Sample details: deaba11e81512bb747bd37ab5b88ea30 --

Hashes
MD5: deaba11e81512bb747bd37ab5b88ea30
SHA1: b8d64d647eaacef7882994998002e734b433a77c
SHA256: 1e8e5493262cc91d795f455608edb90f90d898fdb5eeb6cf91906ba6e64496b3
SSDEEP: 12288:R9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9EkNC/:LZ1xuVVjfFoynPaVBUR8f+kN10Ed
Details
File Type: PE32
Added: 2018-02-24 06:26:45
Yara Hits
YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/Borland | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/borland_delphi | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/System_Tools | YRP/Browsers | YRP/VM_Generic_Detection | YRP/Dropper_Strings | YRP/Misc_Suspicious_Strings | YRP/ThreadControl__Context | YRP/disable_antivirus | YRP/inject_thread | YRP/hijack_network | YRP/create_service | YRP/network_udp_sock | YRP/network_tcp_listen | YRP/network_http | YRP/network_dropper | YRP/network_tcp_socket | YRP/network_dns | YRP/escalate_priv | YRP/screenshot | YRP/keylogger | YRP/sniff_audio | YRP/spreading_share | YRP/win_mutex | YRP/win_registry | YRP/win_token | YRP/win_files_operation | YRP/win_hook | YRP/MD5_Constants | YRP/Delphi_Random | YRP/Delphi_FormShow | YRP/Delphi_Copy | YRP/Delphi_StrToInt | YRP/Str_Win32_Winsock2_Library | YRP/Str_Win32_Wininet_Library | YRP/Str_Win32_Internet_API | YRP/Str_Win32_Http_API | YRP/DarkComet_1 | YRP/DarkComet_3 | YRP/DarkComet_4 | FlorianRoth/RAT_DarkComet | KevTheHermit/DarkComet |
Parent Files
07887146726c9d1f4b34bed5bd9a8697
Strings
		This program must be run under Win32
`.itext
`.data
.idata
.rdata
@.reloc
B.rsrc
Boolean
Integer
Cardinal
string
WideString
OleVariant
TObject
TObject
System
IInterface
System
	IDispatch4
System
TInterfacedObject
FastMM Borland Edition 
 2004, 2005 Pierre le Riche / Professional Software Development
An unexpected memory leak has occurred. 
The unexpected small block leaks are:
 bytes: 
Unknown
String
The sizes of unexpected leaked medium and large blocks are: 
Unexpected Memory Leak
Ht Ht.
~KxI[)
                                                                
SOFTWARE\Borland\Delphi\RTL
FPUMaskValue
_^[YY]
YZXtm1
VWUUhdN@
ZTUWVSPRTj
tVSVWU
kernel32.dll
GetLongPathNameA
Software\Borland\Locales
Software\Borland\Delphi\Locales
_^[YY]
odSelected
odGrayed
odDisabled	odChecked	odFocused	odDefault
odHotLight
odInactive	odNoAccel
odNoFocusRect
odReserved1
odReserved2
odComboBoxEdit
Windows
TOwnerDrawState
Magellan MSWHEEL
MouseZ
MSWHEEL_ROLLMSG
MSH_WHEELSUPPORT_MSG
MSH_SCROLL_LINES_MSG
	TFileName
TSearchRec`
	Exception
EAbort
EHeapException
EOutOfMemory
EInOutError`
	EExternal
EExternalException
	EIntError
EDivByZero
ERangeError 
EIntOverflow
EMathError
EInvalidOp
EZeroDivide
	EOverflow
EUnderflow
EInvalidPointer
EInvalidCast
EConvertError
EAccessViolation
EPrivilege
EStackOverflow
	EControlC
EVariantError
EAssertionFailed
EAbstractError
EIntfCastError
EOSError
ESafecallException
SysUtils
SysUtils
TThreadLocalCounter
$TMultiReadExclusiveWriteSynchronizer
-{{{{1
-ffff!
-{{{{1
-ffff!
-[[[[1
-ffff!
-[[[[1
-ffff!
<*t"<0r=<9w9i
INFNAN
$*@@@*$@@@$ *@@* $@@($*)@-$*@@$-*@@$*-@@(*$)@-*$@@*-$@@*$-@@-* $@-$ *@* $-@$ *-@$ -*@*- $@($ *)(* $)
_^[YY]
_^[YY]
$YZ_^[
t%HtIHtm
$Z]_^[
QQQQQQSVW3
QQQQQSVW
_^[YY]
	TErrorRec
TExceptRec
$YZ_^[
YZ]_^[
m/d/yy
mmmm d, yyyy
:mm:ss
TUnitHashArray
SysUtils
TModuleInfo
DVCLAL
kernel32.dll
GetDiskFreeSpaceExA
(Z]_^[
YZ]_^[
tagMULTI_QI
IPersist4
ActiveX
tagEXCEPINFO 
oleaut32.dll
VariantChangeTypeEx
VarNeg
VarNot
VarAdd
VarSub
VarMul
VarDiv
VarIdiv
VarMod
VarAnd
VarXor
VarCmp
VarI4FromStr
VarR4FromStr
VarR8FromStr
VarDateFromStr
VarCyFromStr
VarBoolFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromBool
TCustomVariantType
TCustomVariantType
Variants
EVariantInvalidOpError
EVariantTypeCastError
EVariantOverflowError
EVariantInvalidArgError$
EVariantBadVarTypeError
EVariantBadIndexError
EVariantArrayLockedError
EVariantArrayCreateError
EVariantNotImplError
EVariantOutOfMemoryError
EVariantUnexpectedError
EVariantDispatchError
_^[YY]
QQQQSV
Smallint
Integer
Single
Double
Currency
OleStr
Dispatch
Boolean
Variant
Unknown
Decimal
ShortInt
LongWord
String
Array 
ByRef 
Variants
_^[YY]
_^[YY]
	TBiDiMode
bdLeftToRight
bdRightToLeft
bdRightToLeftNoAlign
bdRightToLeftReadingOnly
Classes
ssShift
ssCtrl
ssLeft
ssRight
ssMiddle
ssDouble
Classes
TShiftState
THelpContext
	THelpType
	htKeyword	htContext
ClassesxnA
	TShortCut
TNotifyEvent
Sender
TObject
EStreamError
EFileStreamError
EFCreateError
EFOpenErrortpA
EFilerError
EReadError
EWriteError|qA
EClassNotFound
EResNotFound
EListError
EBitsError
EStringListError
EComponentError
EOutOfResources
EInvalidOperation
TThreadList
TPersistent
TPersistentluA
Classes
TInterfacedPersistent
TInterfacedPersistent\vA
Classes
IStringsAdapter4
Classes
TStrings
TStringsHwA
Classes
TStringItem
TStringList(yA
TStringList
Classes
TStream
THandleStream
TFileStream
TCustomMemoryStream
TMemoryStream
TStringStream
TResourceStream
TStreamAdapter
TClassFinder
TFiler
TReader
EThreadD
TThreadX
TComponentNamel
IDesignerNotify4
Classes
TComponent
TComponent
Classes
TBasicActionLink
TBasicAction
TBasicActiont
Classes
TIdentMapEntry
	TRegGroup
TRegGroups
YZ]_^[
$Z]_^[
$Z]_^[
_^[YY]
	TIntConst
_^[YY]
Strings
S$_^[Y]
_^[YY]
Sd]_^[
$Z]_^[
TPropFixup
TPropIntfFixup
_^[YY]
Classes
_^[YY]
_^[YY]
QQQQQQQS
R0_^[]
_^[YY]
S	_^[]
TPUtilWindow
ERegistryException
	TRegistryS
TColor
EInvalidGraphic,*B
EInvalidGraphicOperation
TFontPitch
	fpDefault
fpVariable
