe.bin)
TSIZE
Unicode based on Memory/File Scan (2.exe.bin)
TSTATE
Unicode based on Memory/File Scan (2.exe.bin)
TTOTALCOUNT
Unicode based on Memory/File Scan (2.exe.bin)
ttttttttj
Ansi based on Memory/File Scan (2.exe.bin)
Tuesday
Ansi based on Memory/File Scan (2.exe.bin)
TVERSION
Unicode based on Memory/File Scan (2.exe.bin)
TVIEW
Unicode based on Memory/File Scan (2.exe.bin)
two named subpatterns have the same name
Ansi based on Memory/File Scan (2.exe.bin)
twork
Unicode based on Memory/File Scan (2.exe.bin)
type cdaudio alias cd wait
Unicode based on Memory/File Scan (2.exe.bin)
Type Descriptor'
Ansi based on Memory/File Scan (2.exe.bin)
UARCH
Unicode based on Memory/File Scan (2.exe.bin)
UBOUND
Unicode based on Hybrid Analysis (2.exe.bin)
ubyte
Unicode based on Memory/File Scan (2.exe.bin)
UDPBIND
Unicode based on Hybrid Analysis (2.exe.bin)
UDPCLOSESOCKET
Unicode based on Memory/File Scan (2.exe.bin)
UDPOPEN
Unicode based on Hybrid Analysis (2.exe.bin)
UDPRECV
Unicode based on Hybrid Analysis (2.exe.bin)
UDPSEND
Unicode based on Hybrid Analysis (2.exe.bin)
UDPSHUTDOWN
Unicode based on Memory/File Scan (2.exe.bin)
UDPSTARTUP
Unicode based on Memory/File Scan (2.exe.bin)
udword
Unicode based on Memory/File Scan (2.exe.bin)
Ugaritic
Ansi based on Memory/File Scan (2.exe.bin)
UGINOPEN
Unicode based on Memory/File Scan (2.exe.bin)
uint64
Unicode based on Memory/File Scan (2.exe.bin)
uint_ptr
Unicode based on Memory/File Scan (2.exe.bin)
ulong
Unicode based on Memory/File Scan (2.exe.bin)
ulong_ptr
Unicode based on Memory/File Scan (2.exe.bin)
Unable to open the script file.!Badly formatted "Func" statement.
Unicode based on Memory/File Scan (2.exe.bin)
Unable to parse line.(Missing right bracket ')' in expression.
Unicode based on Memory/File Scan (2.exe.bin)
UNCHECK
Unicode based on Hybrid Analysis (2.exe.bin)
UnhandledExceptionFilter
Ansi based on Memory/File Scan (2.exe.bin)
UNICODE
Unicode based on Hybrid Analysis (2.exe.bin)
Unknown
Unicode based on Hybrid Analysis (2.exe.bin)
unknown
Unicode based on Hybrid Analysis (2.exe.bin)
UNKNOWN
Unicode based on Hybrid Analysis (2.exe.bin)
Unknown exception
Ansi based on Memory/File Scan (2.exe.bin)
Unknown function name.
Unicode based on Memory/File Scan (2.exe.bin)
Unknown macro.
Unicode based on Memory/File Scan (2.exe.bin)
unknown option bit(s) set
Ansi based on Memory/File Scan (2.exe.bin)
unknown POSIX class name
Ansi based on Memory/File Scan (2.exe.bin)
unknown property name after \P or \p
Ansi based on Memory/File Scan (2.exe.bin)
UnloadUserProfile
Ansi based on Memory/File Scan (2.exe.bin)
UnlockServiceDatabase
Ansi based on Memory/File Scan (2.exe.bin)
unmatched parentheses
Ansi based on Memory/File Scan (2.exe.bin)
unrecognized character after (? or (?-
Ansi based on Memory/File Scan (2.exe.bin)
unrecognized character after (?<
Ansi based on Memory/File Scan (2.exe.bin)
unrecognized character after (?P
Ansi based on Memory/File Scan (2.exe.bin)
unrecognized character follows \
Ansi based on Memory/File Scan (2.exe.bin)
UnregisterHotKey
Ansi based on Memory/File Scan (2.exe.bin)
Unterminated group of comments
Unicode based on Memory/File Scan (2.exe.bin)
Unterminated string
Unicode based on Memory/File Scan (2.exe.bin)
UNTIL
Unicode based on Memory/File Scan (2.exe.bin)
upper
Ansi based on Memory/File Scan (2.exe.bin)
URLDOWNLOADTOFILE
Unicode based on Memory/File Scan (2.exe.bin)
useClickDownDelay
Unicode based on Memory/File Scan (2.exe.bin)
USECLICKDRAG
Unicode based on Memory/File Scan (2.exe.bin)
useCoordMode
Unicode based on Memory/File Scan (2.exe.bin)
USELECTITEM
Unicode based on Memory/File Scan (2.exe.bin)
USER32.DLL
Ansi based on Memory/File Scan (2.exe.bin)
USER32.dll
Ansi based on Memory/File Scan (2.exe.bin)
USERDNSDOMAIN
Unicode based on Memory/File Scan (2.exe.bin)
USERDOMAIN
Unicode based on Memory/File Scan (2.exe.bin)
USERENV.dll
Ansi based on Memory/File Scan (2.exe.bin)
USERPROFILE
Unicode based on Memory/File Scan (2.exe.bin)
USERPROFILEDIR
Unicode based on Memory/File Scan (2.exe.bin)
ushort
Unicode based on Memory/File Scan (2.exe.bin)
UTF-16LE
Unicode based on Hybrid Analysis (2.exe.bin)
UTF-8
Unicode based on Hybrid Analysis (2.exe.bin)
uxtheme.dll
Ansi based on Memory/File Scan (2.exe.bin)
V211111111111111111111111111
Ansi based on Memory/File Scan (2.exe.bin)
vable
Unicode based on Memory/File Scan (2.exe.bin)
VarFileInfo
Unicode based on Memory/File Scan (2.exe.bin)
VARGETTYPE
Unicode based on Memory/File Scan (2.exe.bin)
Variable is not of type 'Object'.
Unicode based on Memory/File Scan (2.exe.bin)
Variable must be of type 'Object'.
Unicode based on Memory/File Scan (2.exe.bin)
VarStrings
Unicode based on Memory/File Scan (2.exe.bin)
vent Object.