fpFixed
Graphics
	TFontName
TFontCharset
TFontStyle
fsBold
fsItalic
fsUnderline
fsStrikeOut
Graphics
TFontStyles
	TPenStyle
psSolid
psDash
psDot	psDashDot
psDashDotDot
psClear
psInsideFrame
psUserStyle
psAlternate
Graphics
TPenMode
pmBlack
pmWhite
pmCopy	pmNotCopy
pmMergePenNot
pmMaskPenNot
pmMergeNotPen
pmMaskNotPen
pmMerge
pmNotMerge
pmMask	pmNotMask
pmNotXor
Graphics
TBrushStyle
bsSolid
bsClear
bsHorizontal
bsVertical
bsFDiagonal
bsBDiagonal
bsCross
bsDiagCross
Graphics
TGraphicsObjectL-B
TGraphicsObject$-B
Graphics
IChangeNotifier4
Graphics
TFont(.B
Graphics
Charsetl)B
Color<
Height
OrientationH*B
Pitch<
Graphics
Mode +B
Style<
TBrush
TBrush
Graphics
Color\,B
TCanvas
TCanvas\1B
Graphics
Brush<
CopyMode$.B
TGraphic
TGraphic
Graphics
TPicture
TPicture84B
Graphics
TSharedImage
TMetafileImage
	TMetafile
	TMetafile
Graphics
TBitmapImage
TBitmaph7B
TBitmap
Graphics
TIconImage
TIcon08B
Graphics
TResourceManager
TBrushResourceManager
_^[YY]
clBlack
clMaroon
clGreen
clOlive
clNavy
clPurple
clTeal
clGray
clSilver
clLime
clYellow
clBlue
clFuchsia
clAqua
clWhite
clMoneyGreen
clSkyBlue
clCream
clMedGray
clActiveBorder
clActiveCaption
clAppWorkSpace
clBackground
clBtnFace
clBtnHighlight
clBtnShadow
clBtnText
clCaptionText
clDefault
clGradientActiveCaption
clGradientInactiveCaption
clGrayText
clHighlight
clHighlightText
clHotLight
clInactiveBorder
clInactiveCaption
clInactiveCaptionText
clInfoBk
clInfoText
clMenu
clMenuBar
clMenuHighlight
clMenuText
clNone
clScrollBar
cl3DDkShadow
cl3DLight
clWindow
clWindowFrame
clWindowText
ANSI_CHARSET
DEFAULT_CHARSET
SYMBOL_CHARSET
MAC_CHARSET
SHIFTJIS_CHARSET
HANGEUL_CHARSET
JOHAB_CHARSET
GB2312_CHARSET
CHINESEBIG5_CHARSET
GREEK_CHARSET
TURKISH_CHARSET
HEBREW_CHARSET
ARABIC_CHARSET
BALTIC_CHARSET
RUSSIAN_CHARSET
THAI_CHARSET
EASTEUROPE_CHARSET
OEM_CHARSET
Default
_^[YY]
E$PVSj
_^[YY]
C ;C$s
TClipboardFormats
_^[YY]
_^[YY]
S`_^[Y]
kD$TdP
kD$PdP
D$LPkD$XdPV
D$HPkD$TdPV
|$( EMFt
D$HPkD$TdPV
D$LPkD$XdPW
TBitmapCanvas
TBitmapCanvas
Graphics
_^[YY]
C(_^[Y]
Tahoma
SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
MS Shell Dlg 2
TPatternManagerSV
_^[YY]
	EOleError
EOleSysError
EOleException
Apartment
Neutral
%s, ClassID: %s
%s, ProgID: "%s"
ole32.dll
CoCreateInstanceEx
CoInitializeEx
CoAddRefServerProcess
CoReleaseServerProcess
CoResumeClassObjects
CoSuspendClassObjects
QQQQQQQQSV
TOrderedList
TStack
IHelpSelector4
:	HelpIntfs
IHelpSystem4
:	HelpIntfs
ICustomHelpViewer4
:	HelpIntfs	
IExtendedHelpViewer
:	HelpIntfs
EHelpSystemException
THelpManager
THelpViewerNode
_^[YY]
GetMonitorInfoA
GetSystemMetrics
MonitorFromRect
MonitorFromWindow
MonitorFromPoint
GetMonitorInfo
DISPLAY
GetMonitorInfoA
DISPLAY
GetMonitorInfoW
DISPLAY
EnumDisplayMonitors
USER32.DLL
TSynchroObject
THandleObject
TEvent
TCriticalSection
OleMainThreadWndClass
ole32.dll
CoWaitForMultipleHandles
BeginBufferedPaint
EndBufferedPaint
BufferedPaintSetAlpha
uxtheme.dll
OpenThemeData
CloseThemeData
DrawThemeBackground
DrawThemeText
GetThemeBackgroundContentRect
GetThemePartSize
GetThemeTextExtent
GetThemeTextMetrics
GetThemeBackgroundRegion
HitTestThemeBackground
DrawThemeEdge
DrawThemeIcon
IsThemePartDefined
IsThemeBackgroundPartiallyTransparent
GetThemeColor
GetThemeMetric
GetThemeString
GetThemeBool
GetThemeInt
GetThemeEnumValue
GetThemePosition
GetThemeFont
GetThemeRect
GetThemeMargins
GetThemeIntList
GetThemePropertyOrigin
SetWindowTheme
GetThemeFilename
GetThemeSysColor
GetThemeSysColorBrush
GetThemeSysBool
GetThemeSysSize
GetThemeSysFont
GetThemeSysString
GetThemeSysInt
IsThemeActive
IsAppThemed
GetWindowTheme
EnableThemeDialogTexture
IsThemeDialogTextureEnabled
GetThemeAppProperties
SetThemeAppProperties
GetCurrentThemeName
GetThemeDocumentationProperty
DrawThemeParentBackground
EnableTheming
DWMAPI.DLL
DwmExtendFrameIntoClientArea
DWMAPI.DLL
DwmIsCompositionEnabled
clWebSnow
clWebFloralWhite
clWebLavenderBlush
clWebOldLace
clWebIvory
clWebCornSilk
clWebBeige
clWebAntiqueWhite
clWebWheat
clWebAliceBlue
clWebGhostWhite
clWebLavender
clWebSeashell
clWebLightYellow
clWebPapayaWhip
clWebNavajoWhite
clWebMoccasin
clWebBurlywood
clWebAzure
clWebMintcream
clWebHoneydew
clWebLinen
clWebLemonChiffon
clWebBlanchedAlmond
clWebBisque
clWebPeachPuff
clWebTan
clWebYellow
clWebDarkOrange
clWebRed
clWebDarkRed
clWebMaroon
clWebIndianRed
clWebSalmon
clWebCoral
clWebGold
clWebTomato
clWebCrimson
clWebBrown
clWebChocolate
clWebSandyBrown
clWebLightSalmon
clWebLightCoral
clWebOrange
clWebOrangeRed
clWebFirebrick
clWebSaddleBrown
clWebSienna
clWebPeru
clWebDarkSalmon
clWebRosyBrown
clWebPaleGoldenrod
clWebLightGoldenrodYellow
clWebOlive
clWebForestGreen
clWebGreenYellow
clWebChartreuse
clWebLightGreen
clWebAquamarine
clWebSeaGreen
clWebGoldenRod
clWebKhaki
clWebOliveDrab
clWebGreen
clWebYellowGreen
clWebLawnGreen
clWebPaleGreen
clWebMediumAquamarine
clWebMediumSeaGreen
clWebDarkGoldenRod
clWebDarkKhaki
clWebDarkOliveGreen
clWebDarkgreen
clWebLimeGreen
clWebLime
clWebSpringGreen
clWebMediumSpringGreen
clWebDarkSeaGreen
clWebLightSeaGreen
clWebPaleTurquoise
clWebLightCyan
clWebLightBlue
clWebLightSkyBlue
clWebCornFlowerBlue
clWebDarkBlue
clWebIndigo
clWebMediumTurquoise
clWebTurquoise
clWebCyan
clWebPowderBlue
clWebSkyBlue
clWebRoyalBlue
clWebMediumBlue
clWebMidnightBlue
clWebDarkTurquoise
clWebCadetBlue
clWebDarkCyan
clWebTeal
clWebDeepskyBlue
clWebDodgerBlue
clWebBlue
clWebNavy
clWebDarkViolet
clWebDarkOrchid
clWebMagenta
clWebDarkMagenta
clWebMediumVioletRed