Unicode based on Memory/File Scan (2.exe.bin)
VerQueryValueW
Ansi based on Memory/File Scan (2.exe.bin)
Version
Unicode based on Hybrid Analysis (2.exe.bin)
VERSION.dll
Ansi based on Memory/File Scan (2.exe.bin)
VIEWCHANGE
Unicode based on Memory/File Scan (2.exe.bin)
VirtualAlloc
Ansi based on Memory/File Scan (2.exe.bin)
VirtualAllocEx
Ansi based on Memory/File Scan (2.exe.bin)
VirtualFree
Ansi based on Memory/File Scan (2.exe.bin)
VirtualFreeEx
Ansi based on Memory/File Scan (2.exe.bin)
VISIBLE
Unicode based on Memory/File Scan (2.exe.bin)
VkKeyScanA
Ansi based on Memory/File Scan (2.exe.bin)
VOLUME_DOWN
Ansi based on Memory/File Scan (2.exe.bin)
VOLUME_MUTE
Ansi based on Memory/File Scan (2.exe.bin)
VOLUME_UP
Ansi based on Memory/File Scan (2.exe.bin)
VS_VERSION_INFO
Unicode based on Memory/File Scan (2.exe.bin)
vtwvtvvttstvwwvtwsvsswvtsvtsvtwstwvsssvvtsssssswvswsssswsttvsssswwsssvwstwvswvssswtvvsvvv(
Ansi based on Memory/File Scan (2.exe.bin)
VVVVVQRSSj
Ansi based on Memory/File Scan (2.exe.bin)
VWSPj
Ansi based on Memory/File Scan (2.exe.bin)
VW|[;(J
Ansi based on Memory/File Scan (2.exe.bin)
w!t*=
Ansi based on Memory/File Scan (2.exe.bin)
w%t.=
Ansi based on Memory/File Scan (2.exe.bin)
WaitForSingleObject
Ansi based on Memory/File Scan (2.exe.bin)
warning
Unicode based on Hybrid Analysis (2.exe.bin)
waveOutSetVolume
Ansi based on Memory/File Scan (2.exe.bin)
wchar
Unicode based on Memory/File Scan (2.exe.bin)
WDEFAULT
Unicode based on Memory/File Scan (2.exe.bin)
Wednesday
Ansi based on Memory/File Scan (2.exe.bin)
WideCharToMultiByte
Ansi based on Memory/File Scan (2.exe.bin)
WIN32_NT
Unicode based on Hybrid Analysis (2.exe.bin)
WIN_2000
Unicode based on Hybrid Analysis (2.exe.bin)
WIN_2003
Unicode based on Hybrid Analysis (2.exe.bin)
WIN_2008
Unicode based on Hybrid Analysis (2.exe.bin)
WIN_VISTA
Unicode based on Memory/File Scan (2.exe.bin)
WIN_XP
Unicode based on Hybrid Analysis (2.exe.bin)
WINACTIVATE
Unicode based on Memory/File Scan (2.exe.bin)
WINACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
winapi
Unicode based on Hybrid Analysis (2.exe.bin)
WINCLOSE
Unicode based on Hybrid Analysis (2.exe.bin)
WINDESCRIPTION
Unicode based on Memory/File Scan (2.exe.bin)
WinDetectHiddenText
Unicode based on Memory/File Scan (2.exe.bin)
WindowFromPoint
Ansi based on Memory/File Scan (2.exe.bin)
WINDOWSDIR
Unicode based on Memory/File Scan (2.exe.bin)
WINEXISTS
Unicode based on Memory/File Scan (2.exe.bin)
WINFLASH
Unicode based on Hybrid Analysis (2.exe.bin)
WINGETCARETPOS
Unicode based on Memory/File Scan (2.exe.bin)
WINGETCLASSLIST
Unicode based on Memory/File Scan (2.exe.bin)
WINGETCLIENTSIZE
Unicode based on Memory/File Scan (2.exe.bin)
WINGETHANDLE
Unicode based on Memory/File Scan (2.exe.bin)
WINGETPOS
Unicode based on Memory/File Scan (2.exe.bin)
WINGETPROCESS
Unicode based on Memory/File Scan (2.exe.bin)
WINGETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
WINGETTEXT
Unicode based on Memory/File Scan (2.exe.bin)
WINGETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
WININET.dll
Ansi based on Memory/File Scan (2.exe.bin)
WINKILL
Unicode based on Hybrid Analysis (2.exe.bin)
WINLIST
Unicode based on Hybrid Analysis (2.exe.bin)
WINMENUSELECTITEM
Unicode based on Memory/File Scan (2.exe.bin)
WINMINIMIZEALL
Unicode based on Memory/File Scan (2.exe.bin)
WINMINIMIZEALLUNDO
Unicode based on Memory/File Scan (2.exe.bin)
WINMM.dll
Ansi based on Memory/File Scan (2.exe.bin)
WINMOVE
Unicode based on Hybrid Analysis (2.exe.bin)
WinSearchChildren
Unicode based on Memory/File Scan (2.exe.bin)
WINSETONTOP
Unicode based on Memory/File Scan (2.exe.bin)
WINSETSTATE
Unicode based on Memory/File Scan (2.exe.bin)
WINSETTITLE
Unicode based on Memory/File Scan (2.exe.bin)
WINSETTRANS
Unicode based on Memory/File Scan (2.exe.bin)
winsta0
Unicode based on Hybrid Analysis (2.exe.bin)
winsta0\default
Unicode based on Memory/File Scan (2.exe.bin)
WinTextMatchMode
Unicode based on Memory/File Scan (2.exe.bin)
WinTitleMatchMode
Unicode based on Memory/File Scan (2.exe.bin)
WINWAIT
Unicode based on Hybrid Analysis (2.exe.bin)
WINWAITACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
WINWAITCLOSE
Unicode based on Memory/File Scan (2.exe.bin)
WinWaitDelay
Unicode based on Memory/File Scan (2.exe.bin)
WINWAITNOTACTIVE
Unicode based on Memory/File Scan (2.exe.bin)
WITEM
Unicode based on Memory/File Scan (2.exe.bin)
WNetAddConnection2W
Ansi based on Memory/File Scan (2.exe.bin)
WNetCancelConnection2W
Ansi based on Memory/File Scan (2.exe.bin)
WNetGetConnectionW
Ansi based on Memory/File Scan (2.exe.bin)
WNetUseConnectionW
Ansi based on Memory/File Scan (2.exe.bin)
WORKINGDIR
Unicode based on Memory/File Scan (2.exe.bin)
wparam
Unicode based on Memory/File Scan (2.exe.bin)
WriteConsoleA
Ansi based on Memory/File Scan (2.exe.bin)
WriteConsoleW
Ansi based on Memory/File Scan (2.exe.bin)
WriteFile
Ansi based on Memory/File Scan (2.exe.bin)
WritePrivateProfileSectionW
Ansi based on Memory/File Scan (2.exe.bin)
WritePrivateProfileStringW
Ansi based on Memory/File Scan (2.exe.bin)
WriteProcessMemory
Ansi based on Memory/File Scan (2.exe.bin)
WSOCK32.dll
Ansi based on Memory/File Scan (2.exe.bin)
wsprintfW
Ansi based on Memory/File Scan (2.exe.bin)
wstring
Unicode based on Memory/File Scan (2.exe.bin)
WVZWWWVWWZZWWWVWWWWWWVWWWYZWWWWWVWVWWVWWVZZZWWWWWWWZWZWWWVWWVZWWWWWWYYWVWWVWWWWZZZWWYVWWV@
Ansi based on Memory/File Scan (2.exe.bin)
wwwwwwwwwwwwxwwwxwwwwwwwwwwtwwwwwwxwwwwwuwwwwwwxtwwwwwwwwwwwwwwwwwwxwxwwwwwwwwwwwwwxwwwww)
Ansi based on Memory/File Scan (2.exe.bin)
X#O-x%4]"
Ansi based on Memory/File Scan (2.exe.bin)
xBitmap32
Unicode based on Memory/File Scan (2.exe.bin)
xdigit
Ansi based on Memory/File Scan (2.exe.bin)
XELCHECKSUM
Unicode based on Memory/File Scan (2.exe.bin)
XELSEARCH
Unicode based on Memory/File Scan (2.exe.bin)
XISTS
Unicode based on Memory/File Scan (2.exe.bin)
XITCODE
Unicode based on Memory/File Scan (2.exe.bin)
XPREPLACE
Unicode based on Memory/File Scan (2.exe.bin)
XPTITLE
Unicode based on Memory/File Scan (2.exe.bin)
XTFILE
Unicode based on Memory/File Scan (2.exe.bin)
XwwwwwwwwwwwwwwSSSTTpNJBllll
Ansi based on Memory/File Scan (2.exe.bin)
xyyzzzwyzyzzzzwzwwxzzyxzzzyyzzxxzzwxxxyxxxzzzzxyyyywzzzxyyxzzxzxzxyywyzzzwxxzxzyyxzzxwzzz*
Ansi based on Memory/File Scan (2.exe.bin)
xyyzzzwyzyzzzzwzwwxzzyxzzzyyzzxxzzwxxzz|zz|{zzz{|zzz{z{zzzzzzz|z{z{z{{z{zzzzzz{{{zzz{z{{{+
Ansi based on Memory/File Scan (2.exe.bin)
yMode
Unicode based on Memory/File Scan (2.exe.bin)
YWORD
Unicode based on Memory/File Scan (2.exe.bin)
yyyy3Wq
Ansi based on Memory/File Scan (2.exe.bin)
Z[Z[WWZZWWZZZXXZZZZWZXZZ[X[[[ZZWZZZZZWZZXWWZXZWZWZZZZZZZZZ[ZW[ZZ[ZZ[ZWWZ[[ZZWZZZZ[[WZZZZZA
Ansi based on Memory/File Scan (2.exe.bin)
zz{{zz|{zzzzzz|}zzzzzzzzzz{z{|zz{zzz|{}}}}{}}}}{}{}}}}{}}}}{}}}}}}}{}}{}{}}{{}}zz}}}{}}}},
Ansi based on Memory/File Scan (2.exe.bin)
{{{{{{{{{{{{{{0
Ansi based on Memory/File Scan (2.exe.bin)
|$,+t$ +|$$
Ansi based on Memory/File Scan (2.exe.bin)
|%##########################
Ansi based on Memory/File Scan (2.exe.bin)
}}}{{{}}}{{}{{{}}{}}{{}}}{}}}{z}{}}{}{}}}}{}}}}{}{}}}}{}}}}{}}}}}}}{}}{}{}}{{}}zz}}}{}}}},
Ansi based on Memory/File Scan (2.exe.bin)
}}}~}~}~~~~~}~~~~
Ansi based on Memory/File Scan (2.exe.bin)
}~}}~}}~~}~~~~~~~~
Ansi based on Memory/File Scan (2.exe.bin)
~-C+GX:]
Ansi based on Memory/File Scan (2.exe.bin)
"%WINDIR%\system32\WININET.dll",DispatchAPICall 1
Ansi based on Process Commandline (rundll3<Input Sample>)
%USERPROFILE%\Desktop\system3_.exe
Unicode based on Runtime Data (2.exe )
%WINDIR%\system32\apphelp.dll
Unicode based on Runtime Data (2.exe )
%windir%\tracing
Unicode based on Runtime Data (2.exe )
00000409
Unicode based on Runtime Data (2.exe )
102652EC
Unicode based on Runtime Data (2.exe )
2.exe
Unicode based on Runtime Data (2.exe )
<.pbk
Unicode based on Runtime Data (2.exe )
[Autorun]Open=system3_.exe
Ansi based on Runtime Data (2.exe )
[ZoneTransfer]ZoneId=1
Ansi based on Runtime Data (2.exe )
\Sessions\1\Windows\ApiPort
Unicode based on Runtime Data (2.exe )
\ThemeApiPort
Unicode based on Runtime Data (2.exe )
`\??\Volume{8177f4e4-b53f-11e4-a9c2-806e6f6e6963}
Unicode based on Runtime Data (2.exe )
`\??\Volume{8177f4e5-b53f-11e4-a9c2-806e6f6e6963}
Unicode based on Runtime Data (2.exe )
AddressFamily
Unicode based on Runtime Data (2.exe )
AlwaysDrainOnRedirect
Unicode based on Runtime Data (2.exe )
AtTaskMaxHours
Unicode based on Runtime Data (2.exe )
Attributes
Unicode based on Runtime Data (2.exe )
AuthenticodeEnabled
Unicode based on Runtime Data (2.exe )
AutoConfigCustomUA
Unicode based on Runtime Data (2.exe )
AutoConfigURL
Unicode based on Runtime Data (2.exe )
AutoDetect
Unicode based on Runtime Data (2.exe )
AutodialDLL
Unicode based on Runtime Data (2.exe )
AutoProxyDetectType
Unicode based on Runtime Data (2.exe )
autorun.ini
Unicode based on Runtime Data (2.exe )
BadProxyExpiresTime
Unicode based on Runtime Data (2.exe )
BTrDGTriGTr
Ansi based on Memory/File Scan (2.exe , 00007995-00002916.00000001.11491.0047D000.00000004.mdmp)
BypassHTTPNoCacheCheck
Unicode based on Runtime Data (2.exe )
BypassSSLNoCacheCheck
Unicode based on Runtime Data (2.exe )
C:\2.exe
Unicode based on Hybrid Analysis (2.exe , 00007995-00002916.00000001.11491.00401000.00000020.mdmp)
Cache
Unicode based on Runtime Data (2.exe )
CacheLimit
Unicode based on Runtime Data (2.exe )
CacheMode
Unicode based on Runtime Data (2.exe )
CacheOptions
Unicode based on Runtime Data (2.exe )
CachePath
Unicode based on Runtime Data (2.exe )
CachePrefix
Unicode based on Runtime Data (2.exe )
CacheRepair
Unicode based on Runtime Data (2.exe )
CallForAttributes
Unicode based on Runtime Data (2.exe )
Category
Unicode based on Runtime Data (2.exe )
CEIPEnable
Unicode based on Runtime Data (2.exe )
CertCacheNoValidate
Unicode based on Runtime Data (2.exe )
CertificateRevocation
Unicode based on Runtime Data (2.exe )
Class
Unicode based on Runtime Data (2.exe )
ClientAuthBuiltInUI
Unicode based on Runtime Data (2.exe )
Com+Enabled
Unicode based on Runtime Data (2.exe )
ComputerName
Unicode based on Runtime Data (2.exe )
ConnectRetries
Unicode based on Runtime Data (2.exe )
ConnectTimeOut
Unicode based on Runtime Data (2.exe )
ConsoleTracingMask
Unicode based on Runtime Data (2.exe )
Cookies
Unicode based on Runtime Data (2.exe )
CopyFileBufferedSynchronousIo
Unicode based on Runtime Data (2.exe )
CopyFileChunkSize
Unicode based on Runtime Data (2.exe )
CopyFileOverlappedCount
Unicode based on Runtime Data (2.exe )
CreateUriCacheSize
Unicode based on Runtime Data (2.exe )
CWDIllegalInDLLSearch
Unicode based on Runtime Data (2.exe )
debug.txt
Unicode based on Runtime Data (2.exe )
DebugHeapFlags
Unicode based on Runtime Data (2.exe )
Default_Page_URL
Unicode based on Runtime Data (2.exe )
Default_Search_URL
Unicode based on Runtime Data (2.exe )
DefaultAccessPermission
Unicode based on Runtime Data (2.exe )
DefaultConnectionSettings
Unicode based on Runtime Data (2.exe )
Description
Unicode based on Runtime Data (2.exe )
DevicePath
Unicode based on Runtime Data (2.exe )
DhcpDomain
Unicode based on Runtime Data (2.exe )
DhcpNameServer
Unicode based on Runtime Data (2.exe )
Dhcpv6Domain
Unicode based on Runtime Data (2.exe )
DialupUseLanSettings
Unicode based on Runtime Data (2.exe )
Disable
Unicode based on Runtime Data (2.exe )
DisableBasicOverClearChannel