clWebPaleVioletRed
clWebBlueViolet
clWebMediumOrchid
clWebMediumPurple
clWebPurple
clWebDeepPink
clWebLightPink
clWebViolet
clWebOrchid
clWebPlum
clWebThistle
clWebHotPink
clWebPink
clWebLightSteelBlue
clWebMediumSlateBlue
clWebLightSlateGray
clWebWhite
clWebLightgrey
clWebGray
clWebSteelBlue
clWebSlateBlue
clWebSlateGray
clWebWhiteSmoke
clWebSilver
clWebDimGray
clWebMistyRose
clWebDarkSlateBlue
clWebDarkSlategray
clWebGainsboro
clWebDarkGray
clWebBlack
TTimer
TTimer
ExtCtrls
Enabled|
Interval
OnTimerSV
TCommonDialog
TCommonDialog
Dialogs
Ctl3D nA
HelpContext
OnClose
OnShowSV
Cancel
Ignore
NoToAll
YesToAll
commdlg_help
commdlg_FindReplace
WndProcPtr%.8X%.8X
TClipboard
TClipboardL
Clipbrd
_^[YY]
_^[YY]
THintAction
THintAction
StdActns
comctl32.dll
InitializeFlatSB
UninitializeFlatSB
FlatSB_GetScrollProp
FlatSB_SetScrollProp
FlatSB_EnableScrollBar
FlatSB_ShowScrollBar
FlatSB_GetScrollRange
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollRange
TThemeServices
Theme manager 
 2001, 2002 Mike Lischke
BDSUnthemedDesigner
comctl32.dll
 !"#$%
EMenuError
TMenuBreak
mbNone
mbBreak
mbBarBreak
TMenuChangeEvent
Sender
TObject
Source	TMenuItem
Rebuild
Boolean
TMenuDrawItemEvent
Sender
TObject
ACanvas
TCanvas
Selected
Boolean
TAdvancedMenuDrawItemEvent
Sender
TObject
ACanvas
TCanvas
TOwnerDrawState
TMenuMeasureItemEvent
Sender
TObject
ACanvas
TCanvas
Integer
Height
Integer
TMenuItemAutoFlag
maAutomatic
maManual
maParent
TMenuAutoFlag
TMenuActionLink
	TMenuItem
	TMenuItem
Action
	AutoCheckd-C
AutoHotkeysd-C
AutoLineReductiond7B
Bitmapx+C
Caption
CheckedX
SubMenuImages
Default
EnabledT
GroupIndex nA
HelpContext
ImageIndex
	RadioItemtnA
ShortCut
Visible
OnClick
OnDrawItem|,C
OnAdvancedDrawItem
OnMeasureItem
	TMainMenu
	TMainMenu
AutoHotkeys
AutoLineReduction
	AutoMergeDmA
BiDiModeX
Images
	OwnerDraw
ParentBiDiMode
OnChange
TPopupAlignment
paLeft
paRight
paCenter
TTrackButton
tbRightButton
tbLeftButton
Menus06C
TMenuAnimations
maLeftToRight
maRightToLeft
maTopToBottom
maBottomToTop
maNone
TMenuAnimation
TPopupMenu
TPopupMenu
	Alignment
AutoHotkeys
AutoLineReduction
	AutoPopupDmA
BiDiMode nA
HelpContextX
Images
MenuAnimation
	OwnerDraw
ParentBiDiMode
TrackButton
OnChange
OnPopup
TPopupList
TMenuItemStack
1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ
Q<]_^[
ShortCutText
P?:S?u
Q<]_^[
@?:F?v
Q<]_^[
;~hu	3
$YZ]_^[
\SYSTEM\CurrentControlSet\Control\Keyboard Layouts\
Layout File
KbdLayerDescriptor
_^[YY]
Ih;J4u
YZ]_^[
P\YZ_^
YZ]_^[
TScrollBarInc
TScrollBarStyle
	ssRegular
ssFlat
ssHotTrack
FormsP
TControlScrollBar
TControlScrollBarP
ButtonSizel)B
	Incrementh
Margin
ParentColor<
Position<
Smooth<
Style<
	ThumbSize
Tracking
Visible
TWindowState
wsNormal
wsMinimized
wsMaximized
TScrollingWinControl
TScrollingWinControl
OnAlignInsertBefore
OnAlignPositionp
HorzScrollBarp
VertScrollBar
TFormBorderStyle
bsNone
bsSingle
bsSizeable
bsDialog
bsToolWindow
bsSizeToolWin
FormsL
IDesignerHookh
IOleForm4
TPopupWndArray
TFormStyle
fsNormal
fsMDIChild	fsMDIForm
fsStayOnTop
TBorderIcon
biSystemMenu
biMinimize
biMaximize
biHelp
TBorderIcons
	TPosition
poDesigned	poDefault
poDefaultPosOnly
poDefaultSizeOnly
poScreenCenter
poDesktopCenter
poMainFormCenter
poOwnerFormCenter
Forms0
TDefaultMonitor
	dmDesktop	dmPrimary
dmMainForm
dmActiveForm
TPrintScale
poNone
poProportional
poPrintToFit
TCloseAction
caNone
caHide
caFree
caMinimize
TCloseEvent
Sender
TObject
Action
TCloseAction
TCloseQueryEvent
Sender
TObject
CanClose
Boolean
TShortCutEvent
TWMKey
Handled
Boolean
THelpEvent
Command
Integer
CallHelp
Boolean
Boolean
TPopupMode
pmNone
pmAuto
pmExplicit
TCustomForm
TCustomForm
TForm4
Forms]
ActionH
ActiveControl4
AlphaBlendT
AlphaBlendValue
Anchors
AutoScroll
AutoSizeDmA
BiDiModex
BorderIcons
BorderStyle
BorderWidthd
Caption<
ClientHeight<
ClientWidthl)B
TransparentColorl)B
TransparentColorValued
Constraints
UseDockManager,
DefaultMonitor
DockSite0
DragKind
DragMode
Enabled
ParentFont$.B
	FormStyle<
Height
HelpFilep
HorzScrollBar
KeyPreview
Padding`4C
OldCreateOrder
ObjectMenuItem
ParentBiDiMode<
PixelsPerInchL7C
	PopupMenu0
	PopupMode
PopupParent
Position
PrintScale
Scaled
ScreenSnap
ShowHint<
SnapBufferp
VertScrollBar
Visible<
WidthX
WindowState
WindowMenu
OnActivate(
OnAlignInsertBefore
OnAlignPosition
OnCanResize
OnClick
OnCloseT
OnCloseQueryx
OnConstrainedResize
OnContextPopup
OnCreate
OnDblClick
	OnDestroy
OnDeactivate
OnDockDrop4
OnDockOver
OnDragDrop
OnDragOverp
	OnEndDock|
OnGetSiteInfo
OnHide
OnHelp
	OnKeyDownL
OnKeyPress
OnKeyUpH
OnMouseActivatel
OnMouseDown
OnMouseEnter
OnMouseLeave
OnMouseMovel
	OnMouseUp
OnMouseWheel
OnMouseWheelDown
OnMouseWheelUp
OnPaint
OnResize
OnShortCut
OnShow0
OnStartDock
OnUnDock
TCustomDockFormp
TCustomDockForm 
PixelsPerInch
TMonitor
TScreen
TScreen`
	THintInfo@
TPopupFormArray
TApplication
TApplicationd
TGlassFramet
TGlassFrameT
Enabled<
Right<
Bottom
SheetOfGlass
;X0t@S
+WH+W@
PixelsPerInch
TextHeight
IgnoreFontProperty
GlassFrame.Bottom
GlassFrame.Enabled
GlassFrame.Left
GlassFrame.Right
GlassFrame.SheetOfGlass
GlassFrame.Top
_^[YY]
S0_^[]
MDICLIENT
_^[YY]
_^[YY]
_^[YY]
_^[YY]
_^[YY]
_^[YY]
Ch;Ctt
Cd;Cpt
System\CurrentControlSet\Control\Keyboard Layouts\%.8x
layout text
f;sDt~f
_^[YY]
TApplication
MAINICON
XD;PHu
sx;P`u
;B0uGj
;X0uG;u
_^[YY]
YZ]_^[
$Z]_^[
_^[YY]
_^[YY]
u%htnD
Y_^[Y]
_^[YY]
$Z]_^[
YZ]_^[
User32.dll
SetLayeredWindowAttributes
Jt'Jt5
TChangeLink
TImageIndex
TCustomImageList
TCustomImageList
ImgList
S0_^[]
R ;C0|
R,;C4}!