Unicode based on Runtime Data (2.exe )
DisableBranchCache
Unicode based on Runtime Data (2.exe )
DisableCachingOfSSLPages
Unicode based on Runtime Data (2.exe )
DisableEngine
Unicode based on Runtime Data (2.exe )
DisableImprovedZoneCheck
Unicode based on Runtime Data (2.exe )
DisableKeepAlive
Unicode based on Runtime Data (2.exe )
DisableLocalOverride
Unicode based on Runtime Data (2.exe )
DisableMetaFiles
Unicode based on Runtime Data (2.exe )
DisableNTLMPreAuth
Unicode based on Runtime Data (2.exe )
DisablePassport
Unicode based on Runtime Data (2.exe )
DisableReadRange
Unicode based on Runtime Data (2.exe )
DisableRegistryTools
Unicode based on Runtime Data (2.exe )
DisableSecuritySettingsCheck
Unicode based on Runtime Data (2.exe )
DisableTaskMgr
Unicode based on Runtime Data (2.exe )
DisableUserModeCallbackFilter
Unicode based on Runtime Data (2.exe )
DisableWorkerThreadHibernation
Unicode based on Runtime Data (2.exe )
DisplayScriptDownloadFailureUI
Unicode based on Runtime Data (2.exe )
DisplayString
Unicode based on Runtime Data (2.exe )
DllFile
Unicode based on Runtime Data (2.exe )
DnsCacheEnabled
Unicode based on Runtime Data (2.exe )
DnsCacheEntries
Unicode based on Runtime Data (2.exe )
DnsCacheTimeout
Unicode based on Runtime Data (2.exe )
Domain
Unicode based on Runtime Data (2.exe )
DontUseDNSLoadBalancing
Unicode based on Runtime Data (2.exe )
DriveMask
Unicode based on Runtime Data (2.exe )
en-US
Unicode based on Runtime Data (2.exe )
EnableAutodial
Unicode based on Runtime Data (2.exe )
EnableAutoProxyResultCache
Unicode based on Runtime Data (2.exe )
EnableConsoleTracing
Unicode based on Runtime Data (2.exe )
Enabled
Unicode based on Runtime Data (2.exe )
EnableDhcp
Unicode based on Runtime Data (2.exe )
EnableFileTracing
Unicode based on Runtime Data (2.exe )
EnableHttp1_1
Unicode based on Runtime Data (2.exe )
EnableHttpTrace
Unicode based on Runtime Data (2.exe )
EnableNegotiate
Unicode based on Runtime Data (2.exe )
EnablePunycode
Unicode based on Runtime Data (2.exe )
exception
Ansi based on Memory/File Scan (2.exe , 00007995-00002916.00000001.11491.0047D000.00000004.mdmp)
Explorer.exe system3_.exe
Unicode based on Runtime Data (2.exe )
Export
Unicode based on Runtime Data (2.exe )
Feature_ClientAuthCertFilter
Unicode based on Runtime Data (2.exe )
FileDirectory
Unicode based on Runtime Data (2.exe )
FileExtensions
Unicode based on Runtime Data (2.exe )
FileTracingMask
Unicode based on Runtime Data (2.exe )
FipsAlgorithmPolicy
Unicode based on Runtime Data (2.exe )
Flags
Unicode based on Runtime Data (2.exe )
FolderTypeID
Unicode based on Runtime Data (2.exe )
FromCacheTimeout
Unicode based on Runtime Data (2.exe )
FtpDefaultExpiryTimeSecs
Unicode based on Runtime Data (2.exe )
Generation
Unicode based on Runtime Data (2.exe )
GlobalSession
Unicode based on Runtime Data (2.exe )
GlobalUserOffline
Unicode based on Runtime Data (2.exe )
god.txt
Unicode based on Runtime Data (2.exe )
HasNavigationEnum
Unicode based on Runtime Data (2.exe )
HeaderExclusionListForCache
Unicode based on Runtime Data (2.exe )
HelperDllName
Unicode based on Runtime Data (2.exe )
HideFolderVerbs
Unicode based on Runtime Data (2.exe )
HideInWebView
Unicode based on Runtime Data (2.exe )
HideOnDesktopPerUser
Unicode based on Runtime Data (2.exe )
History
Unicode based on Runtime Data (2.exe )
Hostname
Unicode based on Runtime Data (2.exe )
http://www.mydreamworld.50webs.com
Unicode based on Runtime Data (2.exe )
HttpDefaultExpiryTimeSecs
Unicode based on Runtime Data (2.exe )
IdnEnabled
Unicode based on Runtime Data (2.exe )
IETldDllVersionHigh
Unicode based on Runtime Data (2.exe )
IETldDllVersionLow
Unicode based on Runtime Data (2.exe )
IETldVersionHigh
Unicode based on Runtime Data (2.exe )
IETldVersionLow
Unicode based on Runtime Data (2.exe )
Image Path
Unicode based on Runtime Data (2.exe )
InfoTip
Unicode based on Runtime Data (2.exe )
InitFolderHandler
Unicode based on Runtime Data (2.exe )
InprocServer32
Unicode based on Runtime Data (2.exe )
install.txt
Unicode based on Runtime Data (2.exe )
IntranetName
Unicode based on Runtime Data (2.exe )
KeepAliveTimeout
Unicode based on Runtime Data (2.exe )
LdapClientIntegrity
Unicode based on Runtime Data (2.exe )
LeashLegacyCookies
Unicode based on Runtime Data (2.exe )
LibraryPath
Unicode based on Runtime Data (2.exe )
LoadAppInit_DLLs
Unicode based on Runtime Data (2.exe )
Local AppData
Unicode based on Runtime Data (2.exe )
LocalizedName
Unicode based on Runtime Data (2.exe )
LocalRedirectOnly
Unicode based on Runtime Data (2.exe )
MachineGuid
Unicode based on Runtime Data (2.exe )
MachinePreferredUILanguages
Unicode based on Runtime Data (2.exe )
MachineThrottling
Unicode based on Runtime Data (2.exe )
MapNetDriveVerbs
Unicode based on Runtime Data (2.exe )
Mapping
Unicode based on Runtime Data (2.exe )
MartaExtension
Unicode based on Runtime Data (2.exe )
MaxConnectionsPer1_0Server
Unicode based on Runtime Data (2.exe )
MaxConnectionsPerProxy
Unicode based on Runtime Data (2.exe )
MaxConnectionsPerServer
Unicode based on Runtime Data (2.exe )
MaxFileSize
Unicode based on Runtime Data (2.exe )
MaxHttpRedirects
Unicode based on Runtime Data (2.exe )
MaximumAllowedAllocationSize
Unicode based on Runtime Data (2.exe )
MaxRpcSize
Unicode based on Runtime Data (2.exe )
MaxSockaddrLength
Unicode based on Runtime Data (2.exe )
MaxSxSHashCount
Unicode based on Runtime Data (2.exe )
MBCSAPIforCrack
Unicode based on Runtime Data (2.exe )
MBCSServername
Unicode based on Runtime Data (2.exe )
MigrateProxy
Unicode based on Runtime Data (2.exe )
MimeExclusionListForCache
Unicode based on Runtime Data (2.exe )
MinSockaddrLength
Unicode based on Runtime Data (2.exe )
NameServer
Unicode based on Runtime Data (2.exe )
NameSpace_Callout
Unicode based on Runtime Data (2.exe )
NdrOleExtDLL
Unicode based on Runtime Data (2.exe )
Next_Catalog_Entry_ID
Unicode based on Runtime Data (2.exe )
NoCheckAutodialOverRide
Unicode based on Runtime Data (2.exe )
NoFileFolderJunction
Unicode based on Runtime Data (2.exe )
NofolderOptions
Unicode based on Runtime Data (2.exe )
NoNetAutodial
Unicode based on Runtime Data (2.exe )
Num_Catalog_Entries
Unicode based on Runtime Data (2.exe )
OOBEInProgress
Unicode based on Runtime Data (2.exe )
Pacific Daylight Time
Unicode based on Hybrid Analysis (2.exe , 00007995-00002916.00000001.11491.00401000.00000020.mdmp)
Pacific Standard Time
Unicode based on Hybrid Analysis (2.exe , 00007995-00002916.00000001.11491.00401000.00000020.mdmp)
PackedCatalogItem
Unicode based on Runtime Data (2.exe )
PageAllocatorSystemHeapIsPrivate
Unicode based on Runtime Data (2.exe )
PageAllocatorUseSystemHeap
Unicode based on Runtime Data (2.exe )
ParentFolder
Unicode based on Runtime Data (2.exe )
ParsingName
Unicode based on Runtime Data (2.exe )
PerUserCookies
Unicode based on Runtime Data (2.exe )
PerUserItem
Unicode based on Runtime Data (2.exe )
PinToNameSpaceTree
Unicode based on Runtime Data (2.exe )
PjxPPh
Ansi based on Memory/File Scan (2.exe , 00007995-00002916.00000001.11491.00401000.00000020.mdmp)
PreCreate
Unicode based on Runtime Data (2.exe )
PreferExternalManifest
Unicode based on Runtime Data (2.exe )
PreferredUILanguages
Unicode based on Runtime Data (2.exe )
PrivateKeyLifetimeSeconds
Unicode based on Runtime Data (2.exe )
PrivKeyCacheMaxItems
Unicode based on Runtime Data (2.exe )
PrivKeyCachePurgeIntervalSeconds
Unicode based on Runtime Data (2.exe )
ProfileImagePath
Unicode based on Runtime Data (2.exe )
ProgramData
Unicode based on Runtime Data (2.exe )
ProviderId
Unicode based on Runtime Data (2.exe )
ProviderInfo
Unicode based on Runtime Data (2.exe )
ProxyBypass
Unicode based on Runtime Data (2.exe )
ProxyEnable
Unicode based on Runtime Data (2.exe )
ProxyHttp1.1
Unicode based on Runtime Data (2.exe )
ProxyOverride
Unicode based on Runtime Data (2.exe )
ProxyServer
Unicode based on Runtime Data (2.exe )
ProxySettingsPerUser
Unicode based on Runtime Data (2.exe )
PublishExpandedPath
Unicode based on Runtime Data (2.exe )
QueryForInfoTip
Unicode based on Runtime Data (2.exe )
QueryForOverlay
Unicode based on Runtime Data (2.exe )
RaiseDefaultAuthnLevel
Unicode based on Runtime Data (2.exe )
rasphone.pbk
Unicode based on Runtime Data (2.exe )
ReceiveTimeOut
Unicode based on Runtime Data (2.exe )
RegisterAdapterName
Unicode based on Runtime Data (2.exe )
RegistrationEnabled
Unicode based on Runtime Data (2.exe )
RelativePath
Unicode based on Runtime Data (2.exe )
RemoteRpcDll
Unicode based on Runtime Data (2.exe )
RestrictedAttributes
Unicode based on Runtime Data (2.exe )
Roamable
Unicode based on Runtime Data (2.exe )
SafeDllSearchMode
Unicode based on Runtime Data (2.exe )
SafeProcessSearchMode
Unicode based on Runtime Data (2.exe )
SavedLegacySettings
Unicode based on Runtime Data (2.exe )
ScavengeCacheFileLifeTime
Unicode based on Runtime Data (2.exe )
ScavengeCacheFileLimit
Unicode based on Runtime Data (2.exe )
ScavengeCacheLowerBound
Unicode based on Runtime Data (2.exe )
Search Page
Unicode based on Runtime Data (2.exe )
SearchList
Unicode based on Runtime Data (2.exe )
SecureProtocols
Unicode based on Runtime Data (2.exe )
Security
Unicode based on Runtime Data (2.exe )
Security_HKLM_only
Unicode based on Runtime Data (2.exe )
SendExtraCRLF
Unicode based on Runtime Data (2.exe )
SendTimeOut
Unicode based on Runtime Data (2.exe )
Serial_Access_Num
Unicode based on Runtime Data (2.exe )
ServerInfoTimeout
Unicode based on Runtime Data (2.exe )
SessionStartTimeDefaultDeltaSecs
Unicode based on Runtime Data (2.exe )
setting.ini
Unicode based on Runtime Data (2.exe )
ShareCredsWithWinHttp
Unicode based on Runtime Data (2.exe )
Shell
Unicode based on Runtime Data (2.exe )
Shell=Open
Ansi based on Runtime Data (2.exe )
Shell\Open\command=system3_.exe
Ansi based on Runtime Data (2.exe )
Shellexecute=system3_.exe
Ansi based on Runtime Data (2.exe )
Signature
Unicode based on Runtime Data (2.exe )
SocketReceiveBufferLength
Unicode based on Runtime Data (2.exe )
SocketSendBufferLength
Unicode based on Runtime Data (2.exe )
SourcePath
Unicode based on Runtime Data (2.exe )
SQMServiceList
Unicode based on Runtime Data (2.exe )
StaleIETldCache
Unicode based on Runtime Data (2.exe )
Start Page
Unicode based on Runtime Data (2.exe )
StoresServiceClassInfo
Unicode based on Runtime Data (2.exe )
Stream
Unicode based on Runtime Data (2.exe )
StreamResource
Unicode based on Runtime Data (2.exe )
StreamResourceType
Unicode based on Runtime Data (2.exe )
SupportedNameSpace
Unicode based on Runtime Data (2.exe )
SyncMode5
Unicode based on Runtime Data (2.exe )
SYSTEM
Unicode based on Runtime Data (2.exe )
system3_.exe
Unicode based on Runtime Data (2.exe )
SystemSetupInProgress
Unicode based on Runtime Data (2.exe )
TcpAutotuning
Unicode based on Runtime Data (2.exe )
ThemeApiConnectionRequest
Unicode based on Runtime Data (2.exe )
This a
Ansi based on Memory/File Scan (2.exe , 00007995-00002916.00000001.11491.0047D000.00000004.mdmp)
ThreadingModel
Unicode based on Runtime Data (2.exe )
TLDUpdates
Unicode based on Runtime Data (2.exe )
TransparentEnabled
Unicode based on Runtime Data (2.exe )
Transports
Unicode based on Runtime Data (2.exe )
UNCAsIntranet
Unicode based on Runtime Data (2.exe )
UseDelayedAcceptance
Unicode based on Runtime Data (2.exe )
UseDropHandler