S`]_^[
Bitmap
comctl32.dll
comctl32.dll
ImageList_WriteEx
TContainedAction
TContainedAction4
ActnList
Category
TCustomActionList
TCustomActionListX
ActnList
TShortCutList
TShortCutList8
ActnList
TCustomAction
TCustomActionT
ActnList
TActionLinkSV
u*;~8u
YZ]_^[
S`Z]_^[
R0Z_^[
;Blu	3
$:Cjtc
R0Z_^[
R0]_^[
$;Ctt?
R0Z_^[
R0Z_^[
R0Z_^[
R0Z_^[
R0Z_^[
$Z]_^[
TCursor
TAlign
alNone
alBottom
alLeft
alRight
alClient
alCustom
Controls
TDragObject
TDragObject
Controls
TBaseDragControlObject
TBaseDragControlObject
Controls
TDragControlObject
TDragControlObjectEx
TDragDockObject
TDragDockObject`
Controls
TDragDockObjectEx
TControlCanvas
TControlCanvas
Controls
TCustomControlAction
TCustomControlActionh
Controls
TControlActionLink
TMouseButton
mbLeft
mbRight
mbMiddle
Controls<
TMouseActivate
	maDefault
maActivate
maActivateAndEat
maNoActivate
maNoActivateAndEat
Controls
	TDragMode
dmManual
dmAutomatic
Controls
TDragState
dsDragEnter
dsDragLeave
dsDragMove
Controls
	TDragKind
dkDrag
dkDock
Controls
TCaption
TAnchorKind
akLeft
akRight
akBottom
Controls
TAnchors
TConstraintSize
TSizeConstraints
TSizeConstraints<
Controls
	MaxHeight
MaxWidth
	MinHeight
MinWidth
TMarginSize
TMargins
TMargins
Controls
Right 
Bottom
TPadding
TPadding
Controls
Right 
Bottom
TMouseEvent
Sender
TObject
Button
TMouseButton
TShiftState
Integer
Integer
TMouseMoveEvent
Sender
TObject
TShiftState
Integer
Integer
TMouseActivateEvent
Sender
TObject
Button
TMouseButton
TShiftState
Integer
Integer
HitTest
Integer
MouseActivate
TMouseActivate
	TKeyEvent
Sender
TObject
TShiftState
TKeyPressEvent
Sender
TObject
TDragOverEvent
Sender
TObject
Source
TObject
Integer
Integer
TDragState
Accept
Boolean
TDragDropEvent
Sender
TObject
Source
TObject
Integer
Integer
TEndDragEvent
Sender
TObject
Target
TObject
Integer
Integer
TDockDropEvent
Sender
TObject
Source
TDragDockObject
Integer
Integer
TDockOverEvent
Sender
TObject
Source
TDragDockObject
Integer
Integer
TDragState
Accept
Boolean
TUnDockEvent
Sender
TObject
Client
TControl
	NewTarget
TWinControl
Boolean
TStartDockEvent
Sender
TObject	
DragObject
TDragDockObject
TGetSiteInfoEvent
Sender
TObject
DockClient
TControl
InfluenceRect
MousePos
TPoint
CanDock
Boolean
TCanResizeEvent
Sender
TObject
NewWidth
Integer
	NewHeight
Integer
Resize
Boolean
TConstrainedResizeEvent
Sender
TObject
MinWidth
Integer
	MinHeight
Integer
MaxWidth
Integer
	MaxHeight
Integer
TMouseWheelEvent
Sender
TObject
TShiftState
WheelDelta
Integer
MousePos
TPoint
Handled
Boolean
TMouseWheelUpDownEvent
Sender
TObject
TShiftState
MousePos
TPoint
Handled
Boolean
TContextPopupEvent
Sender
TObject
MousePos
TPoint
Handled
Boolean
TControl
TControl
Controls
AlignWithMargins<
Width<
Height
Cursor
Hint<nA
HelpType
HelpKeyword nA
HelpContext
Margins
TWinControlActionLink
TImeName
TBorderWidth
IDockManager4
Controls
TAlignInsertBeforeEvent
Sender
TWinControl
TControl
TControl
Boolean
TAlignPositionEvent
Sender
TWinControl
Control
TControl
NewLeft
Integer
NewTop
Integer
NewWidth
Integer
	NewHeight
Integer
	AlignRect
	AlignInfo
TAlignInfo
TWinControl
TWinControl
Controls
TCustomControl
TCustomControl
Controls
THintWindow
THintWindow(
Controls
	TDockZone
	TDockTree
TMouse
crDefault
crArrow
crCross
crIBeam
crSizeNESW
crSizeNS
crSizeNWSE
crSizeWE
crUpArrow
crHourGlass
crDrag
crNoDrop
crHSplit
crVSplit
crMultiDrag
crSQLWait
crAppStart
crHelp
crHandPoint
crSizeAll
crSize
	TSiteList
_^[YY]
S$_^[]
YZ]_^[
t%Jt?Jt[
%s (%s)
YZ]_^[
R\Z_^[
ty;s@u
;CLt_3
_^[YY]
;s0t=;
IsControl
ExplicitLeft
ExplicitTop
ExplicitWidth
ExplicitHeight
_^[YY]
_^[YY]
+WH+W@
YZ]_^[
:GauQFKu
DesignSize
_^[YY]
_^[YY]
_^[YY]
_^[YY]
YZ]_^[
_^[YY]
YZ]_^[
YZ]_^[
YZ]_^[
YZ]_^[
YZ]_^[
S8_^[]
t9;wlt4
t';C8u
QQQQSVW
t$;^dt
BP_^[]
USER32
WINNLSEnableIME
imm32.dll
ImmGetContext
ImmReleaseContext
ImmGetConversionStatus
ImmSetConversionStatus
ImmSetOpenStatus
ImmSetCompositionWindow
ImmSetCompositionFontA
ImmGetCompositionStringA
ImmIsIME
ImmNotifyIME
Delphi%.8X
ControlOfs%.8X%.8X
USER32
AnimateWindow
Jt'Jt5
TVariantArray
	OleServer
TConnectKind
ckRunningOrNew
ckNewInstance
ckRunningInstance
ckRemote
ckAttachToInterface	OleServer
TServerEventDispatch
TOleServer
TOleServer4
	OleServer
AutoConnect
ConnectKind
RemoteMachineName
IMessengerd
MessengerAPI_TLB"
IMessenger2
MessengerAPI_TLB
IMessenger3
MessengerAPI_TLB
CoMessengerU
TGdiplusBase
TGPImage
	TGPBitmap
TGPGraphicsRP
image/jpeg
image/bmp
ESocketError
TBaseSocket
TBaseSocket$
Sockets
TSocketHost
TSocketPort
	TIpSocket
	TIpSocket$
Sockets
TCustomIpClientl
TCustomIpClient
Sockets
%d.%d.%d.%d
0.0.0.0
WSAStartup
WSACleanup
kernel32.dll
CreateToolhelp32Snapshot
Heap32ListFirst
Heap32ListNext
Heap32First
Heap32Next