Unicode based on Runtime Data (2.exe )
UseHostnameAsAlias
Unicode based on Runtime Data (2.exe )
UseOldHostResolutionOrder
Unicode based on Runtime Data (2.exe )
UTF8ServerNameRes
Unicode based on Runtime Data (2.exe )
WantsAliasedNotifications
Unicode based on Runtime Data (2.exe )
WantsFORDISPLAY
Unicode based on Runtime Data (2.exe )
WantsFORPARSING
Unicode based on Runtime Data (2.exe )
WantsParseDisplayName
Unicode based on Runtime Data (2.exe )
WantsUniversalDelegate
Unicode based on Runtime Data (2.exe )
WarnAlwaysOnPost
Unicode based on Runtime Data (2.exe )
WarnOnBadCertRecving
Unicode based on Runtime Data (2.exe )
WarnOnHTTPSToHTTPRedirect
Unicode based on Runtime Data (2.exe )
WarnOnPost
Unicode based on Runtime Data (2.exe )
WarnOnPostRedirect
Unicode based on Runtime Data (2.exe )
WarnOnZoneCrossing
Unicode based on Runtime Data (2.exe )
WinSock 2.0 Provider ID
Unicode based on Runtime Data (2.exe )
WinSock_Registry_Version
Unicode based on Runtime Data (2.exe )
WpadDecision
Unicode based on Runtime Data (2.exe )
WpadDecisionReason
Unicode based on Runtime Data (2.exe )
WpadDecisionTime
Unicode based on Runtime Data (2.exe )
WpadExpirationDays
Unicode based on Runtime Data (2.exe )
WpadLastNetwork
Unicode based on Runtime Data (2.exe )
WpadNetworkName
Unicode based on Runtime Data (2.exe )
WpadOverride
Unicode based on Runtime Data (2.exe )
WpadSearchAllDomains
Unicode based on Runtime Data (2.exe )
Ws2_32NumHandleBuckets
Unicode based on Runtime Data (2.exe )
Ws2_32SpinCount
Unicode based on Runtime Data (2.exe )
Yahoo Messengger
Unicode based on Runtime Data (2.exe )
{09477111-DE61-43CD-A5AA-D9F7B489301F}
Unicode based on Runtime Data (2.exe )
{20D04FE0-3AEA-1069-A2D8-08002B30309D}
Unicode based on Runtime Data (2.exe )
�����
Ansi based on Runtime Data (2.exe )
������
Ansi based on Runtime Data (2.exe )
�������
Ansi based on Runtime Data (2.exe )
��������
Ansi based on Runtime Data (2.exe )
���������
Ansi based on Runtime Data (2.exe )
����������
Ansi based on Runtime Data (2.exe )
�����������
Ansi based on Runtime Data (2.exe )
������������
Ansi based on Runtime Data (2.exe )
�������������
Ansi based on Runtime Data (2.exe )
��������������
Ansi based on Runtime Data (2.exe )
����������������
Ansi based on Runtime Data (2.exe )
�������������������
Ansi based on Runtime Data (2.exe )
��������������������
Ansi based on Runtime Data (2.exe )
�������������������������
Ansi based on Runtime Data (2.exe )
��������������������������
Ansi based on Runtime Data (2.exe )
����������������������������
Ansi based on Runtime Data (2.exe )
������������������������������
Ansi based on Runtime Data (2.exe )
�����������������������������������������������������������?����������������������������������
Ansi based on Runtime Data (2.exe )
�����������������������������������������������������������?�������������������������������������
Ansi based on Runtime Data (2.exe )
�����������������������������������������������������������?��������������������������������������
Ansi based on Runtime Data (2.exe )
�������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
��������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
��������������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
���������������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
��������������������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
���������������������������������������������������������������������������������������
Ansi based on Runtime Data (2.exe )
'ie8')$IE=8;else if(Sp.className==='ie9')$IE=9;function aAq($callback){aAt++;aAu=RC.innerWidth||DY.documentElement.clientWidth||Sp.clientWidth;aAs=RC.innerHeight||DY.documentElement.clientHeight||Sp.clientHeight;if(aAu>0||aAt>=5){$callback();}else{setTimeout(aAq,100);}}var $num_requirements=2;function $requirementMet(){$num_requirements--;if($num_requirements===0)aAv();}aAq($requirementMet);g_pc.$onReady($requirementMet);function aAv(){var ef=undefined,IQ=encodeURIComponent,aAo;if(aAw!=azu&&g_pd.r_s===ef)aAw.href=azu.href;aAo=DY.createElement('script');aAo.type='text/javascript';aAo.src='/glp'+'?r='+(g_pd.r!==ef?g_pd.r:(DY.referrer?IQ(DY.referrer.substr(0,255)):''))+(g_pd.r_u?'&u='+g_pd.r_u:'&u='+IQ(azu.href.split('?')[0]))+(g_pd.gc?'&gc='+g_pd.gc:'')+(g_pd.cid?'&cid='+g_pd.cid:'')+(g_pd.query?'&sq='+g_pd.query:'')+(g_pd.search?'&ss=1':'')+(g_pd.a!==ef?'&a':'')+(g_pd.z!==ef?'&z':'')+(g_pd.z_ds!==ef?'&z_ds':'')+(g_pd.r_s!==ef?'&r_s='+g_pd.r_s:'')+(g_pd.r_d!==ef?'&r_d='+g_pd.r_d:'')+'&rw='+aAj.width+'&rh='+aAj.height+(g_pd.r_ww!==ef?'&ww='+g_pd.r_ww:'&ww='+aAu)+(g_pd.r_wh!==ef?'&wh='+g_pd.r_wh:'&wh='+aAs)+(g_pc.$isWhitelisted()?'&abp=1':'')+($IE!==null?'&ie='+$IE:'')+(g_pd.partner!==ef?'&partner='+g_pd.partner:'')+(g_pd.subid1!==ef?'&subid1='+g_pd.subid1:'')+(g_pd.subid2!==ef?'&subid2='+g_pd.subid2:'')+(g_pd.subid3!==ef?'&subid3='+g_pd.subid3:'');Sp.appendChild(aAo);}})();</script></body></html>
Ansi based on PCAP Processing (network.pcap)
GET /asdb000/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb002/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb004/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb006/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb008/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb010/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb012/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb014/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb016/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb018/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /asdb020/setting.ini HTTP/1.1User-Agent: AutoItHost: h1.ripway.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu000.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu001.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu002.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu003.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu004.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu005.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu006.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu007.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu008.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