Toolhelp32ReadProcessMemory
Process32First
Process32Next
Process32FirstW
Process32NextW
Thread32First
Thread32Next
Module32First
Module32Next
Module32FirstW
Module32NextW
PSAPI.dll
EnumProcesses
EnumProcessModules
GetModuleBaseNameA
GetModuleFileNameExA
GetModuleBaseNameW
GetModuleFileNameExW
GetModuleInformation
EmptyWorkingSet
QueryWorkingSet
InitializeProcessForWsWatch
GetMappedFileNameA
GetDeviceDriverBaseNameA
GetDeviceDriverFileNameA
GetMappedFileNameW
GetDeviceDriverBaseNameW
GetDeviceDriverFileNameW
EnumDeviceDrivers
GetProcessMemoryInfo
TByteArray
UntRC4
_^[YY]
_^[YY]
t:HtVH
_^[YY]
TSearchThreadU
TApplication
_AMMediaTypeH
_PinInfo
DirectShow9
IFilterGraph4
DirectShow9
IMediaFilterx
DirectShow9
IBaseFilter4#F
DirectShow9
IGraphBuilder
DirectShow9
ICaptureGraphBuilder24
DirectShow9	
IAMStreamConfig4
DirectShow9
IAMVideoProcAmp4
DirectShow9
IKsPropertySet4
DirectShow9
IMediaControld
DirectShow9	
IMediaEventd
DirectShow9
IMediaEventEx
DirectShow9
IVideoWindowd
DirectShow9'
ISampleGrabberCB4
DirectShow9
ISampleGrabber4
DirectShow9
TSampleGrabberCBInt
VSample
TSampleGrabberCBImpl
TSampleGrabberCB
VSample0(F
TVideoSample
QQQQQQQSV
QQQQSVW
_^[YY]
MJPGte
_^[YY]
VFrames
TVideoImage
NewFrame
QQQQQSVW
r*-H420to-
-YUNVt=-
Unknown compression
DataSize: 
  FourCC: 
_^[YY]
	TDCWebCam
_^[YY]
127.0.0.1
BuildImportTable: can't load library: 
BuildImportTable: ReallocMemory failed
BuildImportTable: GetProcAddress failed
_^[YY]
FinalizeSections: VirtualProtect failed
BTMemoryLoadLibary: dll dos header is not valid
BTMemoryLoadLibary: IMAGE_NT_SIGNATURE is not valid
BTMemoryLoadLibary: VirtualAlloc failed
 BTMemoryLoadLibary: BuildImportTable failed
BTMemoryLoadLibary: Get DLLEntyPoint failed
BTMemoryLoadLibary: Can't attach library
BTMemoryGetProcAddress: no export table found
BTMemoryGetProcAddress: DLL doesn't export anything
BTMemoryGetProcAddress: exported symbol not found
BTMemoryGetProcAddress: name <-> ordinal number don't match
TACMConvertor
TACMIn
TPUtilWindow
S	_^[]
-.-.-.-
need dictionary
stream end
file error
stream error
data error
insufficient memory
buffer error
incompatible version
{8+{p+{h
;ChwpV
)sl)sh)kX
$;4$w	f
$;4$w	f
Sh#S0f
K\;K|wY
Sh#S0f
Kt;K|sy
StJ)Sp
D$(#D$8
l$()t$,
t:;t$,v
l$()t$,
L$(#L$<
l$()t$,
;t$,v:
l$()t$,
`;t$ v?
T$$J;D$ v0
K,;K$u
S(;S$s
Vd;VXr
L$%#T$
L$%#T$
_^[YY]
TDataThread
TDumpThread
127.0.0.1:1604
#KCMDDC51#-
Unknow
cmd.exe
Unknow
Not Available
Removable
Network
CD-ROM
WinDrive
Shell_traywnd
TrayNotifyWnd
TrayClockWClass
Shell_traywnd
TrayNotifyWnd
TrayClockWClass
Shell_traywnd
TrayNotifyWnd
Shell_traywnd
TrayNotifyWnd
Shell_traywnd
ReBarWindow32
Shell_traywnd
ReBarWindow32
Progman
Progman
REG_SZ
REG_DWORD
REG_EXPAND_SZ
REG_BINARY
Maximized
Normal
Minimized
Show/Unactive
Normal/Unactive
Maximized
Normal
Minimized
Show/Unactive
Normal/Unactive
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
command
SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder
SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\
location
SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder
tcHt(Ht3
_^[YY]
Unknow
Offline
Online
Invisible
Be Right Back
On The Phone
Out to lunch
tjHt+Ht7
Offline
Online
Invisible
Be Right Back
On The Phone
Out to lunch
\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
AppData
\uTorrent\
*.torrent
Software
Microsoft
Windows
CurrentVersion
Policies
System
DisableTaskMgr
Button
Shell_TrayWnd
Shell_TrayWnd
Shell_TrayWnd
set cdAudio door open
Shell_TrayWnd
BUTTON
System\CurrentControlSet\Services\
Description
UNKNOW
STOPED
RUNNING
PAUSED
STARTED
STOPED_P
CONTINUE_P
PAUSED_P
System\CurrentControlSet\Services\
Description
Software
Microsoft
Windows
CurrentVersion
Policies
System
DisableTaskMgr
Software
Microsoft
Windows
CurrentVersion
Policies
System
DisableRegistryTools
Software
Microsoft
Windows
CurrentVersion
Policies
System
EnableLUA
Software
Microsoft
Security Center
AntiVirusDisableNotify
SYSTEM
CurrentControlSet
Services
SharedAccess
Parameters
FirewallPolicy
StandardProfile
EnableFirewall
SYSTEM
CurrentControlSet
Services
SharedAccess
Parameters
FirewallPolicy
StandardProfile
DisableNotifications
SYSTEM
CurrentControlSet
Services
wscsvc
Software
Microsoft
Security Center
UpdatesDisableNotify
Software
Microsoft
Windows
CurrentVersion
Policies
Explorern
NoControlPanel
Software
Microsoft
Security Center
AntiVirusDisableNotify
SYSTEM
CurrentControlSet
Services
wscsvc
Software
Microsoft
Security Center
UpdatesDisableNotify
Software
Microsoft
Windows
CurrentVersion
Policies
Explorern
NoControlPanel
drivers\etc\hosts
drivers\etc\hosts
I wasn't able to open the hosts file, maybe because UAC is enabled in remote computer!
 IP : 
 IP Mask : 
 Broadcast adress : 
 Status : UP
 Status : DOWN
 Broadcasts : YES
 Broadcasts : NO
 Loopback interface
 Network interface
QQQQQQQSVW
TByteArray
UntFWB
\Internet Explorer\iexplore.exe
explorer.exe
QQQQQQQQS3
$YZ_^[
t"+G4PWV
wlanapi.dll
WlanOpenHandle
WlanCloseHandle
WlanEnumInterfaces
WlanQueryInterface
WlanGetAvailableNetworkList
t;NtGNtSNt_
80211_OPEN
80211_SHARED_KEY
WPA_PSK
WPA_NONE
RSNA_PSK
IHV_START
IHV_END
Nt Nt,
WEP104
WPA_USE_GROUP OR RSN_USE_GROUP
IHV_START
IHV_END
R@PSWV
notepad
kernel32.dll
user32.dll
MessageBoxA
ExitThread
DeleteFileA
GetLastError
TerminateProcess
CloseHandle
OpenProcess
GetExitCodeProcess
LoadLibraryA
kernel32
GetProcAddress
F|h$YG
notepad
DCPERSFWBP
kernel32.dll
user32.dll
MessageBoxA
CreateProcessA
GetLastError
SetLastError
CreateMutexA
CloseHandle
ExitThread
OpenProcess
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
LoadLibraryA
kernel32
GetProcAddress
user32
TUploadFTP
QQQQQSVW
cmd.exe
notepad.exe
INSTALL
KEYNAME
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
notepad
IDTYPE
SERVER
%ShortCut#
RELATEDCMD
GetSIN
 64 bit
 32 bit
infoes
RefreshSIN
backinfoes
RunPrompt
GetDrives
Drives
GetSrchDrives
SrchDrives
GETMONITORS
RESMON
1SCDesktop
FMGRSC
1SCMydocs
CloseServer
notepad.exe
RestartSocket
RestartServer
ping 127.0.0.1 -n 4 > NUL && "
RunSelectedAsAdmin
FILM003
RunSelectedShow
FILEM004
RunSelectedHidden
AddSize
DeleteFiles
SendFilesToTrash
EmptyBin
AttribNormal
AttribHidden
AttribRO
AttribSystem
AttribArchive
AttribTemp
GetFileAttrib
Read-Only
Archive
System
ResultAttrib
File Attrib : [ 
PastMultiVM
RefreshList
CutMultiFiles
ShortCut
RenameFile
FILEM007
MoveFold
FILEM006
MkeDir
FILEM002
DelDir
rmdir "
" /s /q
HideFolder
ShowFolder
NETDRV
REFRESHPROC
PROCESS
REFRESHMODS
MODULES
KillProcess
SuccesProc
KILLPID
KillSProcess
HKNewInt
HKNewExpandString
GetWindow
CloseW
Maximize
Minimize
ChangeWindowName
GetAppList
DeleteReg
RenAppReg
UninstallAPP
GetServList
StartServices
StopServices
RemoveServices
InstallService
GetStartUpList
DelMSKey
CleanMsConfig
InstallHKEY
MSNONLINE
MSNBUSY
MSNAWAY
MSNOFFINE
MSNSIGNOUT
GETMSNINFO
MSNINFO
GetMsnList
DelContact
AddContact
BlockContact
UnBlockContact
ActiveOnlineKeylogger
UnActiveOnlineKeylogger
GETLOGSHISTORY
KeylogOn
dclogs\
ActiveOfflineKeylogger
UnActiveOfflineKeylogger
ActiveOnlineKeyStrokes
UnActiveOnlineKeyStrokes
GetOfflineLogs
Shutdown
RestartComp
LogOffComp
PowerOff
ScreenSaver
LockComp
GetFullInfo
OFFLINEK
GetSystemInfo
OpenWebPage
PrintText
tmpprint.txt
RefreshClipboard
GetClipT
GetClipF
SendYourClipboard
ToGetClipT
WriteClip
ClearC
GetTorrent
ListCam
DISPCAMS
GetPrivilege
HideDeskTop
ShowDeskTop
HideClock
ShowClock
HideTaskBarIcons
ShowTaskBarIcons
HideSystemTrayIcons
ShowSystemTrayIcons
HideTaskBar
ShowTaskBar
HideStartButton
ShowStartButton
DisableStartButton
EnabledStartButton
DisabledTaskManager
EnabledTaskManager
OpenCD
CloseCD
Set cdaudio door closed wait
SvrUninstall
URLUpdate
TraceRoute
TraceResult
#GetClipboardText
#SendClip
#SendTaskMgr
taskmgr
#FreezeIO
#UnFreezeIO
MSGBOX
GetMiniWind
Redirection
#BOT#VisitUrl
#BOT#OpenUrl
HTTP://
http://
BTRESULTOpen URL|
 is now open!|
#BOT#Ping
BTRESULTPing|Respond [OK] for the ping !|
#BOT#RunPrompt
BTRESULTRun command|
 Command successfully executed!|
#BOT#CloseServer
BTRESULTClose Server|close command receive, bye bye...|
#BOT#SvrUninstall
BTRESULTUninstall|uninstall command receive, bye bye...|
#BOT#URLUpdate
BTERRORUpdate from URL| Error on downloading file check if you type the correct url...|
BTRESULTUpdate from URL|Update : File Downloaded , Executing new one in temp dir...|
#BOT#URLDownload
RPCLanScan
GateWay
GetActivePorts
out.txt
tmp.txt
netstat -a -n -o
DDOSHTTPFLOOD
DDOSSYNFLOOD
DDOSUDPFLOOD
[ChangeID]
GENCODE
#GetScreenSize
#RemoteScreenSize
%IPPORTSCAN
Md5GetFromFile
md5result
WallPaper
FILEM005
WavPlay
HWINDSENDTEXT
SpeakerVoice
SAPI.SpVoice
GetHostsFile
GETDRIVEINFO
DELETELOG
REFRESHLOGS
PREVIEWF
ADDSOCKS5
SOCKS5FLUSH
SOCKS5CLOSE
DOWNLOADFILE
DOWNLOADFOLDER
DWNFOLDERRES
UPFLUX
UPLOADFILE
SEARCHFILES
STOPSEARCH
ACTIVEREMOTESHELL
DOSCAP
SUBMREMOTESHELL
KILLREMOTESHELL
DESKTOPCAPTURE
DESKTOPSTOP
WEBCAMLIVE
WEBCAMSTOP
DESKTHMB
REFRESHWIFI
SOUNDCAPTURE
SOUNDSTOP
QUICKUP
PLUGIN
PASSWORD
CHATOUT
CHATNUDGE
CLOSECHAT
FTPFILEUPLOAD
URLDOWNLOADTOFILE
OFFLINEK
Unknow
TQuickTransfer
UPLOADEXEC
UPDATE
UPANDEXEC
drivers\etc\hosts
EDITSVR
GENCODE
PASSWORD
DCSC_GRABPWDS
DCSC_INITCHAT
DCSC_POSTDATA
DCSC_CHATNUDGE
DCSC_DESTROYCHAT
DCSC_CHATRELOAD
PLUGIN
QUICKUP
FILEEND
TScreenThumb
TReceiveDataFlux
UPFLUX
TSendFileThreadU
FILETRANSFER
FILEBOF
FILEERR
FILEEOF
FILEEND
TReceiveFileThread
UPLOADFILE
FILEBOF
FILEEOF
FILEEND
FILEERR
QQQQQQSV
FTPPORT
FTPPASS
FTPUSER
FTPHOST
FTPROOT
dclogs\
dclogs\
:: Clipboard Change : size = 
 Bytes (
FTPUPLOADK
FTPSIZE
\newl\
\space\
ONLINESTROKES\newl\:: 
ONLINESTROKES
[NUM_LOCK]
[SNAPSHOT]
[LEFT]
[RIGHT]
[DOWN]
dclogs\
_^[YY]
0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ/*-+.=
BTRESULTUDP Flood|UDP Flood task finished!|
_^[YY]
0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ/*-+.=
BTRESULTSyn Flood|Syn task finished!|
TScanRange
PortScanAdd
LanErr
127.0.0.1
LanList
LanErr
DATAFLUX
TVisitThread
myappname
BTRESULTVisit URL|finished to visit 
 Times.
BTERRORVisit URL|An exception occured in the thread|
POST /index.php/1.0
Host: 
BTRESULTHTTP Flood|Http Flood task finished!|
UntProcess
SYSERRNot a valid range set!
SYSERRCannot open remote process for reading..
SYSERRCannot create the output file!