GET /set/setting.ini HTTP/1.1User-Agent: AutoItHost: www.balu009.0catch.comCache-Control: no-cache
Ansi based on PCAP Processing (network.pcap)
hostingsolutions-26026
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:03 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_KSjjB2yb88jxaJwJ6dX5eY2INSmzqTHVGJXOkp0ZngXjzenMSrPo28vNlL73/gHnDklx6ZkYJ2G4F6GmEVXlbQ==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_KSjjB2yb88jxaJwJ6dX5eY2INSmzqTHVGJXOkp0ZngXjzenMSrPo28vNlL73/gHnDklx6ZkYJ2G4F6GmEVXlbQ=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:04 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_qvoEUXrFoVloUaukGuy/tZ7aR1qFi1IDdXq1tPwSPmh48mYArYZYUM781NKBDeaMTP2j0H69k8RnIk+xsF/EUQ==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_qvoEUXrFoVloUaukGuy/tZ7aR1qFi1IDdXq1tPwSPmh48mYArYZYUM781NKBDeaMTP2j0H69k8RnIk+xsF/EUQ=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:06 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_x07LH2O82Gu4Na/jF5kBE5VP9ClnpS38Ea8d3oZf31f3Fy7C8NKV0sID9AsV3/OPbvF+aTWW+KrsKJigv75qzA==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_x07LH2O82Gu4Na/jF5kBE5VP9ClnpS38Ea8d3oZf31f3Fy7C8NKV0sID9AsV3/OPbvF+aTWW+KrsKJigv75qzA=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_T3wFi791f/HP4EwGHpYlBewOF/mNuQ1g1gUbBm8hNLDSuYH5lZZZ+WOVa/G4IQUgf3oNte6urteqNurKm/95yQ==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_T3wFi791f/HP4EwGHpYlBewOF/mNuQ1g1gUbBm8hNLDSuYH5lZZZ+WOVa/G4IQUgf3oNte6urteqNurKm/95yQ=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:14 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_hK/cZdzfToFtGaAEXyJHrF95vttPAi8KbwG1L7LreRZgrEA68FrWtlgNocqWZ7yFCXQ0NKGk2MgEfHtAg3lAHQ==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_hK/cZdzfToFtGaAEXyJHrF95vttPAi8KbwG1L7LreRZgrEA68FrWtlgNocqWZ7yFCXQ0NKGk2MgEfHtAg3lAHQ=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:20 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_KVrciMAmnc3k7jVCERG6ZaFkJeaoHdzLwyT1qvNLfpY/wWjYZ2OiW2tAAk6hrUvs4KTRx4y3ZYY/dCSwz0f81g==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_KVrciMAmnc3k7jVCERG6ZaFkJeaoHdzLwyT1qvNLfpY/wWjYZ2OiW2tAAk6hrUvs4KTRx4y3ZYY/dCSwz0f81g=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:24 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_XIWxHfKhYhiTtEbfzDOi1/nRQxISDmSmdwkvSP+nxEL2pyH2mnpXMLJ2/ml4gB8YIJ79hhfHl6D+phvnKcUciA==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_XIWxHfKhYhiTtEbfzDOi1/nRQxISDmSmdwkvSP+nxEL2pyH2mnpXMLJ2/ml4gB8YIJ79hhfHl6D+phvnKcUciA=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:29 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_ZQe1lNrfyVMaAicKFKitMjzBoixGzwGcA9qnt9QlnJuJp8nU5khqHllgz8d9WDZJOs0p3RvvxcBK+ks5ryv08w==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_ZQe1lNrfyVMaAicKFKitMjzBoixGzwGcA9qnt9QlnJuJp8nU5khqHllgz8d9WDZJOs0p3RvvxcBK+ks5ryv08w=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:34 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_xVzr1UUkuQA9pQcvKhaU4a7opx+UfixbPv7giMpbaPhct9StMg/2Xqvja8r1AE1iACvpKt+EYgL75/HMQun0vA==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_xVzr1UUkuQA9pQcvKhaU4a7opx+UfixbPv7giMpbaPhct9StMg/2Xqvja8r1AE1iACvpKt+EYgL75/HMQun0vA=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:39 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_mUXaFGnbPknidYqt3lzcvkzrHgidRdX56ZSD5CYqN/N4457NUor2QXnZOrNJDNFJ/tRsIBJOqGn2NktCRVZq9A==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_mUXaFGnbPknidYqt3lzcvkzrHgidRdX56ZSD5CYqN/N4457NUor2QXnZOrNJDNFJ/tRsIBJOqGn2NktCRVZq9A=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
HTTP/1.1 200 OKServer: nginxDate: Sat, 07 Jul 2018 08:55:45 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingX-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_aM7VZwCetyT72Y2WrELCfnIAWrEq3NoMFpFObVDLoqgK5AJTc/XNenIfjx1VFMEK3jNkAxRk1QTpvsqz1Y8VzQ==f60<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_aM7VZwCetyT72Y2WrELCfnIAWrEq3NoMFpFObVDLoqgK5AJTc/XNenIfjx1VFMEK3jNkAxRk1QTpvsqz1Y8VzQ=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head> [if IE 6 ]><body class="ie6"><![endif]--> [if IE 7 ]><body class="ie7"><![endif]--> [if IE 8 ]><body class="ie8"><![endif]--> [if IE 9 ]><body class="ie9"><![endif]--> [if (gt IE 9)|!(IE)]> --><body> <![endif]--><script type="text/javascript">g_pb=(function(){varDY=document,azu=location,DE=DY.createElement('script'),aAx=false,LX;DE.defer=true;DE.async=true;DE.src="//www.google.com/adsense/domains/caf.js";DE.onerror=function(){if(azu.search!=='?z'){azu.href='/?z';}};DE.onload=DE.onreadystatechange=function()
Ansi based on PCAP Processing (network.pcap)
LOFT9159-XL
Ansi based on PCAP Processing (network.pcap)
PSPUBWS-PC
Ansi based on PCAP Processing (network.pcap)