SYSINFORemote process (
) successfully dump in 
Normal
Real Time
> of the Normal
< of the Normal
ACCESS DENIED (x64)
TDownloaderThreadU
Mozilla
BTRESULTMass Download|Downloading File...|
DownloadSuccess
DownloadFail
BTRESULTDownload File|Mass Download : File Downloaded , Executing new one in temp dir...|
BTERRORDownload File| Error on downloading file check if you type the correct url...|
Software\Microsoft\Windows\CurrentVersion\Run
Software\Microsoft\Windows\CurrentVersion\Run
Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit
UserInit
QQQQS3
Software\Microsoft\Windows NT\CurrentVersion\Winlogon
UserInit
TAsyncTask
out.txt
tmp.txt
systeminfo
SYSINFO
TSoundCapture
EndReceive
TKeepAlive
#KEEPALIVE#
TConnectionHandler
TSocks5Config
OK|Successfully started..|
ERR|Socket error..|
ERR|Cannot listen to port, try another one..|
QQQQQSVW
QQQQQQQSVW
QQQQQQQQSVW3
SOCKS5STATUS
TCaptureWebcam
CAMERA
#CAMEND
ENDSNAP
TScreenCapture
DESKTOP
ENDSNAP
TInputsControl
CONTROLIO
XWHEEL
XRIGHT
MONSIZE
DISPLAY
MONSIZE0x0x0x0
DEFAULT MONITOR (DISPLAY)
cmd.exe
taskmgr.exe
image/jpeg
QQQQQSVW
TSendDataFluxThread
DATAFLUX
TRemoteShell
COMSPEC
TPlugThread
_^[YY]
0123456789ABCDEFGHJKLMNPQRSTUVWXYZ
cmd.exe
Control Panel\Desktop
Wallpaper
net start uxsms
net stop uxsms
SeShutdownPrivilege
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
DisplayName
DisplayVersion
InstallLocation
Publisher
UninstallString
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
OpenProcessToken error
GetTokenInformation error
BlockInput
USER32.DLL
_^[YY]
Software
DC2_USERS
_^[YY]
Software
DC2_USERS
Default
Limited
unknow
QQQQQQSVW
 Days and 
QQQQQQSVW
Software
DC3_FEXEC
Unknow
_^[YY]
Software
DC3_FEXEC
 Bytes
_DCEntryPoint
QQQQQQQQSVW
Local drive (default)
%.4x:%.4x
IsWow64Process
kernel32
HARDWARE\DESCRIPTION\System
SystemBiosDate
HARDWARE\DESCRIPTION\System
Identifier
HARDWARE\DESCRIPTION\System\CentralProcessor\0
Identifier
HARDWARE\DESCRIPTION\System\CentralProcessor\0
VendorIdentifier
Unknow
Windows NT 4.0
Windows 2000
Windows XP
Windows Server 2003
Windows Vista
Windows 7
Windows 95
Windows 98
Windows Me
0x%.2x%.2x%.2x%.2x%.2x%.2x
memory allocation failed!
%.2x-%.2x-%.2x-%.2x-%.2x-%.2x
_^[YY]
TServerReaderU
#32770
SysListView32
KEYNAME
KEYNAME
TaskbarCreated
Delphi Picture
Delphi Component
TaskbarCreated
DCDATA
GENCODE
NETDATA
DCMUTEX
EDTPATH
COMBOPATH
INSTALL
KEYNAME
CHANGEDATE
EDTDATE
FAKEMSG
MSGICON
MSGTITLE
MSGCORE
FILEATTRIB
DIRATTRIB
CHIDEF
attrib "
" +s +h
CHIDED
notepad
PERSINST
MULTIBIND
MULTIPLUGS
Runtime error     at 00000000
0123456789ABCDEF
MS Sans Serif
0123456789abcdef
 deflate 1.2.3 Copyright 1995-2005 Jean-loup Gailly 
invalid distance too far back
invalid distance code
invalid literal/length code
incorrect header check
unknown compression method
invalid window size
invalid block type
invalid stored block lengths
too many length or distance symbols
invalid code lengths set
invalid bit length repeat
invalid literal/lengths set
invalid distances set
invalid literal/length code
invalid distance code
invalid distance too far back
incorrect data check
 inflate 1.2.3 Copyright 1995-2005 Mark Adler 
								
E`E`E`E`E`E`E`E`E`E`E`E`E`E`E`E`E
E`E`E`E`E`E`E`E`
dElElElElElElElEl
KERNEL32.DLL
KERNEL32.DLL
KERNEL32.DLL
KERNEL32.DLL
advapi32.dll
advapi32.dll
advapi32.dll
AVICAP32.DLL
comctl32.dll
gdi32.dll
gdiplus.dll
msacm32.dll
netapi32.dll
netapi32.dll
ntdll.dll
ole32.dll
ole32.dll
oleaut32.dll
oleaut32.dll
oleaut32.dll
shell32.dll
shell32.dll
shell32.dll
SHFolder.dll
URLMON.DLL
user32.dll
user32.dll
user32.dll
version.dll
wininet.dll
winmm.dll
WS2_32.DLL
wsock32.dll
lstrcpyA
WriteProcessMemory
WriteFile
WinExec
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQuery
VirtualProtectEx
VirtualProtect
VirtualFreeEx
VirtualFree
VirtualAllocEx
VirtualAlloc
VerLanguageNameA
UnmapViewOfFile
TerminateProcess
SizeofResource
SetThreadPriority
SetThreadLocale
SetThreadContext
SetLastError
SetFileTime
SetFilePointer
SetFileAttributesA
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadProcessMemory
ReadFile
PeekNamedPipe
OpenProcess
MultiByteToWideChar
MulDiv
MoveFileA
MapViewOfFile
LockResource
LocalFileTimeToFileTime
LocalAlloc
LoadResource
LoadLibraryA
LeaveCriticalSection
IsBadReadPtr
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalMemoryStatus
GlobalLock
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetVersion
GetUserDefaultLangID
GetTickCount
GetThreadLocale
GetThreadContext
GetTempPathA
GetSystemPowerStatus
GetSystemDirectoryA
GetStdHandle
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileTime
GetFileSize
GetFileAttributesA
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableA
GetDriveTypeA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitThread
ExitProcess
EnumResourceNamesA
EnumCalendarInfoA
EnterCriticalSection
DosDateTimeToFileTime
DeleteFileA
DeleteCriticalSection
CreateThread
CreateRemoteThread
CreateProcessA
CreatePipe
CreateMutexA
CreateFileMappingA
CreateFileA
CreateEventA
CreateDirectoryA
CopyFileA
CompareStringA
CloseHandle
GetACP
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringA
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegFlushKey
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueA
LookupPrivilegeNameA
LookupPrivilegeDisplayNameA
LookupAccountSidA
IsValidSid
GetUserNameA
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
GetCurrentHwProfileA
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
StartServiceA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
EnumServicesStatusA
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
capGetDriverDescriptionA
_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
UnrealizeObject
StretchBlt
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
RectVisible
RealizePalette
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectA
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
ExtTextOutA
ExcludeClipRect
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
BitBlt
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipSaveImageToStream
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
acmStreamUnprepareHeader
acmStreamPrepareHeader
acmStreamConvert
acmStreamReset
acmStreamSize
acmStreamClose
acmStreamOpen
Netbios
NetApiBufferFree
NetShareGetInfo
NetShareEnum
NtUnmapViewOfSection
NtQuerySystemInformation
CoTaskMemFree
CLSIDFromProgID
ProgIDFromCLSID
StringFromCLSID
CoCreateInstance
CoUninitialize
CoInitialize
IsEqualGUID
CoTaskMemFree
StringFromCLSID