{if(!aAx&&LX){if(!window['googleNDT_']){}LX(google.ads.domains.Caf);}aAx=true;};DY.body.appendChild(DE);return{azj:function(n$){if(aAx)n$(google.ads.domains.Caf);elseLX=n$;},bq:function(){if(!aAx){DY.body.removeChild(DE);}}};})();g_pd=(function(){varazu=window.location,nw={},bH,azs=azu.search.substring(1),aAp,aAr;if(!azs)return nw;aAp=azs.split("&");for(bH=0;bH<aAp.length;bH++){aAr=aAp[bH].split('=');nw[aAr[0]]=aAr[1]?aAr[1]:"";}return nw;})();g_pc=(function(){var $is_ABP_whitelisted=null;var $Image1=new Image;var $Image2=new Image;var $error1=false;var $error2=false;var $remaining=2;var $random=Math.random()*11;function $imageLoaded(){$remaining--;if($remaining===0)$is_ABP_whitelisted=!$error1&&$error2;}$Image1.onload=$Image2.onload=$imageLoaded;$Image1.onerror=function(){$error1=true;$imageLoaded();};$Image2.onerror=function(){$error2=true;$imageLoaded();};$Image1.src='/px.gif?ch=1&rn='+$random;$Image2.src='/px.gif?ch=2&rn='+$random;return{azl:function(){return'&abp='+($is_ABP_whitelisted?'1':'0');},$isWhitelisted:function(){return $is_ABP_whitelisted;},$onReady:function($callback){function $poll(){if($is_ABP_whitelisted===null)setTimeout($poll,100);else $callback();}$poll();}}})();(function(){var aAj=screen,RC=window,azu=RC.location,aAw=top.location,DY=document,Sp=DY.body||DY.getElementsByTagName('body')[0],aAu=0,aAs=0,aAt=0,$IE=null;if(Sp.className==='ie6')$IE=6;else if(Sp.className==='ie7')$IE=7;else if(Sp.className===
Ansi based on PCAP Processing (network.pcap)
,_,___
Ansi based on Image Processing (screen_0.png)
_?m?J?__?_q___?????v_,?_?_???__,_____??_J_m____L___
Ansi based on Image Processing (screen_0.png)
__Ah|yABLyR5|D|5
Ansi based on Image Processing (screen_0.png)
m____
Ansi based on Image Processing (screen_0.png)
/asdb000/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb002/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb004/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb006/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb008/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb010/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb012/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb014/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb016/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb018/setting.ini
Ansi based on PCAP Processing (PCAP)
/asdb020/setting.ini
Ansi based on PCAP Processing (PCAP)
/set/setting.ini
Ansi based on PCAP Processing (PCAP)
AutoIt
Ansi based on PCAP Processing (PCAP)
h1.ripway.com
Ansi based on PCAP Processing (PCAP)
www.balu000.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu001.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu002.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu003.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu004.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu005.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu006.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu007.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu008.0catch.com
Ansi based on PCAP Processing (PCAP)
www.balu009.0catch.com
Ansi based on PCAP Processing (PCAP)
/C AT /delete /yes
Ansi based on Process Commandline (cmd.exe)
/C AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe
Ansi based on Process Commandline (cmd.exe)
\RPC Control\console-0x00000900-lpc-handle
Unicode based on Runtime Data (at.exe )
Capabilities
Unicode based on Runtime Data (at.exe )
CheckSignatureDll
Unicode based on Runtime Data (at.exe )
CheckSignatureRoutine
Unicode based on Runtime Data (at.exe )
Comment
Unicode based on Runtime Data (at.exe )
RpcId
Unicode based on Runtime Data (at.exe )
SecurityProviders
Unicode based on Runtime Data (at.exe )
TokenSize
Unicode based on Runtime Data (at.exe )
\RPC Control\console-0x00000960-lpc-handle
Unicode based on Runtime Data (at.exe )
s1159
Unicode based on Runtime Data (at.exe )
s2359
Unicode based on Runtime Data (at.exe )
sDate
Unicode based on Runtime Data (at.exe )
sShortDate
Unicode based on Runtime Data (at.exe )
sTime
Unicode based on Runtime Data (at.exe )
UseOldParsing
Unicode based on Runtime Data (at.exe )
A66E19E6
Unicode based on Runtime Data (rundll32.exe )
rundll32.exe
Unicode based on Runtime Data (rundll32.exe )
ShowDebugInfo
Unicode based on Runtime Data (rundll32.exe )
AT /delete /yes
Ansi based on Process Commandline (at.exe)
AT 09:00 /interactive /EVERY:m,t,w,th,f,s,su %USERPROFILE%\Desktop\system3_.exe
Ansi based on Process Commandline (at.exe)

Extracted Files

Displaying 2 extracted file(s). The remaining 2 file(s) are available in the full version and XML/JSON reports.

  • Informative Selection 2

    • autorun.ini
      Download Disabled
      Size
      Unknown (0 bytes)
      Type
      empty
      Runtime Process
      2.exe (PID: 2916)
    • system3_.exe
      Download Disabled
      Size
      Unknown (0 bytes)
      Type
      empty
      Runtime Process
      2.exe (PID: 2916)

Notifications

  • Runtime

  • Added comment to Virus Total report
  • Not all IP/URL string resources were checked online
  • Not all sources for indicator ID "api-0" are available in the report
  • Not all sources for indicator ID "api-12" are available in the report
  • Not all sources for indicator ID "api-2" are available in the report
  • Not all sources for indicator ID "api-51" are available in the report
  • Not all sources for indicator ID "api-55" are available in the report
  • Not all sources for indicator ID "handle-0" are available in the report
  • Not all sources for indicator ID "mutant-0" are available in the report
  • Not all sources for indicator ID "network-0" are available in the report
  • Not all sources for indicator ID "network-2" are available in the report
  • Not all sources for indicator ID "suricata-2" are available in the report
  • Not all sources for indicator ID "target-103" are available in the report
  • Not all sources for indicator ID "target-25" are available in the report
  • Some low-level data is hidden, as this is only a slim report
  • Some runtime data of duplicate spawned processes are suppressed from the report

Community