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit
GetErrorInfo
GetActiveObject
SysFreeString
SysFreeString
SysReAllocStringLen
SysAllocStringLen
ShellExecuteExA
ShellExecuteA
SHGetFileInfoA
SHFileOperationA
DragQueryFileA
SHEmptyRecycleBinA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFolderPathA
URLDownloadToFileA
CreateWindowExA
mouse_event
keybd_event
WindowFromPoint
WaitMessage
VkKeyScanA
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
ToAscii
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExA
SetWindowTextA
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetParent
SetMenuItemInfoA
SetMenu
SetForegroundWindow
SetFocus
SetCursorPos
SetCursor
SetClipboardData
SetClassLongA
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
OemToCharA
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxA
MapWindowPoints
MapVirtualKeyA
LockWorkStation
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsClipboardFormatAvailable
IsChild
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
GetWindowThreadProcessId
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMessagePos
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastInputInfo
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowExA
FindWindowA
FillRect
ExitWindowsEx
EqualRect
EnumWindows
EnumThreadWindows
EnumDisplayDevicesA
EnumClipboardFormats
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreatePopupMenu
CreateMenu
CreateIcon
CloseClipboard
ClientToScreen
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
CharNextA
CharLowerBuffA
CharLowerA
CharUpperBuffA
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout
GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
EnumDisplayMonitors
GetMonitorInfoA
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetConnectA
InternetCloseHandle
HttpQueryInfoA
FtpPutFileA
waveInUnprepareHeader
waveInStart
waveInReset
waveInPrepareHeader
waveInOpen
waveInClose
waveInAddBuffer
PlaySoundA
mciSendStringA
WSAIoctl
__WSAFDIsSet
WSACleanup
WSAStartup
WSAGetLastError
gethostname
getservbyname
gethostbyname
gethostbyaddr
socket
shutdown
sendto
select
listen
ioctlsocket
inet_ntoa
inet_addr
getsockname
connect
closesocket
accept
lll'lll'lll'lll'lll'lll'lll'lll'lll'lll'kkk
hWajjj
kkk;lllKlllKlllKlllKlllKlllKlllKlllKlllKlllKlllKlllKlllKlllKlllKlllKlllKlllKlllKkkkKlll9kkk
kkkIjjj
skgUjjj
fTmfff
lll;kkkUlllakkkclllclllclllclllclllclllclllclllclllclllclllclllclllclllckkkclllclllckkkclllclllckkkclllclllckkkclllclllckkkckkkalllUkkk9kkk
lllEmlk}~i`
mkk{kkkAjjj
lkjUkkk
kkkMjjj
lll)kkk
yicYiii
h\1ooo
gY3mmm
gY3mmm
fX3mmm
eX3mmm
dW3lll
dW3lll
cW3lll
vi3lll
yl3mmm
```	jjj
mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!mmm!jjj!mmm
fff	hhh
lll9lllSkkkglllqlllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllulllukkkqkkkglllSkkk9lll
mmm=kkkilll
lllgkkk;iii
mmm!kkkSlll
kkkQkkk
kkkYuje
kkkUkkk
lllKzib
kkkGjjj
kkk1ujd
lll-jjj
kkkQmmm
kkk#eee
iii	kkk9
lll3fff
zkdKooo
fSkqqq
dMyooo
dLyooo
dLyooo
cLyooo
cLyooo
cLyooo
cLyooo
cLyooo
bLyooo
bLyooo
bLyooo
aKyooo
aKyooo
aKyooo
`Kyooo
`Kyooo
_Kyooo
_Kyooo
_Jyooo
_Jyooo
_Jyooo
_Iyooo
^Iyooo
^Iyooo
]Iyooo
]Iyooo
\Iyooo
\Iyooo
[Hyooo
eQyooo
|gyooo
|gyooo
}hyooo
~iyooo
kkk%kkk+kkk-nnn1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1lll1jjj1kkk-mmm)mmm%lll
nnn!lll+mmm7mmmCkkkMmmmUmmmYmmm]lll]lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll_lll]lll]kkkYkkkUlllMmmmAkkk7nnn+mmm
kkk%lll5mmmElllUmmmelllqlll{kkk
lll{mmmolllckkkUjjjCmmm3mmm#ooo
ooo#nnn5nnnIkkk_mmmslll
kkkolll]lllGmmm3kkk!jjj
jjj	fff
jjj-lllCmmm]lllukkk
lllqkkkYlllAiii)kkk
mmm3jjjOlllkmmm
mmmgjjjMnnn1jjj
kkk9lllWkkkummm
kkkskkkSlll5kkk
kkk9kkkYkkk{lll
lllwlllUlll5jjj
lll5lllWlll{lll
lllwkkkSlll1kkk
ttt	UUU
mmm-lllQlllwlll
mmmsjjjMooo)jjj
jjj#mmmEmmmmlll
lllilllAkkk!ppp
ttt	lll
kkk7mmm_kkk
nnnYmmm3ooo
jjj'lllMmmmw
mmmqlllGjjj#iii
]]]	ppp
mmm7kkkcxjc
kkk]mmm3mmm
jjj#lllIkkku
kkkommmCmmm
lll/mmmY
lllSkkk+hhh
ttt	mmm
mmm=mmmi
lllckkk7ooo
iii#lllI
mmmAlll
kkk)lllS
mmmMmmm%iii
mmm/rkga
umi[mmm)mmm
i[ykkk-ooo
ppp/ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
lll1ppp
nnn1ppp
ooo-ooo
kkk+mmm
kkk%iii
ttt	qqq
D57ABA5857F0AFF67584605E90BE4665C9814BEEC7ED390E0271A42F098683FF146F5F3CD58FDA8B3FFF3C123A0EC2D76EFD53FF95B7DF4AC7EDF9F80DE87EFB56127704CE8AC598566BB4B78C91E0E9072494578B48A7C3673BE8A9380E49499E7629B68566DE19B7856A00A2F225F9F285851A594AFF38AC2646C2ADAC616C640F122BEB31EE9E7040193ADB84B182000C691823327D5B0800CF78E32083ECAF248F30A27AA88E54858A619447D304EF7AC579FAE8F18BFA029F6D88108F53F19C71630AEA3F32FFD0B849B9F5C40A99C2A954D0BC5F18A895639BBE21A2820EBCE6607447459DAC08555B46A498AA673C3FD1F73AF047187CE78D24F379DB8CDB239CC4BD22A2448BA4EB768417B5D797EE8D9E39836DB64C6EF0E2F06AA0776F6080B15DC01F859AAAE4529F600E12BE7AF88497B16D9F800D47659088A1ED8DA051DAFE0EE79087A492E4C23D9936B87A2F2A320APA
{<:y&q?	
server
UntKeylogger
UntMain
)UntDownloaderThread
UntSinInfo
UntCore
UntVars
UntRDPThread
UTypes
SysInit
System
UntDisableAero
KWindows
ZLibEx
^Classes
SysConst
"RTLConsts
sActiveX
3Messages
QTypInfo
SysUtils
ImageHlp
CVariants
$VarUtils
+Graphics
Consts
8Registry
IniFiles
WinSock
+UntAsyncTask
hUntSendStream
RUntRC4
UntActivePorts
TlHelp32
UntSoundCaptureThread
GMMSystem
KACMConvertor
[ACMIn
bListUnit
UntMainConnectionThread
+UntScreenCapture
7UntInputsControls
UntRemoteDesktop
UntResizePic
"GDIPUTIL
,GDIPOBJ
GDIPAPI
DirectDraw
*ShellAPI
UntControlKey
GMD5Api
=MD5Core
)UntRemoteShell
mUntSendDataFluxThread
UntKeepAlive
NUntPluginsData
8DLLMemory
"UntIPUtils
IUntSocks5
UntCaptureWebcam
UntWebCam
`VFrames
SyncObjs
VSample
ADirectShow9
FComObj
qComConst
yDirect3D9
DXTypes
DirectSound
dUntSearchThread
CryptApi
(ShlObj
UrlMon
?WinInet
RegStr
CommCtrl
untstartup
(UntUploadFTPThread
UntFTP
UntRemoteUtils
|afxCodeHook
UntQuickTransferThread
2UntDCSettingsReader
aUntWIFI
7nduWlanTypes
nduCType
nduWlanAPI
nduEapTypes
=nduWinNT
nduWinDot11
:nduNtDDNdis
nduL2cmn
DUntScreenThumb
UntReceiveDataFluxThread
UntSendFileThread
 UntFWB
TSHFolder
UntReceiveFileThread
_UntUDPFlood
dUntSynFlood
YUntScanPorts
xUSock
UntRPCScan
UntInfections
iUntProcess
UntServices
WinSvc
UntFun
0UntPasswordAndData
UntMClipboard
Clipbrd
CUxTheme
DwmApi
5Themes
&Controls
EActnList
vMenus
ImgList
Contnrs
MultiMon
StdActns
YStrUtils
Dialogs
RHelpIntfs
WideStrUtils
ExtCtrls
GraphUtil
dStdCtrls
Printers
WWinSpool
3CommDlg
FlatSB
(UntBot
UntMSN
cMessengerAPI_TLB
StdVCL
OleServer
OleConst
UntMsConfig
UntWindowManager
UntRegEdit
UntNetShareLister
XUntHTTPFlood
UntCPU
0UntMiscFunc
untFunctions
Sockets
UntRootKit
UntServerReader
UntAntiSB